Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WrHoMRAXxUep5dSZ35tdJgjycQI.roa
File: WrHoMRAXxUep5dSZ35tdJgjycQI.roa (raw, json)
Hash identifier: XE26lPGEA2Csm6zVRTKg6WHHvKZ1jfUumt8cVLgswZA=
Subject key identifier: 5A:B1:E8:31:10:17:C5:47:A9:E5:D4:99:DF:9B:5D:26:08:F2:71:02
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 18803689
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WrHoMRAXxUep5dSZ35tdJgjycQI.roa
Signing time: Mon 31 Jan 2022 03:59:51 +0000
ROA not before: Mon 31 Jan 2022 03:59:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.120.7.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 24
185.122.57.0/24 maxlen: 24
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 411055753 (0x18803689)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 31 03:59:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ab1e8311017c547a9e5d499df9b5d2608f27102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a5:a7:5e:6b:51:a6:32:03:0e:75:bc:e2:b4:
55:8f:7c:f1:fe:4a:8f:13:27:4e:a3:7d:68:26:77:
e8:73:66:58:56:de:bd:b2:36:a3:d0:b8:5f:5d:32:
59:b3:65:61:f0:b0:0c:52:03:cf:13:4b:fa:0f:10:
ca:20:8e:a7:3e:29:e7:57:79:ad:bb:63:4a:24:45:
5a:1b:e0:3a:84:11:9c:59:10:7c:4b:ce:19:c0:9b:
f1:31:9f:1a:3b:11:7a:20:d4:f7:8a:23:9b:27:ca:
d7:cd:6b:2d:41:4f:f0:3b:80:65:3c:c0:76:84:2b:
41:d3:6c:8c:2f:cd:6b:04:24:d1:c5:3a:a8:39:52:
d1:18:d1:7d:5a:bb:51:d0:25:8b:8e:0f:34:cb:c0:
0f:b3:15:29:03:a0:e0:a4:00:9e:14:7c:cd:e0:8b:
e7:f8:71:45:61:9a:d1:84:05:d2:06:9f:43:f1:1a:
83:ef:97:90:ae:76:1b:23:c3:9a:88:4b:f7:a2:c6:
f7:21:a3:87:bb:3d:1e:4c:f4:a7:10:cc:75:65:de:
b3:7b:5a:6a:0a:00:fe:a2:18:46:9b:fc:3e:f3:9c:
1d:bb:d3:36:24:23:18:b3:11:7c:d6:06:99:a4:56:
6b:fb:e1:17:15:3f:e2:62:00:93:39:f0:5f:44:b8:
1a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B1:E8:31:10:17:C5:47:A9:E5:D4:99:DF:9B:5D:26:08:F2:71:02
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/WrHoMRAXxUep5dSZ35tdJgjycQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.120.7.0/24
185.122.56.0/23
185.122.59.0/24
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
1a:22:ff:3e:34:15:3f:ca:66:37:92:da:55:f2:5b:5e:7e:bf:
3c:fc:52:5c:a4:75:d4:53:6e:8f:92:75:7c:04:d7:64:fc:0b:
b2:9f:78:46:3a:85:e3:c0:0a:63:30:2f:08:45:d1:9a:4e:4f:
31:fb:e7:9a:60:05:1e:c2:41:29:8e:29:9e:fa:30:d4:90:b9:
fb:e4:b7:bd:b6:29:bb:d8:1d:1c:54:37:43:cd:b9:47:68:9a:
5b:8f:80:9e:50:05:3f:b3:3b:2f:be:f1:66:87:e4:89:94:f8:
e2:75:92:f1:b9:58:23:9a:6e:c1:a5:31:eb:21:3a:80:8a:91:
c8:55:60:99:cf:63:c8:4a:bb:90:68:97:e4:ef:0c:0c:b6:21:
b4:58:b7:f9:e4:c6:c6:76:4e:05:82:80:2b:2a:a6:d2:0d:06:
ba:a3:a8:f5:83:36:a7:96:65:9c:47:de:0c:1c:76:cd:38:9f:
de:7a:cc:90:fb:17:1f:e9:ec:1e:b7:be:43:d6:55:f5:a9:fd:
ca:d0:d8:d4:ab:51:62:c4:db:82:87:3d:50:5b:15:8d:c7:1a:
6a:84:42:30:d4:22:a4:d5:80:73:4b:87:74:66:46:9c:59:34:
66:ad:b4:60:71:c8:cb:f7:73:6c:ce:42:0a:ef:c5:dd:38:c1:
79:87:bb:fa
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIEGIA2iTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEz
MTAzNTk1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWFiMWU4MzExMDE3
YzU0N2E5ZTVkNDk5ZGY5YjVkMjYwOGYyNzEwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGlp15rUaYyAw51vOK0VY988f5KjxMnTqN9aCZ36HNmWFbe
vbI2o9C4X10yWbNlYfCwDFIDzxNL+g8QyiCOpz4p51d5rbtjSiRFWhvgOoQRnFkQ
fEvOGcCb8TGfGjsReiDU94ojmyfK181rLUFP8DuAZTzAdoQrQdNsjC/NawQk0cU6
qDlS0RjRfVq7UdAli44PNMvAD7MVKQOg4KQAnhR8zeCL5/hxRWGa0YQF0gafQ/Ea
g++XkK52GyPDmohL96LG9yGjh7s9Hkz0pxDMdWXes3taagoA/qIYRpv8PvOcHbvT
NiQjGLMRfNYGmaRWa/vhFxU/4mIAkznwX0S4GucCAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBRasegxEBfFR6nl1Jnfm10mCPJxAjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1dySG9NUkFYeFVlcDVkU1ozNXRkSmdqeWNRSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwJAQCAAEwHgMEALl1FgMEALl4BwMEAbl6OAMEALl6
OwMEALmFwDAPBAIAAjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQAaIv8+
NBU/ymY3ktpV8ltefr88/FJcpHXUU26PknV8BNdk/Auyn3hGOoXjwApjMC8IRdGa
Tk8x++eaYAUewkEpjime+jDUkLn75Le9tim72B0cVDdDzblHaJpbj4CeUAU/szsv
vvFmh+SJlPjidZLxuVgjmm7BpTHrITqAipHIVWCZz2PISruQaJfk7wwMtiG0WLf5
5MbGdk4FgoArKqbSDQa6o6j1gzanlmWcR94MHHbNOJ/eesyQ+xcf6ewet75D1lX1
qf3K0NjUq1FixNuChz1QWxWNxxpqhEIw1CKk1YBzS4d0ZkacWTRmrbRgccjL93Ns
zkIK78XdOMF5h7v6
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org