Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w3kQNwspQzb_ymbWLFf8E10_3Cw.roa
File: w3kQNwspQzb_ymbWLFf8E10_3Cw.roa (raw, json)
Hash identifier: 0lolmpB+nliTNbJ0+JiPeQTTWApUAyne3wYXU2lAp8E=
Subject key identifier: C3:79:10:37:0B:29:43:36:FF:CA:66:D6:2C:57:FC:13:5D:3F:DC:2C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018509FED2D8457678073E15F788E1C5639A
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w3kQNwspQzb_ymbWLFf8E10_3Cw.roa
Signing time: Tue 13 Dec 2022 05:39:33 +0000
ROA not before: Tue 13 Dec 2022 05:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
185.81.218.0/24 maxlen: 24
88.151.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:09:fe:d2:d8:45:76:78:07:3e:15:f7:88:e1:c5:63:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Dec 13 05:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c37910370b294336ffca66d62c57fc135d3fdc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0b:69:79:f8:b3:a3:3d:a4:43:38:ea:81:4e:
20:8c:09:b7:00:a8:ca:bb:3b:27:76:1a:7e:c2:d8:
c6:a1:c7:f0:08:14:12:58:ba:03:ad:02:fc:c7:2e:
45:9e:2b:e1:07:12:3b:66:fc:94:69:33:d5:c4:af:
76:c8:74:06:57:5d:a9:5b:b3:ba:69:5e:2b:f1:23:
64:0b:14:81:3b:e8:7d:c4:f7:cf:0b:2e:59:0f:91:
a4:a1:d6:f7:79:61:c0:e7:b4:37:9d:16:c4:59:9c:
a9:c4:6a:ea:2d:7f:0c:f0:0c:38:23:50:a8:fd:6f:
a3:3c:d8:31:6a:c8:d5:70:a9:53:3d:32:95:84:35:
0e:22:e2:f2:46:3a:c9:e2:47:e3:d9:46:12:8e:95:
da:05:4b:ad:da:70:63:1a:64:58:84:58:6e:84:58:
b5:47:21:4b:92:f1:f1:b8:f9:96:08:2f:18:84:ab:
8a:c4:16:22:df:36:71:d3:23:e5:94:28:7c:2b:d4:
b5:b8:6c:fd:a1:f4:41:92:29:64:bd:eb:a4:aa:b7:
9c:0b:44:69:e4:5d:9d:0b:d1:e0:9e:2f:b4:b1:58:
a9:d9:e2:67:3a:9f:63:fb:88:b0:ce:c7:ff:a1:db:
dc:16:ce:f5:cd:37:fd:d7:55:de:b8:83:7b:bf:8a:
bb:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:79:10:37:0B:29:43:36:FF:CA:66:D6:2C:57:FC:13:5D:3F:DC:2C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/w3kQNwspQzb_ymbWLFf8E10_3Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.195.0/24
164.215.103.0/24
185.81.218.0/23
Signature Algorithm: sha256WithRSAEncryption
11:04:e1:cc:94:2d:4a:f7:82:59:44:b3:5b:e9:d7:87:39:60:
db:ad:bc:35:d6:3e:fe:21:3a:1c:d1:9c:9d:80:0d:60:ec:e1:
2b:35:17:87:6e:b0:a6:86:4e:c7:a5:c1:6e:91:28:6d:33:58:
97:d1:d3:68:4d:36:b0:e4:93:11:7d:f2:50:7f:07:d8:d9:44:
aa:1e:15:97:5f:07:99:17:69:3a:d1:32:4c:af:37:1f:4b:f5:
93:99:03:2c:e7:cb:0a:08:a6:6a:44:a9:10:9e:44:8e:59:8e:
ea:2e:95:57:76:83:29:fb:eb:bc:ea:b3:3e:aa:ef:8a:31:54:
cd:57:c8:6f:93:42:54:48:c6:3e:08:7d:1a:9e:94:c9:57:5f:
55:d7:79:52:6a:68:02:e0:fd:3f:c3:39:65:72:ac:5a:c1:23:
e0:49:b4:d0:3f:b9:18:ca:ea:cd:6a:8b:f8:9c:d9:b2:09:ef:
6e:f0:da:de:9e:cc:9f:f5:53:14:d0:81:3b:2c:da:35:54:21:
b2:72:68:c5:54:d5:05:02:fe:6c:62:69:a7:99:5b:18:4e:f5:
09:29:ab:8a:ff:c9:93:d1:7a:44:25:e6:9b:26:75:5e:45:e0:
e4:b6:b7:d0:89:65:8b:1b:b2:b0:74:27:5a:a6:0f:e0:2b:f4:
40:bd:78:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUJ/tLYRXZ4Bz4V94jhxWOaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjIxMjEzMDUzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzc5MTAzNzBiMjk0MzM2ZmZjYTY2ZDYyYzU3ZmMxMzVkM2ZkYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQtpefizoz2kQzjqgU4gjAm3AKjK
uzsndhp+wtjGocfwCBQSWLoDrQL8xy5FnivhBxI7ZvyUaTPVxK92yHQGV12pW7O6
aV4r8SNkCxSBO+h9xPfPCy5ZD5Gkodb3eWHA57Q3nRbEWZypxGrqLX8M8Aw4I1Co
/W+jPNgxasjVcKlTPTKVhDUOIuLyRjrJ4kfj2UYSjpXaBUut2nBjGmRYhFhuhFi1
RyFLkvHxuPmWCC8YhKuKxBYi3zZx0yPllCh8K9S1uGz9ofRBkilkveukqrecC0Rp
5F2dC9Hgni+0sVip2eJnOp9j+4iwzsf/odvcFs71zTf911XeuIN7v4q7swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMN5EDcLKUM2/8pm1ixX/BNdP9wsMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvdzNrUU53c3BRemJfeW1iV0xGZjhFMTBfM0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWJfDAwQA
pNdnAwQBuVHaMA0GCSqGSIb3DQEBCwUAA4IBAQARBOHMlC1K94JZRLNb6deHOWDb
rbw11j7+IToc0ZydgA1g7OErNReHbrCmhk7HpcFukShtM1iX0dNoTTaw5JMRffJQ
fwfY2USqHhWXXweZF2k60TJMrzcfS/WTmQMs58sKCKZqRKkQnkSOWY7qLpVXdoMp
++u86rM+qu+KMVTNV8hvk0JUSMY+CH0anpTJV19V13lSamgC4P0/wzllcqxawSPg
SbTQP7kYyurNaov4nNmyCe9u8Nrensyf9VMU0IE7LNo1VCGycmjFVNUFAv5sYmmn
mVsYTvUJKauK/8mT0XpEJeabJnVeReDktrfQiWWLG7KwdCdapg/gK/RAvXgM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org