Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W48PtsLBH0wvfi74XOMewSWVcU0.roa
File: W48PtsLBH0wvfi74XOMewSWVcU0.roa (raw, json)
Hash identifier: dUwOv+h6+X/bizpnkH4wSppQrpTph29kVk43FpoPuyM=
Subject key identifier: 5B:8F:0F:B6:C2:C1:1F:4C:2F:7E:2E:F8:5C:E3:1E:C1:25:95:71:4D
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 0183F54F839D5EE352D34C1ED211C0448E80
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W48PtsLBH0wvfi74XOMewSWVcU0.roa
Signing time: Thu 20 Oct 2022 12:12:52 +0000
ROA not before: Thu 20 Oct 2022 12:12:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8262
IP address blocks: 194.12.224.0/19 maxlen: 19
194.12.231.0/24 maxlen: 24
194.12.249.0/24 maxlen: 24
194.12.254.0/24 maxlen: 24
82.119.92.0/24 maxlen: 24
82.119.95.0/24 maxlen: 24
82.119.94.0/24 maxlen: 24
185.92.132.0/22 maxlen: 22
82.119.64.0/19 maxlen: 19
82.119.68.0/24 maxlen: 24
82.119.69.0/24 maxlen: 24
82.119.75.0/24 maxlen: 24
82.119.74.0/24 maxlen: 24
82.119.84.0/24 maxlen: 24
82.119.83.0/24 maxlen: 24
82.119.80.0/21 maxlen: 21
89.252.223.0/24 maxlen: 24
89.252.241.0/24 maxlen: 24
89.252.246.0/24 maxlen: 24
89.252.192.0/18 maxlen: 18
89.252.199.0/24 maxlen: 24
89.252.200.0/24 maxlen: 24
85.14.36.0/24 maxlen: 24
85.14.44.0/24 maxlen: 24
85.14.49.0/24 maxlen: 24
85.14.47.0/24 maxlen: 24
176.67.233.0/24 maxlen: 24
85.14.0.0/23 maxlen: 23
85.14.0.0/18 maxlen: 18
176.67.234.0/24 maxlen: 24
85.14.12.0/24 maxlen: 24
85.14.13.0/24 maxlen: 24
85.14.24.0/24 maxlen: 24
2001:1ae0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:4f:83:9d:5e:e3:52:d3:4c:1e:d2:11:c0:44:8e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Oct 20 12:12:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5b8f0fb6c2c11f4c2f7e2ef85ce31ec12595714d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:80:61:52:e3:c8:8d:c8:bc:cc:81:21:0c:0b:
fe:d2:fe:f3:68:be:4d:90:dc:7d:6b:31:45:28:0c:
4d:08:ce:73:4b:63:8f:0d:e7:7e:76:c9:bb:3b:27:
18:6d:ea:5c:44:db:aa:b4:dc:8c:c1:d9:9e:a3:fc:
8b:61:6c:a2:40:8f:bc:7d:f0:8c:4d:b1:46:c8:e9:
98:66:f5:7b:cb:59:79:a5:23:83:c1:09:ee:9d:18:
ff:1e:04:9f:64:3f:ce:da:88:49:f8:ea:92:7a:67:
0c:a8:c2:a5:e1:eb:27:7f:63:a9:83:c2:d0:da:9a:
d9:6f:90:bd:f0:42:c6:a0:b4:56:1c:b8:de:ef:56:
2b:38:b5:f0:35:5f:fd:7c:c0:7d:41:23:c0:1f:27:
d8:d2:32:c9:cd:55:52:7c:d9:e9:18:14:68:7b:ea:
f3:3c:6f:f6:5a:31:19:55:ed:c4:6a:97:a5:62:40:
59:9c:3d:c3:2b:cb:f7:af:47:8f:f4:8a:83:a1:63:
d8:d0:3e:58:5d:c7:81:76:82:6c:e5:27:1e:d9:b3:
01:ef:2c:22:da:b2:45:7f:2b:b9:1a:d4:1f:d8:8a:
f2:f3:e5:1a:c8:ec:1c:54:e8:1c:23:b0:11:61:23:
ed:b2:cc:cb:04:b8:a6:51:61:17:c2:a9:6b:40:d7:
27:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:8F:0F:B6:C2:C1:1F:4C:2F:7E:2E:F8:5C:E3:1E:C1:25:95:71:4D
