Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/wNL-dP6-L-uHEGdMzsFZWocNhLw.roa
File: wNL-dP6-L-uHEGdMzsFZWocNhLw.roa (raw, json)
Hash identifier: v87qiGjv+AJTyszknsOjlEP9L9hkwwwjCH4SIuSRdQ8=
Subject key identifier: C0:D2:FE:74:FE:BE:2F:EB:87:10:67:4C:CE:C1:59:5A:87:0D:84:BC
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 2465911E
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/wNL-dP6-L-uHEGdMzsFZWocNhLw.roa
Signing time: Sat 01 Jan 2022 07:01:00 +0000
ROA not before: Sat 01 Jan 2022 07:01:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12337
IP address blocks: 188.92.112.0/21 maxlen: 24
194.31.2.0/24 maxlen: 24
213.183.0.0/19 maxlen: 24
213.95.0.0/16 maxlen: 24
213.155.64.0/19 maxlen: 24
194.59.179.0/24 maxlen: 24
192.109.102.0/24 maxlen: 24
89.250.128.0/20 maxlen: 24
62.128.0.0/19 maxlen: 24
185.227.12.0/22 maxlen: 24
2001:780::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 610636062 (0x2465911e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 07:01:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0d2fe74febe2feb8710674ccec1595a870d84bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d3:c9:9f:d7:ee:8f:ff:25:61:70:bb:73:b3:
82:31:43:a1:80:0a:79:f6:0d:aa:7e:fa:bd:b9:f5:
2a:1e:70:38:a1:03:d7:d9:2a:10:f9:51:9b:c9:0e:
3d:66:e6:9d:58:7d:55:45:df:c2:da:74:b0:9a:7b:
b8:b6:7e:d6:5c:43:f0:5f:55:37:d4:61:df:a1:b6:
11:82:40:09:34:5c:4e:e8:21:f1:e7:82:54:97:58:
29:d1:16:c1:b2:cb:18:65:49:b5:8c:35:0e:d9:e6:
8c:e2:79:3e:48:e6:e3:39:e4:e8:57:68:be:8c:26:
10:5a:3c:00:a4:bc:0f:52:a1:d5:de:1d:88:c1:17:
fb:4e:82:59:25:2d:5e:70:da:61:2f:c8:dc:2a:16:
01:6d:31:20:0e:1b:ca:d4:5c:55:b4:01:2d:ec:ce:
42:d0:53:be:89:2c:97:57:28:3d:5b:dd:69:c4:a2:
0d:c9:9c:81:53:3c:bf:22:12:2b:f7:41:5c:4e:ee:
f7:78:e2:78:66:9d:b5:af:a6:e0:36:1d:df:3f:3d:
64:4f:96:24:79:69:2a:52:fc:24:1a:87:9f:c9:b4:
ae:3f:33:4c:d4:03:04:ac:12:01:39:48:a0:9b:10:
96:6f:b2:fd:f7:c3:bc:5b:01:c7:46:05:4a:fd:6a:
fe:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:D2:FE:74:FE:BE:2F:EB:87:10:67:4C:CE:C1:59:5A:87:0D:84:BC
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/wNL-dP6-L-uHEGdMzsFZWocNhLw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.128.0.0/19
89.250.128.0/20
185.227.12.0/22
188.92.112.0/21
192.109.102.0/24
194.31.2.0/24
194.59.179.0/24
213.95.0.0/16
213.155.64.0/19
213.183.0.0/19
IPv6:
2001:780::/32
Signature Algorithm: sha256WithRSAEncryption
74:ef:b1:12:23:c2:5a:da:9e:05:8c:98:32:a7:cd:c2:9b:3b:
d3:f3:64:9f:c3:d1:e5:bf:93:0b:b9:c3:3a:32:8d:d7:9d:8d:
