Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/wbmcyt86rWqiT8Ie0hOojMvC-XY.roa
File: wbmcyt86rWqiT8Ie0hOojMvC-XY.roa (raw, json)
Hash identifier: jccCscsUAl2C9NMtsONi7BAPar/JpxkmtmKliySmSDA=
Subject key identifier: C1:B9:9C:CA:DF:3A:AD:6A:A2:4F:C2:1E:D2:13:A8:8C:CB:C2:F9:76
Certificate issuer: /CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Certificate serial: 0881DE0F
Authority key identifier: 35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/wbmcyt86rWqiT8Ie0hOojMvC-XY.roa
Signing time: Wed 01 Jun 2022 15:11:20 +0000
ROA not before: Wed 01 Jun 2022 15:11:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35600
IP address blocks: 185.56.176.0/22 maxlen: 22
31.193.240.0/21 maxlen: 24
194.117.246.0/23 maxlen: 23
2001:67c:184c::/48 maxlen: 48
2a02:5520::/32 maxlen: 32
2a00:4780::/32 maxlen: 32
2a0e:ac80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142728719 (0x881de0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352f8919e6bc1ef5663489018fc875be34c0f24c
Validity
Not Before: Jun 1 15:11:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1b99ccadf3aad6aa24fc21ed213a88ccbc2f976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2e:96:26:7e:f5:b3:5d:71:9a:27:12:90:5b:
88:d5:3b:c8:b2:28:52:67:e5:90:86:6c:03:15:b3:
ab:13:cf:90:4d:46:96:5c:0b:b7:0d:fa:51:0c:e5:
26:c6:5b:6f:85:d0:72:a7:e9:84:28:8e:04:bc:29:
3e:4d:8b:63:fd:37:a0:39:32:5d:c9:e3:55:f9:87:
f0:47:0d:c7:92:b4:63:eb:65:2d:7b:45:89:85:bd:
73:0b:84:c5:10:63:79:60:b7:8d:41:9b:9c:e6:eb:
18:7b:c7:15:56:33:c8:8b:74:42:0d:df:3c:6b:69:
55:10:3e:86:bb:e7:34:b5:64:09:38:08:2f:08:c3:
58:f5:c4:00:3d:0b:f0:9d:52:ce:5d:4c:ad:a4:cb:
63:b5:0d:9b:f0:79:a7:2a:2c:b7:31:c0:e9:d4:f5:
7b:b0:02:29:e2:74:05:96:c9:c0:04:27:fc:04:09:
0a:41:93:68:28:a2:4d:35:10:ec:8a:a5:e6:c5:68:
87:2b:51:a1:48:f4:44:b6:31:fb:98:20:6f:b4:93:
4c:b3:f5:9d:6c:27:05:4a:41:0e:97:0e:37:4c:e6:
0b:2b:b7:f9:01:ca:54:9b:8c:9d:e0:ef:4c:36:7b:
5f:23:21:db:02:c6:81:ed:11:e9:2d:d7:7a:73:d1:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B9:9C:CA:DF:3A:AD:6A:A2:4F:C2:1E:D2:13:A8:8C:CB:C2:F9:76
X509v3 Authority Key Identifier:
keyid:35:2F:89:19:E6:BC:1E:F5:66:34:89:01:8F:C8:75:BE:34:C0:F2:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NS-JGea8HvVmNIkBj8h1vjTA8kw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/wbmcyt86rWqiT8Ie0hOojMvC-XY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/cf943d-c921-4ef7-9aa0-e3fcb23e3438/1/NS-JGea8HvVmNIkBj8h1vjTA8kw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.240.0/21
185.56.176.0/22
194.117.246.0/23
IPv6:
2001:67c:184c::/48
2a00:4780::/32
2a02:5520::/32
2a0e:ac80::/29