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/W48PtsLBH0wvfi74XOMewSWVcU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.119.64.0/19
85.14.0.0/18
89.252.192.0/18
176.67.233.0-176.67.234.255
185.92.132.0/22
194.12.224.0/19
IPv6:
2001:1ae0::/32
Signature Algorithm: sha256WithRSAEncryption
24:b1:68:27:44:0b:76:5a:fc:34:93:c7:3d:e0:83:c0:e3:86:
b8:64:de:9c:74:a3:b9:37:df:00:51:f4:06:c3:7b:34:95:9a:
2a:99:d2:12:97:7f:62:05:6d:7f:65:af:a6:85:bf:6c:e6:88:
b0:dc:a7:de:c9:55:c6:9e:04:9e:d6:75:4f:f2:51:5b:61:21:
ca:ad:81:76:ca:42:58:92:d6:27:ce:41:c9:1f:d3:69:96:74:
34:70:42:4c:c6:03:11:9a:ce:40:93:69:3f:8e:17:3e:33:1c:
de:ae:81:65:e6:de:cb:3e:7b:25:ba:d6:9a:d9:ca:3a:dc:67:
a4:5a:76:24:22:9d:b0:1f:e2:50:fb:94:4e:f3:fc:08:f0:d9:
14:88:43:bb:68:6f:f5:9c:25:2d:bd:a0:4c:f5:4b:1e:22:2e:
b6:8c:56:cd:9e:dd:d1:e2:91:1e:30:ce:a0:6d:b6:14:13:53:
a1:1a:cc:79:f3:43:69:3c:12:d6:39:b5:35:d2:11:a7:77:5c:
31:14:a8:7b:c1:0c:27:75:eb:af:27:54:cc:89:db:14:ad:b0:
71:41:ff:9c:27:9b:b6:76:ee:54:44:dc:c5:66:70:bd:1f:43:
20:0f:bf:aa:f3:c0:39:3d:0b:66:65:06:06:6b:45:50:80:00:
d4:02:32:d8
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYP1T4OdXuNS00we0hHARI6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMDRhNDA4MjFjNDE3NmNjNDJlMjU1ZWY2YzE3Mjc0NzNj
M2YwMGEwHhcNMjIxMDIwMTIxMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjhmMGZiNmMyYzExZjRjMmY3ZTJlZjg1Y2UzMWVjMTI1OTU3MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgIBhUuPIjci8zIEhDAv+0v7zaL5N
kNx9azFFKAxNCM5zS2OPDed+dsm7OycYbepcRNuqtNyMwdmeo/yLYWyiQI+8ffCM
TbFGyOmYZvV7y1l5pSODwQnunRj/HgSfZD/O2ohJ+OqSemcMqMKl4esnf2Opg8LQ
2prZb5C98ELGoLRWHLje71YrOLXwNV/9fMB9QSPAHyfY0jLJzVVSfNnpGBRoe+rz
PG/2WjEZVe3EapelYkBZnD3DK8v3r0eP9IqDoWPY0D5YXceBdoJs5Sce2bMB7ywi
2rJFfyu5GtQf2Iry8+UayOwcVOgcI7ARYSPtsszLBLimUWEXwqlrQNcn7QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFFuPD7bCwR9ML34u+FzjHsEllXFNMB8GA1UdIwQY
MBaAFEEEpAghxBdsxC4lXvbBcnRzw/AKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMt
YjI3ZDZlMjc4ZTE4LzEvVzQ4UHRzTEJIMHd2Zmk3NFhPTWV3U1dWY1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS85Njk5NjItMTJkMy00MWIyLWFiNDMtYjI3ZDZlMjc4ZTE4
LzEvUVFTa0NDSEVGMnpFTGlWZTlzRnlkSFBEOEFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQFUndAAwQG
VQ4AAwQGWfzAMAwDBACwQ+kDBACwQ+oDBAK5XIQDBAXCDOAwDQQCAAIwBwMFACAB
GuAwDQYJKoZIhvcNAQELBQADggEBACSxaCdEC3Za/DSTxz3gg8Djhrhk3px0o7k3
3wBR9AbDezSVmiqZ0hKXf2IFbX9lr6aFv2zmiLDcp97JVcaeBJ7WdU/yUVthIcqt
gXbKQliS1ifOQckf02mWdDRwQkzGAxGazkCTaT+OFz4zHN6ugWXm3ss+eyW61prZ
yjrcZ6RadiQinbAf4lD7lE7z/Ajw2RSIQ7tob/WcJS29oEz1Sx4iLraMVs2e3dHi
kR4wzqBtthQTU6EazHnzQ2k8EtY5tTXSEad3XDEUqHvBDCd1668nVMyJ2xStsHFB
/5wnm7Z27lRE3MVmcL0fQyAPv6rzwDk9C2ZlBgZrRVCAANQCMtg=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:56 2024 by rpki-client on console-fra.rpki-client.org