Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/wb7eCT-YeKdVfkALPDTrCHqrGzk.roa
File: wb7eCT-YeKdVfkALPDTrCHqrGzk.roa (raw, json)
Hash identifier: MWTiwjWta3uB7HCLXNuPfEc4XOh/1vAJelAKAGpPg+0=
Subject key identifier: C1:BE:DE:09:3F:98:78:A7:55:7E:40:0B:3C:34:EB:08:7A:AB:1B:39
Certificate issuer: /CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Certificate serial: 0183A07A30A519A9D50376D89E52D533D816
Authority key identifier: FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/wb7eCT-YeKdVfkALPDTrCHqrGzk.roa
Signing time: Tue 04 Oct 2022 00:51:45 +0000
ROA not before: Tue 04 Oct 2022 00:51:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202848
IP address blocks: 185.121.137.0/24 maxlen: 24
195.206.167.0/24 maxlen: 24
109.69.104.0/24 maxlen: 24
194.50.234.0/24 maxlen: 24
89.40.212.0/24 maxlen: 24
185.216.146.0/24 maxlen: 24
185.158.242.0/24 maxlen: 24
89.37.174.0/24 maxlen: 24
217.146.93.0/24 maxlen: 24
185.137.38.0/24 maxlen: 24
185.137.37.0/24 maxlen: 24
185.137.39.0/24 maxlen: 24
193.32.211.0/24 maxlen: 24
128.127.148.0/24 maxlen: 24
185.3.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a0:7a:30:a5:19:a9:d5:03:76:d8:9e:52:d5:33:d8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd37cc8f16b3c6cbd3346aa3ed61771f3e83ac97
Validity
Not Before: Oct 4 00:51:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c1bede093f9878a7557e400b3c34eb087aab1b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:01:05:5b:50:3b:0d:24:b2:94:37:a4:1e:d7:
44:9e:d1:7c:0f:1c:8e:d5:dd:3f:81:14:ba:cb:30:
48:64:59:70:45:8d:b4:c5:d2:92:a0:ce:a4:7d:9e:
22:93:d9:11:37:bf:6c:2d:5f:e7:0e:4f:3c:87:85:
e4:85:34:61:a2:d2:ab:15:b1:fe:51:70:7e:e4:ae:
ff:f6:b3:28:87:e4:84:4c:e1:d0:25:b0:3f:45:2c:
96:99:cc:20:f6:a9:57:ab:a5:77:04:87:e3:1c:b9:
e3:d9:25:64:1f:a8:64:33:98:4d:76:0b:33:5f:2a:
69:21:a2:d2:26:bc:ab:5f:2c:7d:1d:60:bb:9f:3d:
15:28:22:68:8d:ff:87:6d:3c:66:6a:21:72:43:2b:
c2:6f:b5:46:21:14:c7:28:81:af:f0:73:2a:d9:4a:
39:44:1f:e8:04:bf:84:0c:b6:66:65:57:8a:44:4a:
84:84:b6:72:eb:60:cb:49:3a:5d:63:53:ec:78:18:
84:37:88:c3:40:4f:4a:08:50:19:03:b0:c9:88:ab:
4f:6f:2a:28:41:92:58:58:c2:73:68:86:e2:f4:82:
66:37:af:b2:48:52:ee:0e:32:56:a9:ba:31:aa:ee:
1b:e2:fb:58:54:d9:90:9c:b5:23:be:b1:59:e7:89:
06:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:BE:DE:09:3F:98:78:A7:55:7E:40:0B:3C:34:EB:08:7A:AB:1B:39
X509v3 Authority Key Identifier:
keyid:FD:37:CC:8F:16:B3:C6:CB:D3:34:6A:A3:ED:61:77:1F:3E:83:AC:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_TfMjxazxsvTNGqj7WF3Hz6DrJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/wb7eCT-YeKdVfkALPDTrCHqrGzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/05e17f-d31f-431f-a8bc-7e05ab41b6e4/1/_TfMjxazxsvTNGqj7WF3Hz6DrJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.174.0/24
