Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/WR5C2xMqQWNYAyZUNeWlk9CfCMA.roa
File: WR5C2xMqQWNYAyZUNeWlk9CfCMA.roa (raw, json)
Hash identifier: KHqP5Xy12NpeXw+/rWBExFchDcb+5eCshfj8W0ykLRE=
Subject key identifier: 59:1E:42:DB:13:2A:41:63:58:03:26:54:35:E5:A5:93:D0:9F:08:C0
Certificate issuer: /CN=3e0be8e48dba07df21711745b869e3911ce98e20
Certificate serial: 04D68E
Authority key identifier: 3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/WR5C2xMqQWNYAyZUNeWlk9CfCMA.roa
Signing time: Wed 02 Mar 2022 00:36:48 +0000
ROA not before: Wed 02 Mar 2022 00:36:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5588
IP address blocks: 213.218.96.0/20 maxlen: 20
213.218.112.0/20 maxlen: 20
212.38.192.0/19 maxlen: 19
62.29.128.0/17 maxlen: 17
212.203.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317070 (0x4d68e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e0be8e48dba07df21711745b869e3911ce98e20
Validity
Not Before: Mar 2 00:36:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=591e42db132a41635803265435e5a593d09f08c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:50:9b:29:86:a7:37:ff:e5:fd:7b:5a:e1:23:
c3:cb:4c:69:f1:20:fc:41:b3:47:b7:03:f2:4e:62:
ec:cd:4d:4e:ed:1c:49:ca:ef:26:84:8f:1e:96:9a:
51:0a:4d:22:d6:21:c7:f0:c5:df:dd:8c:bf:86:74:
4c:73:a2:65:02:5e:6d:ee:d0:36:db:25:8a:e8:c8:
9f:0a:4d:32:f4:ef:49:e5:65:e1:a4:a3:be:d1:e1:
88:73:2e:70:58:f0:cb:d7:75:a8:37:89:3f:a7:9c:
0d:b4:0b:d5:98:01:00:54:b5:2a:0c:3a:a4:78:83:
6a:4a:ef:e8:21:87:33:ab:44:aa:d3:2f:97:01:56:
2d:37:c2:86:e1:24:c4:2f:21:bb:a9:c2:b1:f3:32:
b1:20:e8:69:ec:15:3f:25:aa:9f:8b:8a:11:fd:02:
40:5a:63:93:47:73:cf:25:2c:bf:7f:fe:8f:eb:4a:
97:ce:b4:72:5d:86:2c:df:f8:6b:58:96:39:5b:e0:
7b:eb:51:d1:a2:9e:65:b5:82:60:da:ec:c8:cf:d0:
19:d4:0e:7d:57:de:e0:95:eb:d9:68:57:79:b6:c8:
cf:c6:ae:5a:f8:ea:88:02:01:9e:17:b0:6d:0b:e6:
95:6c:a9:6f:fb:24:57:e3:03:56:60:0d:a6:6f:94:
09:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:1E:42:DB:13:2A:41:63:58:03:26:54:35:E5:A5:93:D0:9F:08:C0
X509v3 Authority Key Identifier:
keyid:3E:0B:E8:E4:8D:BA:07:DF:21:71:17:45:B8:69:E3:91:1C:E9:8E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pgvo5I26B98hcRdFuGnjkRzpjiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/WR5C2xMqQWNYAyZUNeWlk9CfCMA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/95bce9-1e8e-41c1-89f8-20f9f0dbf458/1/Pgvo5I26B98hcRdFuGnjkRzpjiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.29.128.0/17
212.38.192.0/19
212.203.128.0/17
213.218.96.0/19
Signature Algorithm: sha256WithRSAEncryption
