Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/wRBrL6du2AUlXMDjYJ_-h_PiqFU.roa
File: wRBrL6du2AUlXMDjYJ_-h_PiqFU.roa (raw, json)
Hash identifier: G3lfz04pLqUWgaWSK0wMf2FzfWAAQrqOoDugIkqLhp8=
Subject key identifier: C1:10:6B:2F:A7:6E:D8:05:25:5C:C0:E3:60:9F:FE:87:F3:E2:A8:55
Certificate issuer: /CN=61e10dac1f773c55a244753346719e899f4d4432
Certificate serial: 071D6BFF
Authority key identifier: 61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/wRBrL6du2AUlXMDjYJ_-h_PiqFU.roa
Signing time: Sat 01 Jan 2022 04:01:22 +0000
ROA not before: Sat 01 Jan 2022 04:01:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28997
IP address blocks: 83.136.16.0/21 maxlen: 24
193.29.248.0/23 maxlen: 24
193.30.6.0/23 maxlen: 24
2a03:7000::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119368703 (0x71d6bff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=61e10dac1f773c55a244753346719e899f4d4432
Validity
Not Before: Jan 1 04:01:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1106b2fa76ed805255cc0e3609ffe87f3e2a855
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:65:d2:e8:d6:44:dc:7b:b5:86:86:c2:ce:b5:
88:e2:c3:a9:9b:f2:c0:94:15:44:2a:95:a7:2e:be:
6a:f9:c7:11:4a:1c:96:6b:d2:bd:00:99:d2:eb:11:
98:50:15:66:ab:d5:69:0b:87:0c:f0:0b:26:f3:14:
0f:d2:58:51:bd:c1:32:0d:53:64:9b:c6:c3:7d:66:
89:3e:55:23:5e:26:09:7b:57:a1:03:3c:2e:3c:e5:
bc:6d:5b:05:29:16:5c:1f:90:79:22:b9:9d:14:06:
ab:64:b0:88:66:6c:b1:e0:98:e5:90:42:9f:a8:e2:
f4:0d:e3:80:61:1f:2c:17:87:eb:cc:ea:c7:7c:93:
f7:12:8b:ec:ff:f2:cd:70:28:a1:bc:1d:a6:97:09:
62:43:e9:c6:e4:0b:d5:a6:74:30:bd:4f:f2:76:da:
24:f6:0c:15:52:4d:6c:3c:82:48:25:2d:6f:85:35:
09:f4:c4:e1:ec:68:0c:36:f7:07:5a:c4:eb:81:3f:
cc:0a:21:80:5b:0c:db:19:19:a5:9d:83:1f:59:60:
f3:01:72:95:6d:1b:49:aa:4e:d3:ca:d5:85:66:2a:
53:97:d7:2b:38:2d:9a:9f:65:45:f6:01:77:ba:42:
0c:d5:85:ba:01:a9:cf:b3:7d:7c:cf:46:7d:77:dd:
72:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:10:6B:2F:A7:6E:D8:05:25:5C:C0:E3:60:9F:FE:87:F3:E2:A8:55
X509v3 Authority Key Identifier:
keyid:61:E1:0D:AC:1F:77:3C:55:A2:44:75:33:46:71:9E:89:9F:4D:44:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YeENrB93PFWiRHUzRnGeiZ9NRDI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/wRBrL6du2AUlXMDjYJ_-h_PiqFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/85ef35-647a-4172-8c64-6db3caef73d9/1/YeENrB93PFWiRHUzRnGeiZ9NRDI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.16.0/21
193.29.248.0/23
193.30.6.0/23
IPv6:
2a03:7000::/32
Signature Algorithm: sha256WithRSAEncryption
