Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/WESXngvnrS2hmJLehPKD-Un1Dgs.roa
File: WESXngvnrS2hmJLehPKD-Un1Dgs.roa (raw, json)
Hash identifier: D60cFdcUTJoPr3KGaU4wsD9jOlCAaE6wYc+VHFRhiAM=
Subject key identifier: 58:44:97:9E:0B:E7:AD:2D:A1:98:92:DE:84:F2:83:F9:49:F5:0E:0B
Certificate issuer: /CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Certificate serial: 04505B5F
Authority key identifier: BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/WESXngvnrS2hmJLehPKD-Un1Dgs.roa
Signing time: Sat 01 Jan 2022 05:55:19 +0000
ROA not before: Sat 01 Jan 2022 05:55:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41012
IP address blocks: 94.116.0.0/16 maxlen: 16
94.119.128.0/18 maxlen: 18
194.42.124.0/23 maxlen: 23
91.103.32.0/23 maxlen: 23
94.117.0.0/16 maxlen: 16
94.119.255.0/24 maxlen: 24
94.119.64.0/18 maxlen: 18
94.118.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72375135 (0x4505b5f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be43995289b6a5ca972c4b87b5e3149c32cb4430
Validity
Not Before: Jan 1 05:55:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5844979e0be7ad2da19892de84f283f949f50e0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8f:8b:67:59:0c:f4:ae:2d:0d:0a:85:4c:bd:
67:92:6d:6b:0f:7c:0e:c1:3f:e5:f9:de:86:0b:43:
8d:75:e9:cf:0d:42:82:eb:c1:f9:0d:1d:5c:32:9a:
fd:3f:2c:ab:f0:4b:24:33:cd:d3:8e:a7:b1:2f:fc:
b9:0b:5d:65:8c:58:4d:83:11:1b:80:9e:c6:1e:85:
29:98:21:11:fc:cd:d6:4d:f6:b3:b2:a2:1b:a5:df:
3c:35:cc:21:83:75:4a:d8:d2:a2:73:02:43:2b:b2:
ec:d4:6d:f1:e5:eb:b9:0c:fa:90:ae:44:f1:26:f3:
08:a8:66:af:d9:de:c2:00:64:fb:4e:99:91:e1:a7:
55:77:84:7d:13:45:27:59:dd:7b:0f:4b:62:a9:e7:
e8:04:ad:54:45:04:9e:69:d7:aa:ef:f3:4a:bf:6f:
4d:47:a1:8a:aa:c2:31:67:ad:74:aa:66:23:08:75:
02:40:06:c5:db:85:5e:d2:14:80:69:4f:17:85:2c:
06:c3:65:0f:55:d4:bd:74:58:6c:64:99:2a:2c:d8:
00:00:52:ed:b0:6c:f5:8d:13:1a:42:d7:96:1d:97:
05:b3:50:18:5f:d9:a1:39:d6:db:61:d7:4a:8c:9c:
67:9a:c1:17:1b:37:c5:5a:67:6f:2f:2c:90:a7:be:
f6:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:44:97:9E:0B:E7:AD:2D:A1:98:92:DE:84:F2:83:F9:49:F5:0E:0B
X509v3 Authority Key Identifier:
keyid:BE:43:99:52:89:B6:A5:CA:97:2C:4B:87:B5:E3:14:9C:32:CB:44:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkOZUom2pcqXLEuHteMUnDLLRDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/WESXngvnrS2hmJLehPKD-Un1Dgs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/764b34-0d98-454c-85a2-306045efcd68/1/vkOZUom2pcqXLEuHteMUnDLLRDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.103.32.0/23
94.116.0.0-94.118.255.255
94.119.64.0-94.119.191.255
94.119.255.0/24
