Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/WT_keCUZuyd8oOXtzVgVJKvejbY.roa
File: WT_keCUZuyd8oOXtzVgVJKvejbY.roa (raw, json)
Hash identifier: AZPszqHUpMaVKKcYJIaBxLSoXUYfLKiJzZJaeJSGWvs=
Subject key identifier: 59:3F:E4:78:25:19:BB:27:7C:A0:E5:ED:CD:58:15:24:AB:DE:8D:B6
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 01842E46004A35C186B642B4D4782BC53D0F
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/WT_keCUZuyd8oOXtzVgVJKvejbY.roa
Signing time: Mon 31 Oct 2022 13:40:50 +0000
ROA not before: Mon 31 Oct 2022 13:40:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28843
IP address blocks: 62.205.192.0/20 maxlen: 20
188.64.176.0/21 maxlen: 21
62.205.192.0/18 maxlen: 18
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:2e:46:00:4a:35:c1:86:b6:42:b4:d4:78:2b:c5:3d:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Oct 31 13:40:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=593fe4782519bb277ca0e5edcd581524abde8db6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:75:b9:86:54:c6:43:00:f5:b4:3e:15:44:76:
0b:89:90:ab:0d:20:fe:00:5b:54:a4:57:0f:5a:ca:
00:f7:84:b9:e6:8c:37:5d:6a:96:b4:33:4d:fa:98:
f1:e8:be:70:80:e8:b2:f5:f4:5e:14:91:0c:93:ae:
ac:ba:9e:e8:8e:5a:6c:97:98:3a:24:1c:31:b7:cc:
6e:61:35:17:62:ae:aa:6a:57:6f:cc:14:c4:46:7e:
73:85:82:d0:3b:7c:2b:f8:ec:d8:b0:2d:07:2b:ef:
27:ee:e9:7e:ce:a4:f2:31:84:9e:8a:79:9d:4a:6c:
39:d8:40:35:de:08:9f:69:50:b1:28:d2:07:74:8a:
26:5a:ca:9a:5f:86:ea:66:94:24:79:d5:ef:13:1d:
87:b5:03:ab:9c:b9:d1:68:e2:eb:89:c2:6a:81:1f:
df:8f:13:c0:85:89:ea:b0:40:8b:73:53:b6:f9:79:
95:d4:90:eb:6a:66:1b:01:6a:fd:d7:81:a2:87:47:
67:32:8a:47:b3:de:20:33:9c:f0:3b:e5:86:cf:71:
21:ec:bd:1a:2b:89:97:1b:5d:3c:c1:48:84:cb:2f:
37:0c:1e:fa:ad:ca:ad:b9:fa:27:6e:25:1b:31:95:
14:1a:7f:df:2d:0c:19:41:71:0f:ca:f9:21:f8:10:
5b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:3F:E4:78:25:19:BB:27:7C:A0:E5:ED:CD:58:15:24:AB:DE:8D:B6
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/WT_keCUZuyd8oOXtzVgVJKvejbY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.205.192.0/18
188.64.176.0/21
Signature Algorithm: sha256WithRSAEncryption
9d:07:f2:4e:be:66:0e:15:59:4c:d9:30:b4:e1:8e:89:4c:69:
b4:3d:ca:fa:48:03:51:75:98:57:18:ab:8b:4f:e4:71:6a:87:
c7:c2:ab:48:ae:a2:62:b7:82:48:76:31:76:a4:3f:77:a6:11:
3d:5f:f8:13:6a:ff:bf:4b:62:d3:ae:53:fe:63:dc:2f:a0:d9:
06:7a:91:45:0f:45:77:e9:aa:26:c5:00:7e:ad:4b:3b:00:e8:
c2:ed:0b:13:f0:67:a0:62:7d:61:f2:a5:46:95:91:c4:13:13:
5b:d5:76:46:dc:e6:ef:92:77:c2:a6:8f:9e:3a:46:b4:b2:b3:
12:16:89:30:c7:7d:b4:71:c6:b5:d1:b8:59:06:92:98:c9:e0:
8e:cf:ce:16:ed:69:0d:85:62:63:f4:f5:cc:c0:ac:9d:2c:57:
11:34:38:83:90:c7:38:1f:ce:ae:ef:26:57:10:d3:8f:5a:94:
ba:cc:4d:15:4f:74:eb:51:b2:8b:d4:50:b4:26:68:77:15:9e:
e1:a1:d5:c4:fb:4e:34:3b:f0:98:eb:18:5e:c8:dd:8a:31:18:
e9:28:ed:f1:57:26:1e:7a:d4:ea:b2:c0:55:f3:17:8e:1e:f9:
e6:42:a1:85:b3:f5:72:ae:bd:5f:88:d9:9a:f5:84:87:76:a5:
a5:f0:f8:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQuRgBKNcGGtkK01HgrxT0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjIxMDMxMTM0MDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTNmZTQ3ODI1MTliYjI3N2NhMGU1ZWRjZDU4MTUyNGFiZGU4ZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3W5hlTGQwD1tD4VRHYLiZCrDSD+
AFtUpFcPWsoA94S55ow3XWqWtDNN+pjx6L5wgOiy9fReFJEMk66sup7ojlpsl5g6
JBwxt8xuYTUXYq6qaldvzBTERn5zhYLQO3wr+OzYsC0HK+8n7ul+zqTyMYSeinmd
Smw52EA13gifaVCxKNIHdIomWsqaX4bqZpQkedXvEx2HtQOrnLnRaOLricJqgR/f
jxPAhYnqsECLc1O2+XmV1JDramYbAWr914Gih0dnMopHs94gM5zwO+WGz3Eh7L0a
K4mXG108wUiEyy83DB76rcqtufonbiUbMZUUGn/fLQwZQXEPyvkh+BBbVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFk/5HglGbsnfKDl7c1YFSSr3o22MB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvV1Rfa2VDVVp1eWQ4b09YdHpWZ1ZKS3ZlamJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGPs3AAwQD
vECwMA0GCSqGSIb3DQEBCwUAA4IBAQCdB/JOvmYOFVlM2TC04Y6JTGm0Pcr6SANR
dZhXGKuLT+RxaofHwqtIrqJit4JIdjF2pD93phE9X/gTav+/S2LTrlP+Y9wvoNkG
epFFD0V36aomxQB+rUs7AOjC7QsT8GegYn1h8qVGlZHEExNb1XZG3ObvknfCpo+e
Oka0srMSFokwx320cca10bhZBpKYyeCOz84W7WkNhWJj9PXMwKydLFcRNDiDkMc4
H86u7yZXENOPWpS6zE0VT3TrUbKL1FC0Jmh3FZ7hodXE+040O/CY6xheyN2KMRjp
KO3xVyYeetTqssBV8xeOHvnmQqGFs/Vyrr1fiNma9YSHdqWl8Pj/
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:23 2023 by rpki-client on console.sobornost.net