31:81:ec:5c:00:31:7a:2c:9f:83:bc:00:ec:6a:ff:61:fd:18:
29:df:e7:0d:f1:a4:c6:44:df:10:7e:2e:78:c4:06:59:c7:94:
38:a9:ce:03:52:43:5e:5d:c3:95:35:f3:d9:eb:8d:4f:dd:26:
ba:aa:89:3b:90:a8:7b:18:d0:36:6b:16:15:f8:fb:75:7a:db:
44:49:01:0b:a5:70:a2:20:7d:4c:51:78:70:89:ae:44:eb:e0:
6a:07:83:9d:b7:72:bd:a1:6a:27:b2:f4:e3:ca:4e:fb:87:03:
ac:79:29:74:bd:e3:ed:4c:e3:57:f2:43:c3:66:73:34:0f:d6:
49:dc:58:fc:20:ff:90:bc:9e:9b:44:9c:88:89:ec:73:66:e8:
4b:1e:8b:ba:70:fd:5b:4d:e1:5e:1c:4f:94:23:f7:6b:51:ee:
ee:8f:ef:e8:e5:c5:1a:65:ee:26:88:f8:10:7a:cb:f7:cc:79:
17:84:8d:d4:56:d6:35:eb:63:83:46:27:44:bf:55:07:c6:bf:
b3:9a:e8:eb:2b:fc:b5:2a:bf:ea:b3:9a:e7:a7:5c:31:ff:8d:
3c:7e:83:0a:ce:b4:20:7c:00:bb:5e:b8:e2:fe:eb:7e:c2:3d:
6b:12:1d:7e:fa:68:e6:bf:af:48:b8:45:9e:7e:34:cf:71:5a:
50:de:e2:c2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBx1r/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MWUxMGRhYzFmNzczYzU1YTI0NDc1MzM0NjcxOWU4OTlmNGQ0NDMyMB4XDTIyMDEw
MTA0MDEyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzExMDZiMmZhNzZl
ZDgwNTI1NWNjMGUzNjA5ZmZlODdmM2UyYTg1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAItl0ujWRNx7tYaGws61iOLDqZvywJQVRCqVpy6+avnHEUoc
lmvSvQCZ0usRmFAVZqvVaQuHDPALJvMUD9JYUb3BMg1TZJvGw31miT5VI14mCXtX
oQM8LjzlvG1bBSkWXB+QeSK5nRQGq2SwiGZsseCY5ZBCn6ji9A3jgGEfLBeH68zq
x3yT9xKL7P/yzXAoobwdppcJYkPpxuQL1aZ0ML1P8nbaJPYMFVJNbDyCSCUtb4U1
CfTE4exoDDb3B1rE64E/zAohgFsM2xkZpZ2DH1lg8wFylW0bSapO08rVhWYqU5fX
Kzgtmp9lRfYBd7pCDNWFugGpz7N9fM9GfXfdcu0CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTBEGsvp27YBSVcwONgn/6H8+KoVTAfBgNVHSMEGDAWgBRh4Q2sH3c8VaJE
dTNGcZ6Jn01EMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1llRU5yQjkzUEZXaVJIVXpSbkdlaVo5TlJESS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTkvODVlZjM1LTY0N2EtNDE3Mi04YzY0LTZkYjNjYWVmNzNkOS8x
L3dSQnJMNmR1MkFVbFhNRGpZSl8taF9QaXFGVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTkv
ODVlZjM1LTY0N2EtNDE3Mi04YzY0LTZkYjNjYWVmNzNkOS8xL1llRU5yQjkzUEZX
aVJIVXpSbkdlaVo5TlJESS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA1OIEAMEAcEd+AMEAcEeBjANBAIA
AjAHAwUAKgNwADANBgkqhkiG9w0BAQsFAAOCAQEAMYHsXAAxeiyfg7wA7Gr/Yf0Y
Kd/nDfGkxkTfEH4ueMQGWceUOKnOA1JDXl3DlTXz2euNT90muqqJO5CoexjQNmsW
Ffj7dXrbREkBC6VwoiB9TFF4cImuROvgageDnbdyvaFqJ7L048pO+4cDrHkpdL3j
7UzjV/JDw2ZzNA/WSdxY/CD/kLyem0SciInsc2boSx6LunD9W03hXhxPlCP3a1Hu
7o/v6OXFGmXuJoj4EHrL98x5F4SN1FbWNetjg0YnRL9VB8a/s5ro6yv8tSq/6rOa
56dcMf+NPH6DCs60IHwAu1644v7rfsI9axIdfvpo5r+vSLhFnn40z3FaUN7iwg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:09 2024 by rpki-client on console-fra.rpki-client.org