3e:a4:fd:ba:7d:9b:d5:c9:fd:6d:ce:22:e9:ba:f3:4f:bd:4d:
68:72:c9:19:a7:fb:59:bd:0c:ea:0c:a0:e0:77:11:74:ac:e9:
f9:13:3f:ee:9a:c3:ae:b8:b5:c9:e9:f1:21:3d:db:c1:26:86:
3b:16:2c:9d:00:d4:bb:f1:27:bd:41:69:fa:19:60:04:09:8e:
f6:5e:e5:e0:9c:e7:b2:b3:48:74:c1:6e:24:d4:5c:c8:9a:76:
ea:b6:79:63:9f:e3:c5:08:00:df:71:ac:1d:6f:db:c6:6e:3c:
c0:f5:d1:69:50:02:c1:05:ad:3e:2d:d8:13:7a:aa:85:af:99:
9b:8b:34:e7:41:e1:72:f6:ac:ef:71:74:99:97:5c:57:a3:da:
f0:34:f0:fc:5b:04:46:23:8d:10:ed:93:f2:4c:9c:90:ee:9d:
86:11:99:e9:d3:19:07:2c:1c:b2:cc:df:5a:cc:6a:5c:0d:c7:
b3:77:b9:ff:53:c8:7a:33:1e:48:3c:ce:ca:87:e3:8e:96:99:
5e:29:e3:05:12:c5:88:ea:97:3b:b8:a1:86:1b:d4:b4:7c:aa:
9a:2a:54:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgIEJGWRHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDRkMWM4NzkwYTkxM2U4MzJjNzMzZGZmNzc4ZGVlNzkxMjk3MDBhMB4XDTIyMDEw
MTA3MDEwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzBkMmZlNzRmZWJl
MmZlYjg3MTA2NzRjY2VjMTU5NWE4NzBkODRiYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOvTyZ/X7o//JWFwu3OzgjFDoYAKefYNqn76vbn1Kh5wOKED
19kqEPlRm8kOPWbmnVh9VUXfwtp0sJp7uLZ+1lxD8F9VN9Rh36G2EYJACTRcTugh
8eeCVJdYKdEWwbLLGGVJtYw1DtnmjOJ5Pkjm4znk6FdovowmEFo8AKS8D1Kh1d4d
iMEX+06CWSUtXnDaYS/I3CoWAW0xIA4bytRcVbQBLezOQtBTvoksl1coPVvdacSi
DcmcgVM8vyISK/dBXE7u93jieGadta+m4DYd3z89ZE+WJHlpKlL8JBqHn8m0rj8z
TNQDBKwSATlIoJsQlm+y/ffDvFsBx0YFSv1q/pcCAwEAAaOCAk0wggJJMB0GA1Ud
DgQWBBTA0v50/r4v64cQZ0zOwVlahw2EvDAfBgNVHSMEGDAWgBR9TRyHkKkT6DLH
M9/3eN7nkSlwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZVMGNoNUNwRS1neXh6UGY5M2plNTVFcGNBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvMWM2MTgwLTk5NTAtNGNlOC04MTFlLWY4ZDY2MmI5NmRhYi8x
L3dOTC1kUDYtTC11SEVHZE16c0ZaV29jTmhMdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
MWM2MTgwLTk5NTAtNGNlOC04MTFlLWY4ZDY2MmI5NmRhYi8xL2ZVMGNoNUNwRS1n
eXh6UGY5M2plNTVFcGNBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBj
BggrBgEFBQcBBwEB/wRUMFIwQQQCAAEwOwMEBT6AAAMEBFn6gAMEArnjDAMEA7xc
cAMEAMBtZgMEAMIfAgMEAMI7swMDANVfAwQF1ZtAAwQF1bcAMA0EAgACMAcDBQAg
AQeAMA0GCSqGSIb3DQEBCwUAA4IBAQB077ESI8Ja2p4FjJgyp83CmzvT82Sfw9Hl
v5MLucM6Mo3XnY0+pP26fZvVyf1tziLpuvNPvU1ocskZp/tZvQzqDKDgdxF0rOn5
Ez/umsOuuLXJ6fEhPdvBJoY7FiydANS78Se9QWn6GWAECY72XuXgnOeys0h0wW4k
1FzImnbqtnljn+PFCADfcawdb9vGbjzA9dFpUALBBa0+LdgTeqqFr5mbizTnQeFy
9qzvcXSZl1xXo9rwNPD8WwRGI40Q7ZPyTJyQ7p2GEZnp0xkHLByyzN9azGpcDcez
d7n/U8h6Mx5IPM7Kh+OOlpleKeMFEsWI6pc7uKGGG9S0fKqaKlTp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:23 2024 by rpki-client on console-ams.rpki-client.org