89.40.212.0/24
109.69.104.0/24
128.127.148.0/24
185.3.238.0/24
185.121.137.0/24
185.137.37.0-185.137.39.255
185.158.242.0/24
185.216.146.0/24
193.32.211.0/24
194.50.234.0/24
195.206.167.0/24
217.146.93.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:1b:22:2c:d8:15:84:98:82:0c:6b:53:ee:09:19:76:70:bc:
26:01:c0:64:e5:f4:fc:d4:20:4f:27:d8:96:a1:3e:f7:16:1a:
4e:25:53:c3:05:59:05:b6:82:5a:23:3c:df:37:03:2e:cb:45:
48:58:5f:52:4e:1f:fe:17:43:80:82:a3:0c:85:98:57:31:30:
ee:1c:cb:38:68:f9:3c:6c:35:22:54:7e:91:5b:c4:27:bd:f3:
52:79:b0:81:8d:af:88:7b:eb:b2:45:b8:ce:de:13:f0:a9:af:
93:27:0f:b1:7d:5e:c8:34:56:06:cd:e7:1f:f4:17:2c:78:3c:
f5:4f:61:71:a2:a4:05:aa:1a:a1:68:d9:1d:da:6c:99:63:54:
a3:c3:fc:c2:bf:d8:54:af:c1:d9:1e:c5:32:4e:9b:1f:01:69:
41:ed:2d:94:32:0b:61:fa:d4:a9:2b:ab:9e:93:0c:23:50:f3:
d7:a4:20:92:07:5d:52:ff:42:8c:75:6d:36:b2:d1:30:70:88:
8c:00:c2:be:cd:98:c3:4a:33:92:74:80:bd:7f:4b:98:7a:2a:
98:d6:25:c2:4f:fb:85:91:ae:97:20:c3:1d:5b:1a:e0:d1:75:
7a:13:51:2e:d6:94:73:63:c2:45:50:68:d1:8b:da:af:b8:ac:
a8:48:10:b2
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYOgejClGanVA3bYnlLVM9gWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMzdjYzhmMTZiM2M2Y2JkMzM0NmFhM2VkNjE3NzFmM2U4
M2FjOTcwHhcNMjIxMDA0MDA1MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWJlZGUwOTNmOTg3OGE3NTU3ZTQwMGIzYzM0ZWIwODdhYWIxYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAEFW1A7DSSylDekHtdEntF8DxyO
1d0/gRS6yzBIZFlwRY20xdKSoM6kfZ4ik9kRN79sLV/nDk88h4XkhTRhotKrFbH+
UXB+5K7/9rMoh+SETOHQJbA/RSyWmcwg9qlXq6V3BIfjHLnj2SVkH6hkM5hNdgsz
XyppIaLSJryrXyx9HWC7nz0VKCJojf+HbTxmaiFyQyvCb7VGIRTHKIGv8HMq2Uo5
RB/oBL+EDLZmZVeKREqEhLZy62DLSTpdY1PseBiEN4jDQE9KCFAZA7DJiKtPbyoo
QZJYWMJzaIbi9IJmN6+ySFLuDjJWqboxqu4b4vtYVNmQnLUjvrFZ54kGWwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFMG+3gk/mHinVX5ACzw06wh6qxs5MB8GA1UdIwQY
MBaAFP03zI8Ws8bL0zRqo+1hdx8+g6yXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMt
N2UwNWFiNDFiNmU0LzEvd2I3ZUNULVllS2RWZmtBTFBEVHJDSHFyR3prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8wNWUxN2YtZDMxZi00MzFmLWE4YmMtN2UwNWFiNDFiNmU0
LzEvX1RmTWp4YXp4c3ZUTkdxajdXRjNIejZEckpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAWSWuAwQA
WSjUAwQAbUVoAwQAgH+UAwQAuQPuAwQAuXmJMAwDBAC5iSUDBAO5iSADBAC5nvID
BAC52JIDBADBINMDBADCMuoDBADDzqcDBADZkl0wDQYJKoZIhvcNAQELBQADggEB
ALobIizYFYSYggxrU+4JGXZwvCYBwGTl9PzUIE8n2JahPvcWGk4lU8MFWQW2gloj
PN83Ay7LRUhYX1JOH/4XQ4CCowyFmFcxMO4cyzho+TxsNSJUfpFbxCe981J5sIGN
r4h767JFuM7eE/Cpr5MnD7F9Xsg0VgbN5x/0Fyx4PPVPYXGipAWqGqFo2R3abJlj
VKPD/MK/2FSvwdkexTJOmx8BaUHtLZQyC2H61Kkrq56TDCNQ89ekIJIHXVL/Qox1
bTay0TBwiIwAwr7NmMNKM5J0gL1/S5h6KpjWJcJP+4WRrpcgwx1bGuDRdXoTUS7W
lHNjwkVQaNGL2q+4rKhIELI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:01:00 2024 by rpki-client on console-fra.rpki-client.org