Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/WSsRIRdtUjWznla_teVNv2DkJws.roa
File: WSsRIRdtUjWznla_teVNv2DkJws.roa (raw, json)
Hash identifier: MbOML2sCS33vmGpHCOHbK9IoPaETwdRWPfe+SGvIh1o=
Subject key identifier: 59:2B:11:21:17:6D:52:35:B3:9E:56:BF:B5:E5:4D:BF:60:E4:27:0B
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0182CA12F32E64B93749520CA84E6B25F4DF
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/WSsRIRdtUjWznla_teVNv2DkJws.roa
Signing time: Tue 23 Aug 2022 09:40:15 +0000
ROA not before: Tue 23 Aug 2022 09:40:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:12:f3:2e:64:b9:37:49:52:0c:a8:4e:6b:25:f4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Aug 23 09:40:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=592b1121176d5235b39e56bfb5e54dbf60e4270b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:1e:79:4a:ae:7f:18:f4:c8:a3:07:7f:ee:c4:
81:08:06:8a:b7:7b:09:83:05:94:d8:d5:86:49:64:
b3:45:b0:2c:bc:12:ff:64:5a:dc:5e:9c:a6:bf:96:
21:c0:ce:fc:93:33:7a:aa:5d:4c:30:1e:7b:62:3d:
8b:20:ce:02:cb:e0:26:82:6a:3d:60:14:8f:22:58:
5b:e5:62:e7:e8:b6:25:5c:06:71:4e:27:5f:b6:da:
ee:79:59:d9:b4:af:92:d7:e4:18:80:25:be:e4:16:
d1:6d:e6:35:1d:5b:0f:a8:42:9d:f0:09:0b:d8:05:
10:20:a4:62:92:5e:c1:c1:d4:d9:97:f5:af:4b:62:
60:9d:b0:12:09:fc:74:d1:aa:0b:87:0d:d8:2d:ef:
f2:51:cf:48:08:c8:6e:99:d4:da:5e:c0:51:60:b7:
e0:44:96:66:f1:e4:ee:71:55:60:bf:84:e0:8f:91:
c9:2f:b7:56:92:24:83:dd:64:82:e1:2c:5a:35:63:
5b:76:d8:62:8a:70:d9:3a:fb:16:7b:8a:d1:03:62:
51:96:f3:8c:08:ae:d5:93:d9:24:b3:a6:b3:ae:70:
d2:76:fa:32:48:24:80:4a:74:43:59:c4:34:10:76:
fb:0b:e2:87:52:86:c0:6a:0f:d0:66:82:71:96:3b:
e7:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2B:11:21:17:6D:52:35:B3:9E:56:BF:B5:E5:4D:BF:60:E4:27:0B
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/WSsRIRdtUjWznla_teVNv2DkJws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
87.249.50.0/24
94.228.122.0/24
185.104.112.0/24
217.25.95.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
25:d5:a4:12:cd:2b:5f:a9:d2:d3:a6:d5:22:b6:b6:75:be:9e:
9f:92:61:eb:ef:2d:28:28:52:49:42:01:c5:34:af:f7:90:96:
69:70:70:8b:65:d4:2b:21:2b:47:10:24:87:be:e1:42:be:01:
e7:40:ca:3d:2e:7f:8b:d7:db:74:48:eb:44:10:d7:f1:49:88:
a5:6e:49:58:f6:12:7c:4c:a0:b7:1b:91:e1:6f:c1:d2:8a:b7:
ad:c0:0c:b8:e5:4a:13:81:93:42:9a:dc:d5:3a:44:cb:1a:55:
d5:b4:3f:a5:3f:32:d5:90:23:c1:a0:d0:48:40:03:82:7c:ed:
41:f8:54:ae:9f:23:84:b4:3b:f6:05:9f:e5:7d:a6:65:23:e6:
f0:91:3a:ee:a7:c6:b1:68:2c:ab:1d:7d:02:bf:cc:08:8b:fa:
79:f6:95:f9:63:a6:1e:1e:9a:c8:9e:14:5f:c9:45:99:81:bf:
c2:a2:70:10:f3:3c:55:0f:a0:22:e5:10:0a:51:13:69:d9:e6:
28:87:57:30:b7:ec:c8:b8:ae:fe:8a:e6:cf:53:c9:80:c3:25:
7b:13:ab:e6:61:36:b0:2f:2a:ed:5f:f7:94:0b:f9:8f:5e:da:
64:44:c5:f6:c5:c1:37:4d:f6:27:36:75:28:16:aa:c8:bb:96:
6c:62:c8:05
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYLKEvMuZLk3SVIMqE5rJfTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIwODIzMDk0MDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJiMTEyMTE3NmQ1MjM1YjM5ZTU2YmZiNWU1NGRiZjYwZTQyNzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqh55Sq5/GPTIowd/7sSBCAaKt3sJ
gwWU2NWGSWSzRbAsvBL/ZFrcXpymv5YhwM78kzN6ql1MMB57Yj2LIM4Cy+Amgmo9
YBSPIlhb5WLn6LYlXAZxTidfttrueVnZtK+S1+QYgCW+5BbRbeY1HVsPqEKd8AkL
2AUQIKRikl7BwdTZl/WvS2JgnbASCfx00aoLhw3YLe/yUc9ICMhumdTaXsBRYLfg
RJZm8eTucVVgv4Tgj5HJL7dWkiSD3WSC4SxaNWNbdthiinDZOvsWe4rRA2JRlvOM
CK7Vk9kks6azrnDSdvoySCSASnRDWcQ0EHb7C+KHUobAag/QZoJxljvn7QIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFFkrESEXbVI1s55Wv7XlTb9g5CcLMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvV1NzUklSZHRVald6bmxhX3RlVk52MkRrSndzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQATijYAwQA
V/kyAwQAXuR6AwQAuWhwAwQA2RlfMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcN
AQELBQADggEBACXVpBLNK1+p0tOm1SK2tnW+np+SYevvLSgoUklCAcU0r/eQlmlw
cItl1CshK0cQJIe+4UK+AedAyj0uf4vX23RI60QQ1/FJiKVuSVj2EnxMoLcbkeFv
wdKKt63ADLjlShOBk0Ka3NU6RMsaVdW0P6U/MtWQI8Gg0EhAA4J87UH4VK6fI4S0
O/YFn+V9pmUj5vCROu6nxrFoLKsdfQK/zAiL+nn2lfljph4emsieFF/JRZmBv8Ki
cBDzPFUPoCLlEApRE2nZ5iiHVzC37Mi4rv6K5s9TyYDDJXsTq+ZhNrAvKu1f95QL
+Y9e2mRExfbFwTdN9ic2dSgWqsi7lmxiyAU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:50 2023 by rpki-client on console-fra.rpki-client.org