Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/wax15KdoaEeFpHj1uv603ojeDvo.roa
File: wax15KdoaEeFpHj1uv603ojeDvo.roa (raw, json)
Hash identifier: F39XlbjDRNEnOlDL2MkpUTwDxKs/Fulr7QrGHoHiIMY=
Subject key identifier: C1:AC:75:E4:A7:68:68:47:85:A4:78:F5:BA:FE:B4:DE:88:DE:0E:FA
Certificate issuer: /CN=04a08fe83a7c2bf15524f48d9a7cac439c46fd67
Certificate serial: 6B5ED0
Authority key identifier: 04:A0:8F:E8:3A:7C:2B:F1:55:24:F4:8D:9A:7C:AC:43:9C:46:FD:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/wax15KdoaEeFpHj1uv603ojeDvo.roa
Signing time: Sat 01 Jan 2022 00:55:39 +0000
ROA not before: Sat 01 Jan 2022 00:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 195.96.149.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7036624 (0x6b5ed0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a08fe83a7c2bf15524f48d9a7cac439c46fd67
Validity
Not Before: Jan 1 00:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1ac75e4a768684785a478f5bafeb4de88de0efa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9a:4f:c5:e2:0d:c8:92:07:fe:9a:40:d4:ed:
fa:2a:6e:a8:ad:0c:68:5e:58:09:4c:0a:30:79:5a:
a0:99:27:08:af:9d:81:7b:9e:e3:c2:04:a4:17:91:
b7:92:da:7e:bc:94:f7:9f:5e:15:7e:2e:4f:74:69:
d8:d0:5b:10:a5:12:13:69:c1:fb:c2:a7:bf:49:f7:
ac:dd:19:e1:8b:66:5c:c3:fd:f6:5d:b5:59:a7:bb:
b3:1a:77:91:b0:06:c2:e0:fd:3b:ca:8a:fe:55:1a:
12:06:04:76:33:6f:03:e6:24:1d:34:a3:9e:29:98:
48:1b:cd:0d:5a:47:85:82:5c:ab:67:2c:e5:f8:66:
34:f0:de:40:5b:e9:4b:11:c3:71:b3:af:da:e4:7c:
7a:00:23:9b:e0:62:64:d5:d4:29:c6:b2:ca:7a:59:
87:80:21:e5:41:a4:09:24:04:01:0e:00:82:65:63:
6c:64:e2:02:a2:6a:63:ae:8e:52:44:b9:2b:2c:22:
0e:b6:ee:fa:86:18:77:19:70:f9:4d:1c:0f:fe:a4:
cd:ad:a8:1c:be:73:43:58:d0:0f:26:38:76:fb:1b:
c2:d5:6a:fe:2c:41:88:4d:aa:b7:cd:bc:e6:69:d9:
8e:c2:26:aa:94:2c:81:ec:3b:7f:e6:94:9e:7d:8f:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:AC:75:E4:A7:68:68:47:85:A4:78:F5:BA:FE:B4:DE:88:DE:0E:FA
X509v3 Authority Key Identifier:
keyid:04:A0:8F:E8:3A:7C:2B:F1:55:24:F4:8D:9A:7C:AC:43:9C:46:FD:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/wax15KdoaEeFpHj1uv603ojeDvo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/cf4025-3198-4a93-ab76-35720860a5b2/1/BKCP6Dp8K_FVJPSNmnysQ5xG_Wc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.149.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:e5:6f:57:2e:ab:56:95:bc:d5:57:41:81:69:f3:29:4a:16:
a9:62:39:37:27:a7:3c:a4:9a:30:17:04:14:bf:2c:0a:55:31:
