Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/w_nbzoYhSZ8NK5wUYigEU9vU2kU.roa
File: w_nbzoYhSZ8NK5wUYigEU9vU2kU.roa (raw, json)
Hash identifier: g+o0myQ2WuwHbWL6gfUdf/nw/7Ibvx6oMR50Z+IJTUs=
Subject key identifier: C3:F9:DB:CE:86:21:49:9F:0D:2B:9C:14:62:28:04:53:DB:D4:DA:45
Certificate issuer: /CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Certificate serial: 01835A333BB951EEF8B201E1337CC9F3011A
Authority key identifier: 8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/w_nbzoYhSZ8NK5wUYigEU9vU2kU.roa
Signing time: Tue 20 Sep 2022 09:20:50 +0000
ROA not before: Tue 20 Sep 2022 09:20:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208033
IP address blocks: 185.132.236.0/22 maxlen: 22
185.132.236.0/24 maxlen: 24
45.158.204.0/22 maxlen: 22
2a0c:dc80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5a:33:3b:b9:51:ee:f8:b2:01:e1:33:7c:c9:f3:01:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a16618b71ffc80e1c3f41ed0dfc89ab5e963fd2
Validity
Not Before: Sep 20 09:20:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3f9dbce8621499f0d2b9c1462280453dbd4da45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bc:c4:03:b8:15:86:f0:5e:b5:d8:e7:75:c6:
7f:58:e3:d0:3a:8f:44:77:39:0c:6f:f0:80:c1:7f:
91:98:f7:80:73:5c:f5:d7:3e:cc:f6:b3:40:05:a8:
cf:01:55:c4:49:95:0d:64:82:7e:c6:27:49:4f:83:
1d:74:6d:4f:aa:36:3b:fc:0d:79:ce:37:f2:62:72:
18:78:40:25:02:9b:ee:60:0f:40:e1:88:ed:03:a8:
31:3b:dd:ec:32:83:76:7f:42:50:1d:2e:0b:39:61:
d0:6b:7d:b6:70:12:3c:cd:ac:23:fd:2a:62:7b:86:
49:8f:9c:40:11:ec:70:8f:5b:3d:7d:74:09:98:e1:
05:d2:db:55:2e:25:85:b6:52:97:9e:c1:32:2b:0c:
8a:10:f1:ed:6f:68:47:34:0d:9a:80:41:46:1f:06:
0c:71:48:84:6f:62:cc:1f:4a:fe:35:4d:01:0e:30:
2e:78:16:59:a3:ba:74:3b:5c:b3:c3:42:44:3e:fe:
02:55:70:c2:2d:64:da:6b:a8:72:5f:47:8b:90:6f:
f5:8b:1e:b7:e3:65:f6:fc:dd:ad:5b:3d:6f:84:95:
ce:98:3c:c1:fc:ad:0c:96:6b:a5:3d:4e:68:6d:c0:
93:21:62:1b:74:39:97:70:87:f7:a7:3d:75:f4:72:
f6:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F9:DB:CE:86:21:49:9F:0D:2B:9C:14:62:28:04:53:DB:D4:DA:45
X509v3 Authority Key Identifier:
keyid:8A:16:61:8B:71:FF:C8:0E:1C:3F:41:ED:0D:FC:89:AB:5E:96:3F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ihZhi3H_yA4cP0HtDfyJq16WP9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/w_nbzoYhSZ8NK5wUYigEU9vU2kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/55cf77-6394-4812-9fb5-291aaedd58cc/1/ihZhi3H_yA4cP0HtDfyJq16WP9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.204.0/22
185.132.236.0/22