194.42.124.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:e6:dd:7a:79:c1:9a:69:1f:43:a1:b8:34:ab:e6:37:9e:74:
98:43:e8:22:82:fe:d4:5a:64:4e:3a:1c:0c:7c:23:13:af:ed:
49:0c:9b:fa:0c:0e:4a:fe:d3:3d:ab:da:3a:e2:55:dc:09:99:
75:5c:8d:7b:e5:f3:40:8a:26:29:13:82:28:1c:04:72:a0:ee:
c6:2d:08:ce:92:18:bb:59:6a:c7:d0:cb:70:56:f3:5b:18:6b:
af:77:b4:7d:dd:8d:33:01:49:06:bd:85:61:06:d8:85:34:b2:
5a:10:b5:11:21:99:8e:60:02:a0:0d:73:21:18:dd:10:60:9e:
5a:fe:04:cb:ad:36:01:c6:e4:87:64:c8:e4:47:00:5d:41:b3:
da:17:5d:6c:35:e6:d0:e3:6f:f3:10:26:2f:f2:b9:6e:04:fd:
bb:86:2d:a1:c7:52:d9:fa:ed:b5:f0:dd:27:40:69:59:4f:cd:
26:5c:9a:49:58:29:58:5a:e4:79:1c:37:1a:d9:7d:1d:0c:6d:
32:91:6c:bf:0d:f9:54:a2:a6:37:76:f7:7d:b0:94:a9:48:d9:
99:3f:c7:21:83:21:87:54:dc:65:35:97:cd:eb:39:86:32:f7:
ec:e0:6e:dc:32:d8:7c:33:9d:7a:9d:fb:d3:d5:03:79:74:b6:
8e:2c:a3:10
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEBFBbXzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQzOTk1Mjg5YjZhNWNhOTcyYzRiODdiNWUzMTQ5YzMyY2I0NDMwMB4XDTIyMDEw
MTA1NTUxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg0NDk3OWUwYmU3
YWQyZGExOTg5MmRlODRmMjgzZjk0OWY1MGUwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWPi2dZDPSuLQ0KhUy9Z5Jtaw98DsE/5fnehgtDjXXpzw1C
guvB+Q0dXDKa/T8sq/BLJDPN046nsS/8uQtdZYxYTYMRG4Cexh6FKZghEfzN1k32
s7KiG6XfPDXMIYN1StjSonMCQyuy7NRt8eXruQz6kK5E8SbzCKhmr9newgBk+06Z
keGnVXeEfRNFJ1ndew9LYqnn6AStVEUEnmnXqu/zSr9vTUehiqrCMWetdKpmIwh1
AkAGxduFXtIUgGlPF4UsBsNlD1XUvXRYbGSZKizYAABS7bBs9Y0TGkLXlh2XBbNQ
GF/ZoTnW22HXSoycZ5rBFxs3xVpnby8skKe+9pMCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBRYRJeeC+etLaGYkt6E8oP5SfUOCzAfBgNVHSMEGDAWgBS+Q5lSibalypcs
S4e14xScMstEMDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZrT1pVb20ycGNxWExFdUh0ZU1VbkRMTFJEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNzY0YjM0LTBkOTgtNDU0Yy04NWEyLTMwNjA0NWVmY2Q2OC8x
L1dFU1huZ3ZuclMyaG1KTGVoUEtELVVuMURncy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NzY0YjM0LTBkOTgtNDU0Yy04NWEyLTMwNjA0NWVmY2Q2OC8xL3ZrT1pVb20ycGNx
WExFdUh0ZU1VbkRMTFJEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwMgQCAAEwLAMEAVtnIDAKAwMCXnQDAwBedjAMAwQG
XndAAwQGXneAAwQAXnf/AwQBwip8MA0GCSqGSIb3DQEBCwUAA4IBAQAs5t16ecGa
aR9Dobg0q+Y3nnSYQ+gigv7UWmROOhwMfCMTr+1JDJv6DA5K/tM9q9o64lXcCZl1
XI175fNAiiYpE4IoHARyoO7GLQjOkhi7WWrH0MtwVvNbGGuvd7R93Y0zAUkGvYVh
BtiFNLJaELURIZmOYAKgDXMhGN0QYJ5a/gTLrTYBxuSHZMjkRwBdQbPaF11sNebQ
42/zECYv8rluBP27hi2hx1LZ+u218N0nQGlZT80mXJpJWClYWuR5HDca2X0dDG0y
kWy/DflUoqY3dvd9sJSpSNmZP8chgyGHVNxlNZfN6zmGMvfs4G7cMth8M516nfvT
1QN5dLaOLKMQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:33 2023 by rpki-client on console-fra.rpki-client.org