Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/WqgdridOWg0Jv0ywtcmBEEPBZHs.roa
File: WqgdridOWg0Jv0ywtcmBEEPBZHs.roa (raw, json)
Hash identifier: GZyreowsjTBRRyGTEz+QGBqRZdNgOfD5cGnu4Zj5bTA=
Subject key identifier: 5A:A8:1D:AE:27:4E:5A:0D:09:BF:4C:B0:B5:C9:81:10:43:C1:64:7B
Certificate issuer: /CN=932460b78f6e8f4662aec7858e92051e856099f5
Certificate serial: 01840EDCA5BB488A28D0E3E82393E44D827D
Authority key identifier: 93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/WqgdridOWg0Jv0ywtcmBEEPBZHs.roa
Signing time: Tue 25 Oct 2022 11:17:32 +0000
ROA not before: Tue 25 Oct 2022 11:17:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 185.161.88.0/22 maxlen: 24
2a00:ddc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:dc:a5:bb:48:8a:28:d0:e3:e8:23:93:e4:4d:82:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932460b78f6e8f4662aec7858e92051e856099f5
Validity
Not Before: Oct 25 11:17:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5aa81dae274e5a0d09bf4cb0b5c9811043c1647b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:db:1b:fa:9d:9c:13:79:8c:4a:6f:d8:46:d0:
f8:ba:67:dc:e0:67:dd:30:fd:4a:81:1f:f4:e9:dc:
3f:55:b6:e0:1f:1e:fe:cc:47:1c:0c:8b:44:55:cd:
a4:69:17:76:fa:84:70:3a:a0:34:1a:e7:57:85:5a:
8e:0e:c5:45:4b:56:3c:1c:49:22:dc:d1:44:1b:77:
2f:e3:37:c7:c6:6a:5f:26:7b:0e:4c:0b:e6:4e:d2:
c5:73:56:f5:f2:03:74:40:56:54:3c:49:53:b4:21:
a8:2e:bd:fe:fc:2a:f7:16:d9:ab:0a:81:59:93:c5:
7a:7e:c8:31:c3:9a:2c:bf:58:fb:d6:22:d8:a9:ab:
ca:a1:44:f4:cf:ff:bb:17:f1:09:07:5c:77:21:d8:
6c:15:7d:9d:29:bf:70:b4:24:89:18:de:41:11:5c:
1e:0e:04:42:0c:2d:e6:d4:ff:94:39:6a:66:ef:37:
eb:4e:ac:1e:6f:5b:23:7d:d3:22:ed:3b:a9:09:51:
4a:e8:10:10:78:8c:3b:97:de:33:48:31:31:98:36:
e0:54:95:0a:a9:6e:c6:9e:68:8e:d3:87:5e:b7:17:
74:8e:04:60:e9:6f:ca:a1:72:28:1f:2f:c4:09:f0:
cb:63:74:79:11:de:f2:b8:d5:d8:a4:aa:0e:6a:9a:
d2:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A8:1D:AE:27:4E:5A:0D:09:BF:4C:B0:B5:C9:81:10:43:C1:64:7B
X509v3 Authority Key Identifier:
keyid:93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/WqgdridOWg0Jv0ywtcmBEEPBZHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.88.0/22
IPv6:
2a00:ddc0::/32
Signature Algorithm: sha256WithRSAEncryption
36:eb:32:0b:8b:e9:9b:3e:93:da:97:a8:07:1c:26:8c:d0:bf:
e3:a0:86:57:ae:4f:f5:ff:ed:cf:cc:d7:2f:0d:f4:87:03:fc:
fc:f8:8e:4d:52:53:92:58:d3:89:05:82:0e:a3:a8:8e:41:60:
8f:59:dd:d6:5a:d6:3e:ac:de:e5:31:73:ef:98:9f:24:00:b7:
c1:a6:da:8d:98:80:42:24:78:7f:fa:f1:09:45:2f:fd:6a:9b:
ca:5c:22:6f:b9:c1:01:91:16:af:1b:67:2a:37:89:b1:9c:13:
be:59:0e:86:66:e6:2a:13:43:f1:c1:aa:c1:47:ee:24:91:69:
92:f3:d5:57:3e:02:e5:c3:7c:be:43:f3:c6:b5:5b:3e:e1:71:
d4:13:6f:bb:69:ae:60:52:45:95:08:32:5f:b8:ea:7a:c6:40:
e9:4d:6c:77:f8:14:e1:32:01:d4:1a:cd:9a:bd:68:f1:fc:07:
19:16:c8:1e:13:08:76:b6:34:ce:1b:04:93:6e:45:1a:30:23:
3f:8a:81:20:6e:30:35:59:03:91:c5:04:c1:de:41:52:91:8b:
d8:ef:9e:f6:a5:e0:94:4d:fb:94:c6:0e:d3:fd:25:36:2b:96:
3b:a4:42:0c:9c:cb:de:a0:c8:80:86:15:23:ed:d4:83:50:b7:
ff:57:5f:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQO3KW7SIoo0OPoI5PkTYJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjQ2MGI3OGY2ZThmNDY2MmFlYzc4NThlOTIwNTFlODU2
MDk5ZjUwHhcNMjIxMDI1MTExNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE4MWRhZTI3NGU1YTBkMDliZjRjYjBiNWM5ODExMDQzYzE2NDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptsb+p2cE3mMSm/YRtD4umfc4Gfd
MP1KgR/06dw/VbbgHx7+zEccDItEVc2kaRd2+oRwOqA0GudXhVqODsVFS1Y8HEki
3NFEG3cv4zfHxmpfJnsOTAvmTtLFc1b18gN0QFZUPElTtCGoLr3+/Cr3FtmrCoFZ
k8V6fsgxw5osv1j71iLYqavKoUT0z/+7F/EJB1x3IdhsFX2dKb9wtCSJGN5BEVwe
DgRCDC3m1P+UOWpm7zfrTqweb1sjfdMi7TupCVFK6BAQeIw7l94zSDExmDbgVJUK
qW7GnmiO04detxd0jgRg6W/KoXIoHy/ECfDLY3R5Ed7yuNXYpKoOaprSzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFqoHa4nTloNCb9MsLXJgRBDwWR7MB8GA1UdIwQY
MBaAFJMkYLePbo9GYq7HhY6SBR6FYJn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMt
OGM5ZmNiYjNlYzUyLzEvV3FnZHJpZE9XZzBKdjB5d3RjbUJFRVBCWkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMtOGM5ZmNiYjNlYzUy
LzEva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaFYMA0E
AgACMAcDBQAqAN3AMA0GCSqGSIb3DQEBCwUAA4IBAQA26zILi+mbPpPal6gHHCaM
0L/joIZXrk/1/+3PzNcvDfSHA/z8+I5NUlOSWNOJBYIOo6iOQWCPWd3WWtY+rN7l
MXPvmJ8kALfBptqNmIBCJHh/+vEJRS/9apvKXCJvucEBkRavG2cqN4mxnBO+WQ6G
ZuYqE0PxwarBR+4kkWmS89VXPgLlw3y+Q/PGtVs+4XHUE2+7aa5gUkWVCDJfuOp6
xkDpTWx3+BThMgHUGs2avWjx/AcZFsgeEwh2tjTOGwSTbkUaMCM/ioEgbjA1WQOR
xQTB3kFSkYvY7572peCUTfuUxg7T/SU2K5Y7pEIMnMveoMiAhhUj7dSDULf/V1+y
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:13 2024 by rpki-client on console-fra.rpki-client.org