Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/WUH4e2PYowifjEkGsRkQwoVwl90.roa
File: WUH4e2PYowifjEkGsRkQwoVwl90.roa (raw, json)
Hash identifier: QRbXwnYUaXAi/giFMja3KF23LxNS5rPQPyc1oyZKCyA=
Subject key identifier: 59:41:F8:7B:63:D8:A3:08:9F:8C:49:06:B1:19:10:C2:85:70:97:DD
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0181F3FE7C015B949B9128BB980A3DCA7E8D
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/WUH4e2PYowifjEkGsRkQwoVwl90.roa
Signing time: Tue 12 Jul 2022 19:59:10 +0000
ROA not before: Tue 12 Jul 2022 19:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 164.215.96.0/24 maxlen: 24
164.215.97.0/24 maxlen: 24
164.215.98.0/24 maxlen: 24
164.215.99.0/24 maxlen: 24
85.158.145.0/24 maxlen: 24
5.178.4.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f3:fe:7c:01:5b:94:9b:91:28:bb:98:0a:3d:ca:7e:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 12 19:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5941f87b63d8a3089f8c4906b11910c2857097dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:35:cd:3b:3d:9b:e6:28:40:a1:38:dc:8b:5e:
a6:3f:b7:a3:8a:dd:75:fe:c4:3e:16:05:e4:6b:ac:
de:34:31:35:aa:19:61:6f:20:e0:e6:08:7a:95:39:
2f:45:d4:07:57:32:58:cf:dc:40:c5:2c:dc:75:41:
74:6d:a9:9c:f9:78:90:4b:97:f7:76:6a:02:1c:1f:
52:a8:8c:42:ff:f3:27:9e:39:5c:e5:ab:3e:ff:54:
78:28:6a:c7:42:7a:10:5e:1e:fa:de:2a:39:4d:41:
b9:48:0f:46:e2:16:84:02:51:ed:cd:0f:7c:2b:eb:
a9:a7:14:31:3e:f9:a0:a9:67:c9:6f:9d:fc:34:44:
82:69:e4:dd:ad:49:bc:db:dc:86:6a:66:dc:49:91:
5a:8e:b7:7d:7b:7d:96:35:d4:82:9f:57:9b:1f:0b:
f6:c7:31:0c:4c:3d:c3:55:ad:b1:29:23:79:f7:9a:
17:fb:f3:6e:7c:cb:90:91:90:a2:f5:ca:c7:1c:52:
38:ac:b9:3d:e3:82:d6:9b:52:81:3f:26:0b:9c:c1:
c1:50:fd:fa:0e:4d:34:93:e6:ea:9b:27:53:8f:3b:
36:8f:32:55:e8:36:71:ea:9f:ed:3a:5b:4f:a6:8c:
2c:f7:7e:25:81:2c:aa:80:87:74:87:36:77:b6:be:
d1:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:41:F8:7B:63:D8:A3:08:9F:8C:49:06:B1:19:10:C2:85:70:97:DD
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/WUH4e2PYowifjEkGsRkQwoVwl90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
85.158.145.0/24
88.151.199.0/24
109.205.211.0/24
164.215.96.0/22
Signature Algorithm: sha256WithRSAEncryption
78:49:d0:96:b8:55:8a:93:da:3c:88:b4:77:09:75:ad:3e:ec:
f8:96:c2:b3:54:5b:d3:b2:b4:69:72:c9:dc:33:2b:fe:ce:4a:
e1:98:7d:4c:41:5b:e0:a7:ec:95:ae:8a:78:4b:b5:07:4b:4a:
bb:89:34:06:a1:da:52:dc:4b:19:41:50:62:13:e0:14:5f:30:
ad:5d:2d:31:d7:5c:76:41:d0:46:3a:64:32:26:cb:94:6d:14:
3e:cb:eb:8d:5d:f5:5e:dd:1e:ce:65:10:51:e1:13:63:62:d5:
58:9a:9c:c4:b2:86:1f:c2:13:ba:f1:4c:c7:ea:21:02:73:91:
e4:83:65:8a:cc:02:28:e9:4b:cf:9e:ca:0c:38:b7:bc:22:38:
58:9e:c0:60:58:a8:89:92:65:72:79:20:6a:a5:04:b5:b4:2a:
45:19:65:b6:93:c0:db:b4:98:aa:6f:68:4d:2b:2c:dd:15:e0:
ff:f2:d6:43:3c:51:2f:12:5d:e2:41:0f:53:ea:5f:51:14:c8:
c7:3c:84:65:2d:36:aa:e4:bd:b6:5c:e1:27:5d:2c:68:66:33:
b5:44:b5:54:f9:2c:2f:b5:93:d1:72:bf:4e:fd:91:da:2d:f8:
c2:e4:04:d3:43:05:2e:12:0c:aa:4a:98:49:b0:a5:03:b0:89:
71:04:1b:bd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYHz/nwBW5SbkSi7mAo9yn6NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIwNzEyMTk1OTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTQxZjg3YjYzZDhhMzA4OWY4YzQ5MDZiMTE5MTBjMjg1NzA5N2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DXNOz2b5ihAoTjci16mP7ejit11
/sQ+FgXka6zeNDE1qhlhbyDg5gh6lTkvRdQHVzJYz9xAxSzcdUF0bamc+XiQS5f3
dmoCHB9SqIxC//Mnnjlc5as+/1R4KGrHQnoQXh763io5TUG5SA9G4haEAlHtzQ98
K+uppxQxPvmgqWfJb538NESCaeTdrUm829yGambcSZFajrd9e32WNdSCn1ebHwv2
xzEMTD3DVa2xKSN595oX+/NufMuQkZCi9crHHFI4rLk944LWm1KBPyYLnMHBUP36
Dk00k+bqmydTjzs2jzJV6DZx6p/tOltPpows934lgSyqgId0hzZ3tr7RmQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFlB+Htj2KMIn4xJBrEZEMKFcJfdMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvV1VINGUyUFlvd2lmakVrR3NSa1F3b1Z3bDkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBbIEAwQA
VZ6RAwQAWJfHAwQAbc3TAwQCpNdgMA0GCSqGSIb3DQEBCwUAA4IBAQB4SdCWuFWK
k9o8iLR3CXWtPuz4lsKzVFvTsrRpcsncMyv+zkrhmH1MQVvgp+yVrop4S7UHS0q7
iTQGodpS3EsZQVBiE+AUXzCtXS0x11x2QdBGOmQyJsuUbRQ+y+uNXfVe3R7OZRBR
4RNjYtVYmpzEsoYfwhO68UzH6iECc5Hkg2WKzAIo6UvPnsoMOLe8IjhYnsBgWKiJ
kmVyeSBqpQS1tCpFGWW2k8DbtJiqb2hNKyzdFeD/8tZDPFEvEl3iQQ9T6l9RFMjH
PIRlLTaq5L22XOEnXSxoZjO1RLVU+SwvtZPRcr9O/ZHaLfjC5ATTQwUuEgyqSphJ
sKUDsIlxBBu9
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:50 2023 by rpki-client on console-ams.rpki-client.org