IPv6:
2a0c:dc80::/32
Signature Algorithm: sha256WithRSAEncryption
44:4c:aa:74:0e:da:54:3b:8b:fb:b2:50:16:6c:bb:c3:db:66:
89:4a:4b:2f:cc:6d:68:ff:a2:56:ca:12:42:dc:14:8f:84:1b:
ef:16:97:b3:1a:6d:5f:f6:fd:e3:59:d9:ac:26:0f:b4:05:cd:
12:30:c1:e0:e4:d8:33:35:1a:ef:34:6c:ff:dd:06:a2:b5:41:
62:ec:4a:38:05:f6:66:92:15:ae:b2:3b:3d:0f:ed:56:8a:c1:
fb:b1:57:a9:0f:88:06:d8:51:e5:3b:74:91:10:f0:ee:e3:06:
6c:47:01:c1:a0:a2:cf:c1:c4:ac:b7:9f:34:62:df:7e:b4:94:
3e:5f:a4:33:7f:d2:a1:2d:e1:3b:ef:b0:6c:59:08:75:27:0b:
b6:c3:06:bb:d5:dd:5c:7a:23:ae:84:d9:c9:ee:48:aa:82:a6:
44:8b:14:a6:77:ac:2a:ca:54:7a:b9:83:26:c7:aa:b7:80:2f:
c3:ad:9e:f4:bc:de:0c:31:ee:46:f4:b4:4d:92:55:33:76:59:
68:2f:50:0f:9c:91:8d:05:98:df:31:f7:3e:02:9d:d6:18:d4:
62:7a:14:64:a3:74:b6:9a:96:38:52:0f:67:06:13:91:63:7c:
42:65:98:f1:cf:46:f9:a5:04:a3:19:f6:31:54:2a:f0:29:c9:
55:87:f1:5f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYNaMzu5Ue74sgHhM3zJ8wEaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhMTY2MThiNzFmZmM4MGUxYzNmNDFlZDBkZmM4OWFiNWU5
NjNmZDIwHhcNMjIwOTIwMDkyMDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2Y5ZGJjZTg2MjE0OTlmMGQyYjljMTQ2MjI4MDQ1M2RiZDRkYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbzEA7gVhvBetdjndcZ/WOPQOo9E
dzkMb/CAwX+RmPeAc1z11z7M9rNABajPAVXESZUNZIJ+xidJT4MddG1PqjY7/A15
zjfyYnIYeEAlApvuYA9A4YjtA6gxO93sMoN2f0JQHS4LOWHQa322cBI8zawj/Spi
e4ZJj5xAEexwj1s9fXQJmOEF0ttVLiWFtlKXnsEyKwyKEPHtb2hHNA2agEFGHwYM
cUiEb2LMH0r+NU0BDjAueBZZo7p0O1yzw0JEPv4CVXDCLWTaa6hyX0eLkG/1ix63
42X2/N2tWz1vhJXOmDzB/K0MlmulPU5obcCTIWIbdDmXcIf3pz119HL2AQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMP5286GIUmfDSucFGIoBFPb1NpFMB8GA1UdIwQY
MBaAFIoWYYtx/8gOHD9B7Q38iatelj/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUt
MjkxYWFlZGQ1OGNjLzEvd19uYnpvWWhTWjhOSzV3VVlpZ0VVOXZVMmtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC81NWNmNzctNjM5NC00ODEyLTlmYjUtMjkxYWFlZGQ1OGNj
LzEvaWhaaGkzSF95QTRjUDBIdERmeUpxMTZXUDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZ7MAwQC
uYTsMA0EAgACMAcDBQAqDNyAMA0GCSqGSIb3DQEBCwUAA4IBAQBETKp0DtpUO4v7
slAWbLvD22aJSksvzG1o/6JWyhJC3BSPhBvvFpezGm1f9v3jWdmsJg+0Bc0SMMHg
5NgzNRrvNGz/3QaitUFi7Eo4BfZmkhWusjs9D+1WisH7sVepD4gG2FHlO3SREPDu
4wZsRwHBoKLPwcSst580Yt9+tJQ+X6Qzf9KhLeE777BsWQh1Jwu2wwa71d1ceiOu
hNnJ7kiqgqZEixSmd6wqylR6uYMmx6q3gC/DrZ70vN4MMe5G9LRNklUzdlloL1AP
nJGNBZjfMfc+Ap3WGNRiehRko3S2mpY4Ug9nBhORY3xCZZjxz0b5pQSjGfYxVCrw
KclVh/Ff
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:18 2024 by rpki-client on console-fra.rpki-client.org