Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/wu8YCfdoL3CYfnhV-G1kC8RGXKk.roa
File: wu8YCfdoL3CYfnhV-G1kC8RGXKk.roa (raw, json)
Hash identifier: 7Gw8oOL8BWNr2Mv6iAniD6+f+Eqjlkdt+ltXxQclDX8=
Subject key identifier: C2:EF:18:09:F7:68:2F:70:98:7E:78:55:F8:6D:64:0B:C4:46:5C:A9
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0183CC67783005B2559A4D26F84D592188E3
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/wu8YCfdoL3CYfnhV-G1kC8RGXKk.roa
Signing time: Wed 12 Oct 2022 13:34:36 +0000
ROA not before: Wed 12 Oct 2022 13:34:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39494
IP address blocks: 89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
79.174.72.0/22 maxlen: 22
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
31.177.86.0/23 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.177.0/24 maxlen: 24
89.111.176.0/22 maxlen: 22
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cc:67:78:30:05:b2:55:9a:4d:26:f8:4d:59:21:88:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Oct 12 13:34:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2ef1809f7682f70987e7855f86d640bc4465ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:46:31:cb:0a:c3:91:45:ba:64:b0:a9:00:ad:
6d:ab:b2:87:bd:cb:35:c3:05:2e:0a:55:09:eb:5f:
e8:28:f6:e0:45:73:1c:5b:25:48:27:b8:a5:6d:da:
00:84:90:7b:08:cd:02:f8:1e:02:2c:e4:7b:e1:6e:
cf:d9:42:9a:2f:66:d9:cb:91:a0:c9:be:19:36:58:
2e:0e:1a:e6:42:a8:ad:32:93:33:c8:94:71:b6:77:
c6:25:b8:ac:df:b4:fb:c8:66:f6:52:72:b5:9a:37:
93:29:1b:2f:21:1c:c1:c9:a3:23:fa:1d:9a:1a:6f:
2a:98:6d:e5:57:a0:8c:65:1a:91:5c:89:05:e2:f3:
6a:af:42:f8:2f:06:69:69:c5:1a:53:f8:eb:9c:5b:
59:ce:29:22:a1:3b:ce:67:4f:87:80:db:2c:11:95:
43:d1:79:19:83:f0:f7:33:e5:fd:c3:06:59:33:72:
bc:92:f9:bf:e5:50:dd:5f:57:0f:8f:e4:97:b7:8e:
6b:9b:bf:c0:04:78:2f:2d:b2:82:ed:fd:2a:cd:ba:
63:90:8c:78:27:e3:65:96:ca:e5:5d:06:87:05:54:
36:fb:ce:d3:ce:f0:11:ec:df:eb:94:f5:7e:cb:19:
f3:cf:a2:ed:c6:f5:f3:d7:36:26:cb:55:07:be:09:
f7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EF:18:09:F7:68:2F:70:98:7E:78:55:F8:6D:64:0B:C4:46:5C:A9
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/wu8YCfdoL3CYfnhV-G1kC8RGXKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.86.0/23
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
3e:59:31:02:7d:13:6e:08:71:e9:bb:39:ae:5f:ed:e5:b3:df:
f8:03:ff:1c:73:1d:31:24:43:4b:e7:98:dc:3c:fd:a5:3a:65:
6e:60:67:3b:b0:25:90:3b:f2:98:e1:f2:3d:f5:dc:0e:c1:50:
eb:f5:b7:4e:df:48:47:ec:fe:ca:96:fb:32:5f:d5:df:c9:0e:
01:e1:99:26:22:61:d4:bf:f3:b6:a0:df:d1:42:83:17:b5:45:
62:20:d1:78:d6:fd:ae:71:f9:13:e8:93:1f:5b:4f:cb:6c:68:
3b:4b:c8:12:8b:46:90:b1:31:af:f9:e2:02:23:51:d9:77:da:
14:b5:a6:54:79:73:9b:55:54:e1:f8:45:ca:af:11:70:74:8f:
6f:39:b9:09:a8:ae:a1:42:3f:8f:f5:56:7d:4d:fe:da:7a:77:
26:9a:51:83:38:f4:02:86:8f:c4:12:08:d1:b3:dd:dc:40:46:
45:3c:23:17:a4:ff:0b:c5:db:e9:7d:b6:ba:9d:a5:8b:f4:7a:
d0:0b:a1:e4:5d:d3:56:68:e3:a5:0a:8d:c8:8a:0f:46:07:32:
cd:37:fc:b6:12:f1:89:ab:e1:65:c7:fa:33:be:00:93:9b:9b:
2f:54:ba:c1:8f:02:50:58:b1:90:91:dc:1e:9f:e3:38:9e:b9:
92:38:90:5e
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYPMZ3gwBbJVmk0m+E1ZIYjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjIxMDEyMTMzNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmVmMTgwOWY3NjgyZjcwOTg3ZTc4NTVmODZkNjQwYmM0NDY1Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEYxywrDkUW6ZLCpAK1tq7KHvcs1
wwUuClUJ61/oKPbgRXMcWyVIJ7ilbdoAhJB7CM0C+B4CLOR74W7P2UKaL2bZy5Gg
yb4ZNlguDhrmQqitMpMzyJRxtnfGJbis37T7yGb2UnK1mjeTKRsvIRzByaMj+h2a
Gm8qmG3lV6CMZRqRXIkF4vNqr0L4LwZpacUaU/jrnFtZzikioTvOZ0+HgNssEZVD
0XkZg/D3M+X9wwZZM3K8kvm/5VDdX1cPj+SXt45rm7/ABHgvLbKC7f0qzbpjkIx4
J+NllsrlXQaHBVQ2+87TzvAR7N/rlPV+yxnzz6LtxvXz1zYmy1UHvgn3twIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMLvGAn3aC9wmH54VfhtZAvERlypMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvd3U4WUNmZG9MM0NZZm5oVi1HMWtDOFJHWEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQBH7FWAwQC
T65IAwQFWWhAAwQGWW+AMBQEAgACMA4DBQAqAQDYAwUAKgIgkDANBgkqhkiG9w0B
AQsFAAOCAQEAPlkxAn0Tbghx6bs5rl/t5bPf+AP/HHMdMSRDS+eY3Dz9pTplbmBn
O7AlkDvymOHyPfXcDsFQ6/W3Tt9IR+z+ypb7Ml/V38kOAeGZJiJh1L/ztqDf0UKD
F7VFYiDReNb9rnH5E+iTH1tPy2xoO0vIEotGkLExr/niAiNR2XfaFLWmVHlzm1VU
4fhFyq8RcHSPbzm5CaiuoUI/j/VWfU3+2np3JppRgzj0AoaPxBII0bPd3EBGRTwj
F6T/C8Xb6X22up2li/R60Auh5F3TVmjjpQqNyIoPRgcyzTf8thLxiavhZcf6M74A
k5ubL1S6wY8CUFixkJHcHp/jOJ65kjiQXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org