Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/WO88xBKC-MrMvRKrVij_Jz7tLqM.roa
File: WO88xBKC-MrMvRKrVij_Jz7tLqM.roa (raw, json)
Hash identifier: IhyEoRJew2vN1wCkyf37jRJ8Wrsiub4YOXfd+590i9I=
Subject key identifier: 58:EF:3C:C4:12:82:F8:CA:CC:BD:12:AB:56:28:FF:27:3E:ED:2E:A3
Certificate issuer: /CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Certificate serial: 018944A2DCB4A6CEF4BBF8EA0EBAD177EB33
Authority key identifier: 50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/WO88xBKC-MrMvRKrVij_Jz7tLqM.roa
Signing time: Tue 11 Jul 2023 11:07:51 +0000
ROA not before: Tue 11 Jul 2023 11:07:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34370
IP address blocks: 185.164.76.0/24 maxlen: 24
185.164.77.0/24 maxlen: 24
185.164.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:a2:dc:b4:a6:ce:f4:bb:f8:ea:0e:ba:d1:77:eb:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509bc63e68c90932b4fc28997fc3bf78de3b3743
Validity
Not Before: Jul 11 11:07:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58ef3cc41282f8caccbd12ab5628ff273eed2ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:41:fc:1a:f6:64:9e:0d:c1:44:92:30:51:1d:
3b:3b:61:cd:6e:91:17:85:37:29:bc:f7:bd:12:72:
3a:2e:f6:49:aa:e2:06:0c:2c:42:c3:b8:7c:1e:cc:
bf:9f:96:b9:cb:53:2b:7c:47:fa:51:65:ed:32:b4:
9e:3b:b6:be:15:23:2f:ac:61:b6:10:c0:67:c1:98:
86:cc:0d:c7:b5:a4:a0:7d:91:02:b7:29:b6:b0:fc:
b7:11:ec:c1:fe:2c:4c:f6:4e:4e:95:b3:da:ee:0b:
e9:45:35:e2:03:f8:c5:3e:ae:10:b4:83:68:ac:93:
f1:45:9a:2a:e1:7a:ac:da:81:77:8c:9f:0e:4c:fb:
49:51:aa:c8:5f:71:67:c3:c6:be:c6:05:f0:7b:e5:
19:43:33:7f:c8:00:c3:2f:2f:20:81:e5:22:41:13:
6c:03:8e:b5:bd:25:46:7f:78:82:56:64:55:5c:e1:
a2:7e:cb:c6:65:e8:4d:14:03:6e:52:23:2e:4c:40:
91:23:fb:d5:71:23:33:b3:70:19:ae:95:37:05:31:
e1:9e:42:66:70:e7:ce:96:c5:7d:64:5f:ce:6e:40:
62:0b:99:94:f1:2d:69:0f:e7:6a:76:2f:18:06:56:
ad:f5:79:05:6a:3e:06:13:ef:4d:b7:cd:8a:2b:1b:
01:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:EF:3C:C4:12:82:F8:CA:CC:BD:12:AB:56:28:FF:27:3E:ED:2E:A3
X509v3 Authority Key Identifier:
keyid:50:9B:C6:3E:68:C9:09:32:B4:FC:28:99:7F:C3:BF:78:DE:3B:37:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJvGPmjJCTK0_CiZf8O_eN47N0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/WO88xBKC-MrMvRKrVij_Jz7tLqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/34c5b2-b6e3-4b23-a609-16ed3cd0c72a/1/UJvGPmjJCTK0_CiZf8O_eN47N0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.76.0/23