64:fd:5d:a9:fe:a5:a8:24:64:5c:48:07:0b:8c:bc:2c:e1:76:
c2:b9:74:ba:61:29:8a:94:a5:63:51:3e:03:38:10:b1:fb:ed:
ec:60:79:42:1a:09:b7:c4:a2:1b:35:ef:d3:53:0f:f5:d3:f2:
63:e6:12:f8:70:b0:ab:72:72:a4:dd:b7:d5:0c:13:2b:c6:3b:
81:91:f0:26:07:6f:1f:9c:ef:7e:d4:86:bd:61:ce:13:4a:de:
8c:c8:1d:cc:c7:d2:a9:3f:ba:ae:a6:0e:44:ca:67:32:e4:25:
c6:15:b4:37:6a:11:ba:62:68:dd:47:73:3f:33:e0:ee:4e:f2:
b3:b5:06:bb:32:db:da:cd:f6:bb:0e:a2:ce:62:f0:7f:bb:c5:
41:6f:db:b2:3d:b3:31:0c:67:64:2f:e0:a1:e4:4d:05:11:26:
e4:b7:ba:b1:cc:73:91:62:45:39:5b:f9:23:82:ee:25:ff:c3:
3a:b6:ea:bc:2b:ec:97:70:63:85:2b:cb:d3:8f:b4:78:57:a6:
40:9f:31:a0:7a:b5:f0:42:09:64:32:32:ca:74:cb:61:a7:14:
cf:40:4f:ca
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDa17QMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA0
YTA4ZmU4M2E3YzJiZjE1NTI0ZjQ4ZDlhN2NhYzQzOWM0NmZkNjcwHhcNMjIwMTAx
MDA1NTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjMWFjNzVlNGE3Njg2
ODQ3ODVhNDc4ZjViYWZlYjRkZTg4ZGUwZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsJpPxeINyJIH/ppA1O36Km6orQxoXlgJTAoweVqgmScIr52B
e57jwgSkF5G3ktp+vJT3n14Vfi5PdGnY0FsQpRITacH7wqe/Sfes3Rnhi2Zcw/32
XbVZp7uzGneRsAbC4P07yor+VRoSBgR2M28D5iQdNKOeKZhIG80NWkeFglyrZyzl
+GY08N5AW+lLEcNxs6/a5Hx6ACOb4GJk1dQpxrLKelmHgCHlQaQJJAQBDgCCZWNs
ZOICompjro5SRLkrLCIOtu76hhh3GXD5TRwP/qTNragcvnNDWNAPJjh2+xvC1Wr+
LEGITaq3zbzmadmOwiaqlCyB7Dt/5pSefY8YZQIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFMGsdeSnaGhHhaR49br+tN6I3g76MB8GA1UdIwQYMBaAFASgj+g6fCvxVST0
jZp8rEOcRv1nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QktDUDZEcDhLX0ZWSlBTTm1ueXNRNXhHX1djLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMy9jZjQwMjUtMzE5OC00YTkzLWFiNzYtMzU3MjA4NjBhNWIyLzEv
d2F4MTVLZG9hRWVGcEhqMXV2NjAzb2plRHZvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9j
ZjQwMjUtMzE5OC00YTkzLWFiNzYtMzU3MjA4NjBhNWIyLzEvQktDUDZEcDhLX0ZW
SlBTTm1ueXNRNXhHX1djLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CVMA0GCSqGSIb3DQEBCwUAA4IB
AQAP5W9XLqtWlbzVV0GBafMpShapYjk3J6c8pJowFwQUvywKVTFk/V2p/qWoJGRc
SAcLjLws4XbCuXS6YSmKlKVjUT4DOBCx++3sYHlCGgm3xKIbNe/TUw/10/Jj5hL4
cLCrcnKk3bfVDBMrxjuBkfAmB28fnO9+1Ia9Yc4TSt6MyB3Mx9KpP7qupg5Eymcy
5CXGFbQ3ahG6YmjdR3M/M+DuTvKztQa7Mtvazfa7DqLOYvB/u8VBb9uyPbMxDGdk
L+Ch5E0FESbkt7qxzHORYkU5W/kjgu4l/8M6tuq8K+yXcGOFK8vTj7R4V6ZAnzGg
erXwQglkMjLKdMthpxTPQE/K
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:27 2023 by rpki-client on console-fra.rpki-client.org