Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/w-1TO57_xPQrKowhtm2-bzYeRzM.roa
File: w-1TO57_xPQrKowhtm2-bzYeRzM.roa (raw, json)
Hash identifier: QLn0qf2+ZyuH4waNraTa1FjYfsY5h+RiCW2qPtac0wc=
Subject key identifier: C3:ED:53:3B:9E:FF:C4:F4:2B:2A:8C:21:B6:6D:BE:6F:36:1E:47:33
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 0403DF97
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/w-1TO57_xPQrKowhtm2-bzYeRzM.roa
Signing time: Fri 18 Mar 2022 13:25:03 +0000
ROA not before: Fri 18 Mar 2022 13:25:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 194.99.60.0/23 maxlen: 32
193.32.96.0/23 maxlen: 32
193.32.98.0/23 maxlen: 32
31.12.78.0/23 maxlen: 32
31.12.76.0/23 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67362711 (0x403df97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Mar 18 13:25:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c3ed533b9effc4f42b2a8c21b66dbe6f361e4733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9f:94:cd:0b:2a:49:8c:d9:cc:f8:e9:21:e9:
a5:8d:8c:bc:50:76:da:99:0f:4d:da:ee:b4:d4:b1:
fb:0a:ce:98:ba:34:a8:7c:82:3f:bc:cb:ba:85:a8:
cc:68:fb:a7:17:6e:fc:23:e5:ee:bd:ff:2e:04:3b:
1d:e3:85:75:98:0c:90:18:6f:25:d3:7a:f1:ac:98:
5b:fd:9e:77:c5:0e:13:36:b0:f0:6d:b3:80:2e:08:
ed:8a:10:8b:51:85:fa:86:dd:db:55:ba:75:2a:21:
a2:5e:b7:b4:50:57:21:aa:94:bb:60:14:d4:b6:c2:
5e:83:f0:3d:98:2b:e8:8a:bb:65:62:93:0b:60:32:
b5:66:6c:83:b8:e8:2d:f9:f6:cb:21:a7:84:bf:3d:
55:a6:68:a6:0b:39:91:a8:27:ba:a4:af:44:73:1d:
84:2e:6e:92:f3:e0:fa:9d:7e:00:d2:cf:5a:6b:a7:
36:8d:4f:a7:8f:4b:03:fe:04:08:38:63:a0:a6:80:
9a:f4:a7:e7:f9:86:46:2e:7b:ee:c1:e9:c0:a0:d0:
09:24:84:1a:d6:34:f2:ff:92:3f:84:7e:9d:22:77:
a1:54:fa:52:3e:5a:f4:87:83:34:6c:ca:71:10:ec:
a8:83:7f:4f:a6:69:81:6d:c5:30:65:e8:35:58:ef:
6a:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:ED:53:3B:9E:FF:C4:F4:2B:2A:8C:21:B6:6D:BE:6F:36:1E:47:33
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/w-1TO57_xPQrKowhtm2-bzYeRzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.76.0/22
193.32.96.0/22
194.99.60.0/23
Signature Algorithm: sha256WithRSAEncryption
31:0c:d9:31:3a:3c:b5:c9:a3:48:dc:25:70:06:1f:ed:a3:da:
fd:48:7a:8f:5a:ab:c7:67:04:aa:40:6b:d2:c5:a5:95:28:16:
74:b2:1c:23:3a:69:95:88:42:7a:2b:1e:f9:ac:03:8f:7f:4b:
46:a7:9d:25:a7:2f:12:cc:f2:28:a0:df:72:53:9f:00:a5:24:
17:18:89:48:60:46:48:75:f6:d2:ac:f4:64:d8:fb:30:0e:8a:
f0:96:ee:74:50:c0:b5:24:85:0a:97:ff:0b:fe:d0:51:f0:cf:
36:22:9b:ba:f5:a0:ac:75:39:1d:31:18:7d:6a:0e:2b:40:3c:
54:53:27:0d:85:15:56:85:a3:e2:29:fe:6c:4d:86:45:13:a4:
aa:1c:49:17:c0:4f:c4:c5:9c:ab:db:e6:d1:20:e4:ff:27:84:
b8:05:18:c2:03:fb:49:c5:f1:3e:68:f5:e0:19:cd:38:c5:9f:
bc:3d:83:84:f0:87:a4:e5:22:6f:63:25:9a:94:63:ba:63:50:
84:ce:80:72:6e:40:2f:72:0f:d9:f6:0c:0c:8f:71:1c:a9:ae:
e1:f5:a9:a0:36:92:bd:c0:75:61:74:5c:39:32:ef:3f:c6:56:
ab:1a:77:eb:2c:6b:93:1f:a6:cd:89:e6:74:83:81:98:5e:33:
f9:8d:64:5f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBAPflzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWQ2MzE1NmMxODM2ZjE2YzNiNDMwZWZmYmI3MmFjNjk5MzJlYTliMB4XDTIyMDMx
ODEzMjUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzNlZDUzM2I5ZWZm
YzRmNDJiMmE4YzIxYjY2ZGJlNmYzNjFlNDczMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKGflM0LKkmM2cz46SHppY2MvFB22pkPTdrutNSx+wrOmLo0
qHyCP7zLuoWozGj7pxdu/CPl7r3/LgQ7HeOFdZgMkBhvJdN68ayYW/2ed8UOEzaw
8G2zgC4I7YoQi1GF+obd21W6dSohol63tFBXIaqUu2AU1LbCXoPwPZgr6Iq7ZWKT
C2AytWZsg7joLfn2yyGnhL89VaZopgs5kagnuqSvRHMdhC5ukvPg+p1+ANLPWmun
No1Pp49LA/4ECDhjoKaAmvSn5/mGRi577sHpwKDQCSSEGtY08v+SP4R+nSJ3oVT6
Uj5a9IeDNGzKcRDsqIN/T6ZpgW3FMGXoNVjval8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTD7VM7nv/E9CsqjCG2bb5vNh5HMzAfBgNVHSMEGDAWgBTZ1jFWwYNvFsO0
MO/7tyrGmTLqmzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJkWXhWc0dEYnhiRHRERHYtN2NxeHBreTZwcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvOGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8x
L3ctMVRPNTdfeFBRcktvd2h0bTItYnpZZVJ6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
OGY0NmJlLTAyOGItNGQwMy1hOTczLWZkYTAxMWU1Yzk3Mi8xLzJkWXhWc0dEYnhi
RHRERHYtN2NxeHBreTZwcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAh8MTAMEAsEgYAMEAcJjPDANBgkq
hkiG9w0BAQsFAAOCAQEAMQzZMTo8tcmjSNwlcAYf7aPa/Uh6j1qrx2cEqkBr0sWl
lSgWdLIcIzpplYhCeise+awDj39LRqedJacvEszyKKDfclOfAKUkFxiJSGBGSHX2
0qz0ZNj7MA6K8JbudFDAtSSFCpf/C/7QUfDPNiKbuvWgrHU5HTEYfWoOK0A8VFMn
DYUVVoWj4in+bE2GRROkqhxJF8BPxMWcq9vm0SDk/yeEuAUYwgP7ScXxPmj14BnN
OMWfvD2DhPCHpOUib2MlmpRjumNQhM6Acm5AL3IP2fYMDI9xHKmu4fWpoDaSvcB1
YXRcOTLvP8ZWqxp36yxrkx+mzYnmdIOBmF4z+Y1kXw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:51 2024 by rpki-client on console-ams.rpki-client.org