Signature Algorithm: sha256WithRSAEncryption
66:d3:8b:4e:a3:b8:91:ae:75:3b:cd:c8:b7:1b:81:9b:28:68:
48:cb:1f:37:77:62:68:ed:1d:aa:f3:a7:f3:a4:ce:6d:f4:55:
eb:0c:60:d4:b4:21:4b:c0:69:7f:f6:19:97:82:06:ab:a1:8e:
74:e4:50:87:33:bd:67:ae:cd:3e:9b:da:18:c1:04:85:43:68:
a3:3c:46:88:e8:65:05:9e:27:80:07:77:03:f6:c6:b9:3b:f4:
1c:a7:45:0f:3c:07:bc:d5:bf:1f:84:4c:6d:e1:43:f7:6e:5e:
3a:56:69:a8:ed:bc:92:9c:28:d9:83:e1:f2:2e:0e:d4:14:4c:
cd:13:d2:e6:74:55:3c:39:4b:68:62:47:40:bd:87:a2:ac:71:
a5:b9:f2:dc:81:1b:b3:cf:9f:cd:c9:56:03:f4:c8:a0:e3:c8:
b2:81:50:a4:d8:cd:02:b5:57:6c:7d:b7:a1:42:f5:d4:6b:f5:
ab:d7:5a:d1:8c:ac:20:45:f2:2b:80:7d:a6:65:22:ed:33:54:
ae:d8:d9:83:20:0b:e3:2b:d2:65:ff:50:af:81:f8:1a:ee:4b:
41:ce:4c:b3:0f:84:dc:46:e1:4e:d0:ba:bc:80:32:51:3d:60:
c7:a2:45:10:be:e0:ad:21:4a:f7:d8:d3:6d:8c:36:c2:99:1b:
5c:bf:76:bb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIECIHeDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTJmODkxOWU2YmMxZWY1NjYzNDg5MDE4ZmM4NzViZTM0YzBmMjRjMB4XDTIyMDYw
MTE1MTEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzFiOTljY2FkZjNh
YWQ2YWEyNGZjMjFlZDIxM2E4OGNjYmMyZjk3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUuliZ+9bNdcZonEpBbiNU7yLIoUmflkIZsAxWzqxPPkE1G
llwLtw36UQzlJsZbb4XQcqfphCiOBLwpPk2LY/03oDkyXcnjVfmH8EcNx5K0Y+tl
LXtFiYW9cwuExRBjeWC3jUGbnObrGHvHFVYzyIt0Qg3fPGtpVRA+hrvnNLVkCTgI
LwjDWPXEAD0L8J1Szl1MraTLY7UNm/B5pyostzHA6dT1e7ACKeJ0BZbJwAQn/AQJ
CkGTaCiiTTUQ7Iql5sVohytRoUj0RLYx+5ggb7STTLP1nWwnBUpBDpcON0zmCyu3
+QHKVJuMneDvTDZ7XyMh2wLGge0R6S3XenPRhbcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBTBuZzK3zqtaqJPwh7SE6iMy8L5djAfBgNVHSMEGDAWgBQ1L4kZ5rwe9WY0
iQGPyHW+NMDyTDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05TLUpHZWE4SHZWbU5Ja0JqOGgxdmpUQThrdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvY2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8x
L3dibWN5dDg2cldxaVQ4SWUwaE9vak12Qy1YWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
Y2Y5NDNkLWM5MjEtNGVmNy05YWEwLWUzZmNiMjNlMzQzOC8xL05TLUpHZWE4SHZW
bU5Ja0JqOGgxdmpUQThrdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwGAQCAAEwEgMEAx/B8AMEArk4sAMEAcJ19jAkBAIA
AjAeAwcAIAEGfBhMAwUAKgBHgAMFACoCVSADBQMqDqyAMA0GCSqGSIb3DQEBCwUA
A4IBAQBm04tOo7iRrnU7zci3G4GbKGhIyx83d2Jo7R2q86fzpM5t9FXrDGDUtCFL
wGl/9hmXggaroY505FCHM71nrs0+m9oYwQSFQ2ijPEaI6GUFnieAB3cD9sa5O/Qc
p0UPPAe81b8fhExt4UP3bl46Vmmo7bySnCjZg+HyLg7UFEzNE9LmdFU8OUtoYkdA
vYeirHGlufLcgRuzz5/NyVYD9Mig48iygVCk2M0CtVdsfbehQvXUa/Wr11rRjKwg
RfIrgH2mZSLtM1Su2NmDIAvjK9Jl/1Cvgfga7ktBzkyzD4TcRuFO0Lq8gDJRPWDH
okUQvuCtIUr32NNtjDbCmRtcv3a7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:37 2024 by rpki-client on console-fra.rpki-client.org