Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wZsv9X4ZNLeUFm2jxhWRckfYj7k.roa
File: wZsv9X4ZNLeUFm2jxhWRckfYj7k.roa (raw, json)
Hash identifier: TK0ydbKTYlLZfzOeSUb+2O49ZuZY4x1g4BvS5UwTv0g=
Subject key identifier: C1:9B:2F:F5:7E:19:34:B7:94:16:6D:A3:C6:15:91:72:47:D8:8F:B9
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 07F1FB0F
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wZsv9X4ZNLeUFm2jxhWRckfYj7k.roa
Signing time: Sat 01 Jan 2022 03:02:03 +0000
ROA not before: Sat 01 Jan 2022 03:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 91.186.208.0/22 maxlen: 24
178.253.32.0/23 maxlen: 24
178.253.32.0/24 maxlen: 24
178.253.33.0/24 maxlen: 24
83.147.240.0/22 maxlen: 24
178.253.55.0/24 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133298959 (0x7f1fb0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jan 1 03:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c19b2ff57e1934b794166da3c615917247d88fb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:40:85:7e:2d:ec:3b:07:7c:44:db:98:a4:2e:
4a:68:09:ab:bc:d4:d2:24:fe:2c:6a:fd:2b:09:86:
97:76:e8:fc:79:5b:52:8e:ab:2b:d1:11:64:a8:1d:
22:cf:b1:bd:4a:05:ea:02:05:83:26:44:eb:43:db:
d3:e0:91:c7:11:c7:40:f3:7e:a5:f0:39:3d:a2:63:
0e:ef:95:a2:e7:0d:eb:de:be:bc:0e:e8:55:f7:63:
17:06:03:78:f5:1f:16:9d:b2:b2:d6:d7:8a:ca:6d:
7d:1d:0f:d6:52:e6:0f:15:25:b9:0b:c5:40:f4:8d:
d3:e0:a0:e2:ea:18:7e:ab:bc:82:89:f7:ed:6a:18:
69:fd:11:53:39:de:06:38:85:9b:81:7f:c0:5a:6c:
29:f1:67:fc:2c:8e:56:53:a1:15:5d:4e:60:2b:2c:
3a:14:6c:11:c4:43:62:0e:ef:84:99:34:40:f7:43:
ad:43:a9:76:60:8d:30:c6:60:f7:17:f5:e9:71:82:
17:de:22:46:1f:b3:fe:3b:e5:25:7b:6f:f2:97:d8:
f5:a0:4d:49:6e:a5:21:c8:94:04:ff:1d:c6:b1:fd:
2a:a8:6a:81:d9:21:72:3e:39:22:3c:39:ce:07:7f:
88:29:be:62:b1:7b:6e:6f:98:50:4a:9e:4e:ba:07:
b4:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:9B:2F:F5:7E:19:34:B7:94:16:6D:A3:C6:15:91:72:47:D8:8F:B9
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wZsv9X4ZNLeUFm2jxhWRckfYj7k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/22
83.147.252.0/22
91.186.208.0/22
178.253.32.0/23
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:23:f8:d1:ba:66:57:b9:ee:cb:eb:05:d4:69:03:23:2c:05:
24:74:4e:1f:ee:ab:76:6f:3e:79:fe:7b:7b:9e:2b:f0:68:fd:
25:5b:97:74:7a:40:47:00:a3:6b:84:4f:b9:ca:61:32:d5:59:
ea:11:9b:27:22:54:d5:f8:0a:c4:e9:5c:ce:a3:bb:a7:0d:c9:
39:cb:dd:2c:dd:6a:65:d2:95:1c:d1:6b:b5:01:45:6a:c4:55:
09:48:cc:7b:26:32:12:40:02:76:8e:13:87:a1:1f:bf:f1:a5:
bb:b6:4b:db:11:1f:dc:95:79:3b:90:11:a4:c3:78:df:8d:41:
08:6b:62:78:95:88:ef:7f:a3:43:0d:58:a7:ed:b1:d4:d8:da:
78:2d:88:5f:7e:15:38:d9:7e:6c:0b:b6:41:dc:fa:1a:bd:e4:
13:57:45:0f:df:3b:d6:ae:2b:ce:9e:02:6f:19:ed:99:0e:07:
45:a6:0e:67:e9:a9:29:68:2f:34:7e:b7:7f:8d:d4:7b:39:48:
12:d4:9c:3b:72:6e:df:04:84:6a:f0:53:ed:a7:0d:fa:4c:14:
a4:28:72:fb:17:eb:dd:e5:eb:ae:0b:bf:95:1c:a2:94:b8:95:
e9:3c:e3:f1:3e:0f:3c:87:5a:09:a2:97:8e:1a:41:61:d2:e1:
e8:58:cf:4d
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB/H7DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDEw
MTAzMDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzE5YjJmZjU3ZTE5
MzRiNzk0MTY2ZGEzYzYxNTkxNzI0N2Q4OGZiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALFAhX4t7DsHfETbmKQuSmgJq7zU0iT+LGr9KwmGl3bo/Hlb
Uo6rK9ERZKgdIs+xvUoF6gIFgyZE60Pb0+CRxxHHQPN+pfA5PaJjDu+VoucN696+
vA7oVfdjFwYDePUfFp2ystbXisptfR0P1lLmDxUluQvFQPSN0+Cg4uoYfqu8gon3
7WoYaf0RUzneBjiFm4F/wFpsKfFn/CyOVlOhFV1OYCssOhRsEcRDYg7vhJk0QPdD
rUOpdmCNMMZg9xf16XGCF94iRh+z/jvlJXtv8pfY9aBNSW6lIciUBP8dxrH9Kqhq
gdkhcj45Ijw5zgd/iCm+YrF7bm+YUEqeTroHtI8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBTBmy/1fhk0t5QWbaPGFZFyR9iPuTAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L3dac3Y5WDRaTkxlVUZtMmp4aFdSY2tmWWo3ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlOT8AMEAlOT/AMEAlu60AMEAbL9
IAMEALL9NzANBgkqhkiG9w0BAQsFAAOCAQEAWiP40bpmV7nuy+sF1GkDIywFJHRO
H+6rdm8+ef57e54r8Gj9JVuXdHpARwCja4RPucphMtVZ6hGbJyJU1fgKxOlczqO7
pw3JOcvdLN1qZdKVHNFrtQFFasRVCUjMeyYyEkACdo4Th6Efv/Glu7ZL2xEf3JV5
O5ARpMN4341BCGtieJWI73+jQw1Yp+2x1NjaeC2IX34VONl+bAu2Qdz6Gr3kE1dF
D9871q4rzp4CbxntmQ4HRaYOZ+mpKWgvNH63f43UezlIEtScO3Ju3wSEavBT7acN
+kwUpChy+xfr3eXrrgu/lRyilLiV6Tzj8T4PPIdaCaKXjhpBYdLh6FjPTQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org