185.164.79.0/24
Signature Algorithm: sha256WithRSAEncryption
79:ac:3f:eb:e5:35:e5:9c:c8:c7:77:73:d2:13:a2:a6:6d:66:
1f:57:ba:0f:c1:bb:17:ab:57:c8:e2:c7:c3:3a:df:c0:85:65:
77:10:ea:d4:82:3d:57:b0:f5:e4:00:19:04:bd:7c:fb:04:33:
10:99:4d:b1:17:33:89:b8:f4:da:d7:e9:74:16:d3:c1:f1:8d:
2c:27:6d:e9:ae:07:eb:ec:e4:ba:f8:c1:83:83:dd:63:e1:e8:
76:ff:5d:df:5d:e5:49:bc:96:e0:4e:96:b2:e3:b8:75:c8:0c:
f9:cd:5a:0c:47:d2:3c:23:ab:2b:ad:3f:d1:4d:d1:d9:c6:12:
3b:b7:80:d4:d5:dc:38:ae:6e:15:a3:35:a2:ec:20:5e:2f:e0:
ed:01:71:51:e7:0a:65:24:34:fe:93:d4:9e:39:58:e7:e2:d2:
28:26:c3:93:20:cc:6d:8e:c5:85:b9:30:08:d9:79:c6:c3:92:
90:f1:94:61:c7:2b:fa:a5:c0:21:83:c1:47:7c:8e:bc:94:80:
5a:ad:eb:eb:36:02:43:8b:ff:5d:13:a0:9a:d1:68:ce:22:44:
36:5a:60:3e:22:5d:20:04:e9:9a:06:eb:83:27:47:45:f8:e0:
ad:c9:b4:99:60:c4:5f:2e:72:ab:f4:a4:9e:79:8a:2b:85:3d:
3e:c6:3b:e2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYlEoty0ps70u/jqDrrRd+szMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWJjNjNlNjhjOTA5MzJiNGZjMjg5OTdmYzNiZjc4ZGUz
YjM3NDMwHhcNMjMwNzExMTEwNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGVmM2NjNDEyODJmOGNhY2NiZDEyYWI1NjI4ZmYyNzNlZWQyZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx0H8GvZkng3BRJIwUR07O2HNbpEX
hTcpvPe9EnI6LvZJquIGDCxCw7h8Hsy/n5a5y1MrfEf6UWXtMrSeO7a+FSMvrGG2
EMBnwZiGzA3HtaSgfZECtym2sPy3EezB/ixM9k5OlbPa7gvpRTXiA/jFPq4QtINo
rJPxRZoq4Xqs2oF3jJ8OTPtJUarIX3Fnw8a+xgXwe+UZQzN/yADDLy8ggeUiQRNs
A461vSVGf3iCVmRVXOGifsvGZehNFANuUiMuTECRI/vVcSMzs3AZrpU3BTHhnkJm
cOfOlsV9ZF/ObkBiC5mU8S1pD+dqdi8YBlat9XkFaj4GE+9Nt82KKxsBqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFjvPMQSgvjKzL0Sq1Yo/yc+7S6jMB8GA1UdIwQY
MBaAFFCbxj5oyQkytPwomX/Dv3jeOzdDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDkt
MTZlZDNjZDBjNzJhLzEvV084OHhCS0MtTXJNdlJLclZpal9Kejd0THFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zNGM1YjItYjZlMy00YjIzLWE2MDktMTZlZDNjZDBjNzJh
LzEvVUp2R1BtakpDVEswX0NpWmY4T19lTjQ3TjBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuaRMAwQA
uaRPMA0GCSqGSIb3DQEBCwUAA4IBAQB5rD/r5TXlnMjHd3PSE6KmbWYfV7oPwbsX
q1fI4sfDOt/AhWV3EOrUgj1XsPXkABkEvXz7BDMQmU2xFzOJuPTa1+l0FtPB8Y0s
J23prgfr7OS6+MGDg91j4eh2/13fXeVJvJbgTpay47h1yAz5zVoMR9I8I6srrT/R
TdHZxhI7t4DU1dw4rm4VozWi7CBeL+DtAXFR5wplJDT+k9SeOVjn4tIoJsOTIMxt
jsWFuTAI2XnGw5KQ8ZRhxyv6pcAhg8FHfI68lIBarevrNgJDi/9dE6Ca0WjOIkQ2
WmA+Il0gBOmaBuuDJ0dF+OCtybSZYMRfLnKr9KSeeYorhT0+xjvi
-----END CERTIFICATE-----
Generated at Mon Apr 21 21:12:21 2025 by rpki-client