Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wkWrBl4Q5cHt0hihRNhQOLVcZfQ.roa
File: wkWrBl4Q5cHt0hihRNhQOLVcZfQ.roa (raw, json)
Hash identifier: 4lrHvFw5+GbZQLA5nmoojrOhlh7Rh1/iICJJUbSID4A=
Subject key identifier: C2:45:AB:06:5E:10:E5:C1:ED:D2:18:A1:44:D8:50:38:B5:5C:65:F4
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 01853F5F33373CDB23B38F726D199881C9DC
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wkWrBl4Q5cHt0hihRNhQOLVcZfQ.roa
Signing time: Fri 23 Dec 2022 14:24:41 +0000
ROA not before: Fri 23 Dec 2022 14:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6848
IP address blocks: 195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
188.188.0.0/15 maxlen: 15
78.29.192.0/18 maxlen: 18
213.132.128.0/19 maxlen: 19
81.82.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
46.253.160.0/20 maxlen: 20
141.134.0.0/15 maxlen: 15
62.205.64.0/18 maxlen: 18
185.30.52.0/22 maxlen: 22
178.116.0.0/14 maxlen: 14
78.20.0.0/14 maxlen: 14
5.23.128.0/17 maxlen: 17
188.95.146.0/23 maxlen: 23
212.88.224.0/19 maxlen: 19
85.28.64.0/18 maxlen: 18
84.192.0.0/13 maxlen: 13
83.217.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.251.64.0/18 maxlen: 18
185.23.244.0/22 maxlen: 22
213.224.0.0/16 maxlen: 16
217.168.120.0/21 maxlen: 21
212.123.0.0/19 maxlen: 19
82.143.64.0/18 maxlen: 18
94.224.0.0/14 maxlen: 14
213.118.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
195.130.128.0/19 maxlen: 19
217.72.224.0/20 maxlen: 20
188.44.64.0/19 maxlen: 19
185.248.41.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
2a02:1800::/24 maxlen: 24
2a00:1cf8::/32 maxlen: 32
2a02:1800:101::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:5f:33:37:3c:db:23:b3:8f:72:6d:19:98:81:c9:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Dec 23 14:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c245ab065e10e5c1edd218a144d85038b55c65f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3a:17:92:9e:14:bb:06:92:61:dc:33:f8:bb:
b8:ef:a1:34:b6:ac:93:b7:79:cc:de:2f:d1:b1:b9:
7d:4b:a2:bb:d8:8d:7b:6a:ce:67:a1:d7:5c:3f:13:
52:46:88:a9:de:dc:8c:f0:1c:21:62:fc:44:f7:41:
73:6f:3c:ee:af:b6:55:35:22:60:22:87:6a:07:fe:
0f:90:80:71:e1:0d:2d:21:45:82:fc:c4:09:d0:da:
45:5d:4e:23:b4:99:09:1f:cc:e3:68:13:76:31:9c:
6e:7c:13:a5:5e:30:f6:69:9d:98:e7:d1:a8:02:ad:
71:02:6a:c5:5d:25:8a:11:c2:98:b3:76:00:02:44:
98:a2:49:b7:ba:e2:2b:c1:27:84:58:c0:60:21:07:
0a:a2:a8:54:a7:f9:f0:b9:de:56:46:77:2a:92:83:
94:c5:5d:e5:5a:45:62:9e:9d:48:f4:05:92:b6:60:
a8:d7:6e:4a:8b:ca:92:08:bb:0a:60:04:68:fb:96:
a6:e9:03:6c:95:dd:4c:f2:0f:1a:e0:06:b4:43:3c:
03:2d:62:55:9c:4b:29:b8:ae:77:3d:78:16:77:68:
f6:3f:d9:e2:85:fa:07:78:f2:2c:0b:1f:1f:c9:66:
f2:16:ab:bd:58:a7:39:7a:1e:14:e7:81:21:7f:81:
fb:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:45:AB:06:5E:10:E5:C1:ED:D2:18:A1:44:D8:50:38:B5:5C:65:F4
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wkWrBl4Q5cHt0hihRNhQOLVcZfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
94.224.0.0/14
141.134.0.0/15
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
3c:55:af:55:4d:28:23:04:b0:b5:39:19:65:bb:f7:c7:b0:8c:
9e:22:be:35:07:96:2a:30:5c:4d:5e:14:d8:66:f6:92:b0:07:
fa:f6:40:3e:26:f0:d0:1a:1d:51:f3:be:ee:ed:73:a9:d6:98:
db:58:1b:a7:9c:3b:8c:0e:6b:49:41:d9:4f:fd:20:fc:c7:78:
93:e4:5b:b8:e5:3f:b9:d4:30:cb:10:c5:fb:f3:df:49:f3:16:
ff:5e:28:01:00:df:f0:ca:21:32:1d:6a:cb:12:86:7d:d6:24:
76:70:a0:9c:14:47:88:7a:77:49:db:7e:86:b9:f2:81:e9:48:
b3:8a:6c:b9:60:86:07:4e:02:67:2a:d9:5a:f2:59:a4:26:34:
83:da:01:cb:45:3f:e8:d1:c6:ad:af:95:41:3b:d1:42:45:7c:
60:16:df:2b:a3:ee:f8:71:b9:f6:d6:7f:eb:8f:e2:11:ee:0e:
34:8f:36:4b:1d:97:e0:72:38:96:90:5d:7b:84:9a:49:53:80:
3b:ce:cc:90:b2:e0:01:8f:b0:c2:1a:39:7b:5f:1b:98:60:f4:
56:84:80:f0:13:a5:d1:b1:08:36:75:e9:66:a0:41:34:81:6c:
3f:61:1e:7c:eb:24:2b:50:b5:b6:69:8f:69:54:5e:91:63:88:
46:d6:3f:7f
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYU/XzM3PNsjs49ybRmYgcncMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjIxMjIzMTQyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ1YWIwNjVlMTBlNWMxZWRkMjE4YTE0NGQ4NTAzOGI1NWM2NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjoXkp4UuwaSYdwz+Lu476E0tqyT
t3nM3i/Rsbl9S6K72I17as5noddcPxNSRoip3tyM8BwhYvxE90Fzbzzur7ZVNSJg
IodqB/4PkIBx4Q0tIUWC/MQJ0NpFXU4jtJkJH8zjaBN2MZxufBOlXjD2aZ2Y59Go
Aq1xAmrFXSWKEcKYs3YAAkSYokm3uuIrwSeEWMBgIQcKoqhUp/nwud5WRncqkoOU
xV3lWkVinp1I9AWStmCo125Ki8qSCLsKYARo+5am6QNsld1M8g8a4Aa0QzwDLWJV
nEspuK53PXgWd2j2P9nihfoHePIsCx8fyWbyFqu9WKc5eh4U54Ehf4H7kQIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFMJFqwZeEOXB7dIYoUTYUDi1XGX0MB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvd2tXckJsNFE1Y0h0MGhpaFJOaFFPTFZjWmZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCBwwQCAAEwgbwDBAcF
F4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVT2YAD
AwNUwAMEBlUcQAMDAl7gAwMBjYYDAwKydAMEArkX9AMEArkeNAMEArn4KAMEBbws
QAMEAbxfkgMDAby8AwQFwxAAAwQFw4KAAwQFw6LAAwQF1EzgAwQF1FjgAwQF1HsA
AwMB1XYDBAXVhIADBAXV1iADAwDV4AMEBtX7QAMEBNlI4AMEA9moeDATBAIAAjAN
AwUAKgAc+AMEACoCGDANBgkqhkiG9w0BAQsFAAOCAQEAPFWvVU0oIwSwtTkZZbv3
x7CMniK+NQeWKjBcTV4U2Gb2krAH+vZAPibw0BodUfO+7u1zqdaY21gbp5w7jA5r
SUHZT/0g/Md4k+RbuOU/udQwyxDF+/PfSfMW/14oAQDf8MohMh1qyxKGfdYkdnCg
nBRHiHp3Sdt+hrnygelIs4psuWCGB04CZyrZWvJZpCY0g9oBy0U/6NHGra+VQTvR
QkV8YBbfK6Pu+HG59tZ/64/iEe4ONI82Sx2X4HI4lpBde4SaSVOAO87MkLLgAY+w
who5e18bmGD0VoSA8BOl0bEINnXpZqBBNIFsP2EefOskK1C1tmmPaVRekWOIRtY/
fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:33 2024 by rpki-client on console-fra.rpki-client.org