Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/wrswVzMLQPL0fSdjIYo-j8736yI.roa
File: wrswVzMLQPL0fSdjIYo-j8736yI.roa (raw, json)
Hash identifier: aFMBP8bBUzFDX8iFBdLQpYxCem4B3FA5Qe9LDZ6QTys=
Subject key identifier: C2:BB:30:57:33:0B:40:F2:F4:7D:27:63:21:8A:3E:8F:CE:F7:EB:22
Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Certificate serial: 018570DE41A77B8CA0FE6C4298A18DB3ECF7
Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/wrswVzMLQPL0fSdjIYo-j8736yI.roa
Signing time: Mon 02 Jan 2023 05:04:52 +0000
ROA not before: Mon 02 Jan 2023 05:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 195.46.38.0/24 maxlen: 24
91.213.115.0/24 maxlen: 24
91.241.6.0/23 maxlen: 24
2001:678:264::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:41:a7:7b:8c:a0:fe:6c:42:98:a1:8d:b3:ec:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Validity
Not Before: Jan 2 05:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2bb3057330b40f2f47d2763218a3e8fcef7eb22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ff:df:e3:ef:17:75:df:00:7b:0b:1d:96:8b:
c7:b1:fb:8f:62:7d:bf:b2:b7:fd:89:30:4c:80:74:
1b:0f:c5:01:2c:8b:66:86:83:cc:c1:ab:9a:41:8e:
b2:f9:7c:74:1b:ea:7b:33:47:ae:c3:9b:d8:85:1d:
a8:a7:b0:e0:12:a8:aa:76:be:70:d1:3f:11:5e:0e:
30:eb:29:98:de:e0:2f:a3:a4:eb:5d:ee:26:5e:d6:
69:8f:53:dd:c0:77:23:9e:eb:c8:7c:b5:2b:60:5b:
79:84:d8:f4:25:32:a9:58:49:4c:7a:02:f3:c7:12:
55:ef:3b:94:dc:94:07:0f:2d:de:f6:71:78:7d:99:
9a:a0:8c:1d:30:33:dc:7a:b4:36:07:4a:d6:4a:9a:
a3:1e:bc:db:f0:61:a4:5c:5d:b5:95:01:59:38:99:
a2:53:d9:99:a1:93:99:c1:ef:13:1b:94:08:fe:7d:
eb:7a:98:36:d7:8b:40:6d:2f:60:01:e6:2d:a8:8a:
03:3e:89:36:c9:66:25:cc:67:77:44:4a:3b:1d:5f:
75:88:5c:e0:b2:f5:ae:f5:02:18:aa:8b:4f:9c:35:
d1:0f:dd:3c:77:25:e4:79:f9:16:5c:db:5c:9a:0d:
24:0c:91:53:db:56:52:0f:9b:fd:6b:4b:db:6b:ae:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BB:30:57:33:0B:40:F2:F4:7D:27:63:21:8A:3E:8F:CE:F7:EB:22
X509v3 Authority Key Identifier:
keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/wrswVzMLQPL0fSdjIYo-j8736yI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.115.0/24
91.241.6.0/23
195.46.38.0/24
IPv6:
2001:678:264::/48
Signature Algorithm: sha256WithRSAEncryption
9a:93:32:92:99:e7:2e:0b:c7:af:01:a6:38:6b:e0:c6:6a:dd:
9a:c1:97:f5:22:3a:2b:1e:79:1e:8e:21:6e:13:90:54:6f:77:
14:7c:40:13:60:c7:9e:f0:b0:98:c3:bb:28:40:e4:54:22:d2:
7c:77:2d:66:1e:72:4e:91:c1:dc:09:f9:d6:62:06:35:b6:84:
30:da:4d:68:c7:74:e7:eb:c5:05:0b:29:cc:81:02:7c:c7:77:
27:23:59:78:ea:90:99:2b:77:63:2b:a8:04:89:07:1f:01:d5:
8a:c0:86:08:66:10:26:07:7f:e9:8a:97:0e:c8:aa:b7:e7:47:
16:a1:a7:30:7c:7b:74:d4:7b:0a:86:7b:73:31:d0:c4:6a:56:
eb:0c:14:40:df:8c:4e:85:82:73:cf:89:e0:3f:45:6f:0a:e3:
11:18:e3:0a:45:67:cf:c8:85:2e:78:e9:b4:81:e3:3d:93:7a:
0b:e7:b9:05:c3:50:1b:b8:18:90:c2:fe:4b:5e:60:21:4b:c2:
ec:be:07:67:56:3e:2a:06:52:02:98:99:cb:63:4d:c1:4d:16:
19:5e:78:4b:30:8f:cf:f1:36:e1:d4:59:fe:cc:4f:86:be:2c:
b1:46:47:3c:f2:64:8c:27:21:1b:28:8f:3e:3b:84:bc:bc:58:
f5:1c:14:61
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVw3kGne4yg/mxCmKGNs+z3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTM4NDliZmYzMzdkZjhiOGIwYmQxYWUyNTJlZTYxMTlk
OGE2MWYwHhcNMjMwMTAyMDUwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJiMzA1NzMzMGI0MGYyZjQ3ZDI3NjMyMThhM2U4ZmNlZjdlYjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx//f4+8Xdd8AewsdlovHsfuPYn2/
srf9iTBMgHQbD8UBLItmhoPMwauaQY6y+Xx0G+p7M0euw5vYhR2op7DgEqiqdr5w
0T8RXg4w6ymY3uAvo6TrXe4mXtZpj1PdwHcjnuvIfLUrYFt5hNj0JTKpWElMegLz
xxJV7zuU3JQHDy3e9nF4fZmaoIwdMDPcerQ2B0rWSpqjHrzb8GGkXF21lQFZOJmi
U9mZoZOZwe8TG5QI/n3repg214tAbS9gAeYtqIoDPok2yWYlzGd3REo7HV91iFzg
svWu9QIYqotPnDXRD908dyXkefkWXNtcmg0kDJFT21ZSD5v9a0vba65ThQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMK7MFczC0Dy9H0nYyGKPo/O9+siMB8GA1UdIwQY
MBaAFBqThJv/M334uLC9GuJS7mEZ2KYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjkt
NDNlNjdkNWQwYTg1LzEvd3Jzd1Z6TUxRUEwwZlNkaklZby1qODczNnlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjktNDNlNjdkNWQwYTg1
LzEvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW9VzAwQB
W/EGAwQAwy4mMA8EAgACMAkDBwAgAQZ4AmQwDQYJKoZIhvcNAQELBQADggEBAJqT
MpKZ5y4Lx68Bpjhr4MZq3ZrBl/UiOiseeR6OIW4TkFRvdxR8QBNgx57wsJjDuyhA
5FQi0nx3LWYeck6RwdwJ+dZiBjW2hDDaTWjHdOfrxQULKcyBAnzHdycjWXjqkJkr
d2MrqASJBx8B1YrAhghmECYHf+mKlw7IqrfnRxahpzB8e3TUewqGe3Mx0MRqVusM
FEDfjE6FgnPPieA/RW8K4xEY4wpFZ8/IhS546bSB4z2TegvnuQXDUBu4GJDC/kte
YCFLwuy+B2dWPioGUgKYmctjTcFNFhleeEswj8/xNuHUWf7MT4a+LLFGRzzyZIwn
IRsojz47hLy8WPUcFGE=
-----END CERTIFICATE-----
Generated at Wed Apr 9 06:28:52 2025 by rpki-client