3a:07:99:10:3a:ee:72:87:dc:f2:11:c1:10:68:98:34:c2:8a:
ff:89:06:33:09:e2:cd:93:07:bb:63:9e:10:91:74:29:9d:7f:
4e:0b:0e:0c:cf:78:fc:fb:b3:cb:f8:d5:f6:6a:d7:d7:11:b8:
5e:12:d5:cc:43:08:79:ec:a2:62:50:8b:13:f1:1a:d6:51:8c:
65:8b:d4:cf:b0:8e:ff:d5:ea:66:7e:36:fd:e9:58:16:5d:02:
b3:ca:81:94:6e:b8:24:a3:37:4a:cf:99:63:ca:09:59:cc:0e:
92:6e:9f:55:c8:ac:72:ae:b2:bc:0b:7f:d3:88:95:1d:00:14:
71:68:78:10:86:52:45:88:5a:ab:4d:cf:cc:0c:db:67:b2:be:
52:bf:71:5c:a6:fb:35:e8:42:fa:95:77:ff:9f:7d:dc:84:41:
26:73:4f:4c:17:a1:0e:54:6c:b0:36:b1:98:08:6b:21:f7:25:
cc:6a:c8:37:9a:53:a0:49:da:02:57:25:5a:7d:f2:98:50:5c:
d4:3a:30:77:96:5e:29:24:4c:b0:bf:70:15:8e:c3:44:93:a9:
2c:e3:49:1f:fe:f7:8b:70:50:bd:84:3c:83:97:5f:bb:0e:dc:
86:03:f2:05:a4:e7:5d:76:66:97:93:35:3d:75:22:e5:23:cc:
25:27:36:03
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDBNaOMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDNl
MGJlOGU0OGRiYTA3ZGYyMTcxMTc0NWI4NjllMzkxMWNlOThlMjAwHhcNMjIwMzAy
MDAzNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1OTFlNDJkYjEzMmE0
MTYzNTgwMzI2NTQzNWU1YTU5M2QwOWYwOGMwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA21CbKYanN//l/Xta4SPDy0xp8SD8QbNHtwPyTmLszU1O7RxJ
yu8mhI8elppRCk0i1iHH8MXf3Yy/hnRMc6JlAl5t7tA22yWK6MifCk0y9O9J5WXh
pKO+0eGIcy5wWPDL13WoN4k/p5wNtAvVmAEAVLUqDDqkeINqSu/oIYczq0Sq0y+X
AVYtN8KG4STELyG7qcKx8zKxIOhp7BU/Jaqfi4oR/QJAWmOTR3PPJSy/f/6P60qX
zrRyXYYs3/hrWJY5W+B761HRop5ltYJg2uzIz9AZ1A59V97glevZaFd5tsjPxq5a
+OqIAgGeF7BtC+aVbKlv+yRX4wNWYA2mb5QJewIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFFkeQtsTKkFjWAMmVDXlpZPQnwjAMB8GA1UdIwQYMBaAFD4L6OSNugffIXEX
Rbhp45Ec6Y4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
UGd2bzVJMjZCOThoY1JkRnVHbmprUnpwamlBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy85NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4LzEv
V1I1QzJ4TXFRV05ZQXlaVU5lV2xrOUNmQ01BLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85
NWJjZTktMWU4ZS00MWMxLTg5ZjgtMjBmOWYwZGJmNDU4LzEvUGd2bzVJMjZCOTho
Y1JkRnVHbmprUnpwamlBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQHPh2AAwQF1CbAAwQH1MuAAwQF1dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQA6B5kQOu5yh9zyEcEQaJg0wor/iQYzCeLNkwe7
Y54QkXQpnX9OCw4Mz3j8+7PL+NX2atfXEbheEtXMQwh57KJiUIsT8RrWUYxli9TP
sI7/1epmfjb96VgWXQKzyoGUbrgkozdKz5ljyglZzA6Sbp9VyKxyrrK8C3/TiJUd
ABRxaHgQhlJFiFqrTc/MDNtnsr5Sv3Fcpvs16EL6lXf/n33chEEmc09MF6EOVGyw
NrGYCGsh9yXMasg3mlOgSdoCVyVaffKYUFzUOjB3ll4pJEywv3AVjsNEk6ks40kf
/veLcFC9hDyDl1+7DtyGA/IFpOdddmaXkzU9dSLlI8wlJzYD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:19 2024 by rpki-client on console-fra.rpki-client.org