Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/WtBChFAr4oOokRmq_DnNiODDEqk.roa
File: WtBChFAr4oOokRmq_DnNiODDEqk.roa (raw, json)
Hash identifier: wVJzy8CSQYgZFrmxylCHM6vu575EEQr9Rwg1KsFfG6U=
Subject key identifier: 5A:D0:42:84:50:2B:E2:83:A8:91:19:AA:FC:39:CD:88:E0:C3:12:A9
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41D3219B1F679FA10D5886B2ADBDAD
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/WtBChFAr4oOokRmq_DnNiODDEqk.roa
Signing time: Sun 01 Jan 2023 16:54:45 +0000
ROA not before: Sun 01 Jan 2023 16:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34847
IP address blocks: 89.33.119.0/24 maxlen: 24
86.107.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d3:21:9b:1f:67:9f:a1:0d:58:86:b2:ad:bd:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ad04284502be283a89119aafc39cd88e0c312a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b7:5f:9a:19:6b:e1:c1:84:70:47:5f:7f:b1:
ec:fb:21:1e:aa:3d:79:0e:b7:2c:bd:25:04:ed:d5:
36:69:6e:bd:4c:ed:13:24:3d:43:40:24:af:f9:18:
27:ce:68:27:1c:5d:76:a0:af:ac:e1:fb:e3:90:53:
55:52:b2:6c:e3:b4:2f:36:81:fc:4c:02:ce:e0:5c:
eb:76:63:6c:be:29:75:1d:c4:a7:6a:2e:36:35:71:
90:7c:7e:1e:3c:f0:53:43:5b:d5:01:e3:76:eb:02:
4b:3e:f4:66:58:2e:57:29:31:72:3d:18:11:b3:1c:
bf:7f:e5:2a:90:be:67:ae:6f:42:86:60:5d:42:d9:
b3:49:b3:52:f1:fa:b4:e2:e0:b1:ce:1e:54:96:b8:
c7:3c:b5:22:32:6a:78:83:f8:9f:17:2d:3b:23:e2:
f1:9e:57:0f:e9:22:c6:2b:7b:82:8f:75:41:07:c5:
ea:b3:ca:96:35:16:aa:5b:02:a7:e3:9e:d1:66:fe:
1d:6d:49:5a:a6:58:be:30:74:0f:9a:9f:9d:94:73:
87:fc:85:14:d0:48:07:31:3f:ee:bd:60:53:87:84:
f0:02:68:52:16:47:0e:fc:88:97:85:7f:6d:d2:e9:
9a:53:2a:08:3c:7e:62:71:b6:13:cb:8a:74:df:6c:
d9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:D0:42:84:50:2B:E2:83:A8:91:19:AA:FC:39:CD:88:E0:C3:12:A9
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/WtBChFAr4oOokRmq_DnNiODDEqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.76.0/24
89.33.119.0/24
Signature Algorithm: sha256WithRSAEncryption
44:42:ac:0d:0c:58:a7:4c:25:a6:6c:98:09:44:9f:01:d1:3c:
1a:ec:5a:a5:a3:9c:a8:52:09:e1:e8:c5:db:95:55:f6:6a:35:
a3:1f:8e:a5:d1:76:a6:22:c5:61:0b:e6:c5:34:92:19:1e:36:
08:91:cb:86:b7:5a:a9:a4:af:bc:7f:f8:9c:c4:64:52:94:15:
02:5a:0e:ea:14:48:5c:34:45:35:93:0e:33:b5:aa:20:1e:62:
97:b0:16:bc:8e:d6:6b:77:be:21:bb:1e:be:0f:32:a8:ca:ff:
e8:11:74:44:28:99:8e:16:21:8b:51:fc:46:11:ed:c3:34:d5:
71:17:f8:db:e5:5d:e5:a0:a6:65:9a:8d:4f:ce:94:51:53:7b:
6c:6d:a1:70:ff:ab:e5:b7:85:63:81:61:0e:43:27:2d:29:03:
20:f6:b9:9e:7e:87:5f:7a:4d:28:e7:bb:3c:3a:cd:aa:70:52:
19:c8:ce:ed:22:5a:f6:a9:f1:63:96:33:45:09:de:c8:ab:64:
ec:c5:8f:a6:f2:2c:e3:9a:5f:0a:0f:94:ec:9a:9b:4b:d1:19:
32:ee:97:16:b0:60:23:32:86:56:09:db:4d:d4:16:ee:7b:77:
23:64:14:23:e8:c0:07:71:18:a1:8a:7e:66:78:92:71:d3:d3:
50:c2:1b:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVuQdMhmx9nn6ENWIayrb2tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWQwNDI4NDUwMmJlMjgzYTg5MTE5YWFmYzM5Y2Q4OGUwYzMxMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrdfmhlr4cGEcEdff7Hs+yEeqj15
DrcsvSUE7dU2aW69TO0TJD1DQCSv+RgnzmgnHF12oK+s4fvjkFNVUrJs47QvNoH8
TALO4FzrdmNsvil1HcSnai42NXGQfH4ePPBTQ1vVAeN26wJLPvRmWC5XKTFyPRgR
sxy/f+UqkL5nrm9ChmBdQtmzSbNS8fq04uCxzh5UlrjHPLUiMmp4g/ifFy07I+Lx
nlcP6SLGK3uCj3VBB8Xqs8qWNRaqWwKn457RZv4dbUlapli+MHQPmp+dlHOH/IUU
0EgHMT/uvWBTh4TwAmhSFkcO/IiXhX9t0umaUyoIPH5icbYTy4p032zZywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFrQQoRQK+KDqJEZqvw5zYjgwxKpMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvV3RCQ2hGQXI0b09va1JtcV9Ebk5pT0RERXFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmtMAwQA
WSF3MA0GCSqGSIb3DQEBCwUAA4IBAQBEQqwNDFinTCWmbJgJRJ8B0Twa7Fqlo5yo
Ugnh6MXblVX2ajWjH46l0XamIsVhC+bFNJIZHjYIkcuGt1qppK+8f/icxGRSlBUC
Wg7qFEhcNEU1kw4ztaogHmKXsBa8jtZrd74hux6+DzKoyv/oEXREKJmOFiGLUfxG
Ee3DNNVxF/jb5V3loKZlmo1PzpRRU3tsbaFw/6vlt4VjgWEOQyctKQMg9rmefodf
ek0o57s8Os2qcFIZyM7tIlr2qfFjljNFCd7Iq2TsxY+m8izjml8KD5TsmptL0Rky
7pcWsGAjMoZWCdtN1Bbue3cjZBQj6MAHcRihin5meJJx09NQwhsi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:12:19 2025 by rpki-client