Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/W1nImh_-bNnP_nP3ZAaRmuRLJsc.roa
File: W1nImh_-bNnP_nP3ZAaRmuRLJsc.roa (raw, json)
Hash identifier: 2y1yeJLrK5G8b+HxgkiPwhC6Lb6rzJ6vBBr5O7+I63k=
Subject key identifier: 5B:59:C8:9A:1F:FE:6C:D9:CF:FE:73:F7:64:06:91:9A:E4:4B:26:C7
Certificate issuer: /CN=39ae828573f39413f806b51ee040cd34bc5f63ae
Certificate serial: 018571A7A64359D664E5CD25FC947DF73B0C
Authority key identifier: 39:AE:82:85:73:F3:94:13:F8:06:B5:1E:E0:40:CD:34:BC:5F:63:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oa6ChXPzlBP4BrUe4EDNNLxfY64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/W1nImh_-bNnP_nP3ZAaRmuRLJsc.roa
Signing time: Mon 02 Jan 2023 08:44:50 +0000
ROA not before: Mon 02 Jan 2023 08:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197669
IP address blocks: 91.228.242.0/24 maxlen: 24
185.28.212.0/22 maxlen: 24
2a04:3fc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:a6:43:59:d6:64:e5:cd:25:fc:94:7d:f7:3b:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39ae828573f39413f806b51ee040cd34bc5f63ae
Validity
Not Before: Jan 2 08:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b59c89a1ffe6cd9cffe73f76406919ae44b26c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:a0:19:d4:ed:7b:cb:91:16:5a:52:77:11:ec:
c8:76:f4:70:00:0f:fb:a1:44:1a:91:3e:39:20:f2:
b9:8b:28:5d:9f:91:f5:f3:29:7a:69:e1:ed:ba:47:
ca:98:6a:5e:eb:60:11:51:f5:9f:36:8b:91:21:2c:
a8:b3:43:ad:16:fc:ce:7b:40:2a:16:a4:66:45:3b:
76:f0:03:e7:d4:a7:b1:fe:7d:95:4c:91:14:0b:ab:
7f:25:c5:17:89:37:d9:19:76:b9:65:4c:19:7f:59:
55:8e:ae:2c:e3:06:1d:c3:7d:52:4f:34:81:bd:fe:
d8:df:90:bf:ea:8d:67:14:63:81:bc:e1:cc:9e:53:
97:99:08:10:06:5c:dd:8d:7e:ab:83:fc:45:ea:c1:
c2:b8:64:ed:28:67:c2:5c:99:f1:bc:c9:5c:8b:96:
67:ea:af:b0:c3:f1:a6:24:af:1d:c9:c2:35:38:45:
c3:d0:99:35:4d:58:a9:d5:7d:e5:31:27:84:0e:ff:
54:c1:d4:e9:96:3f:ff:45:2f:e5:3c:80:34:4d:1a:
1e:ec:7b:8e:fe:e6:6a:47:9c:71:99:a2:25:87:df:
a9:8e:96:d5:85:a0:a0:94:a8:ad:71:c7:de:4f:23:
17:ab:4d:2a:b6:c6:5e:77:67:9d:c4:45:01:05:e4:
83:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:59:C8:9A:1F:FE:6C:D9:CF:FE:73:F7:64:06:91:9A:E4:4B:26:C7
X509v3 Authority Key Identifier:
keyid:39:AE:82:85:73:F3:94:13:F8:06:B5:1E:E0:40:CD:34:BC:5F:63:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oa6ChXPzlBP4BrUe4EDNNLxfY64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/W1nImh_-bNnP_nP3ZAaRmuRLJsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/b61a1c-ba6f-4327-bacd-89718ebc3847/1/Oa6ChXPzlBP4BrUe4EDNNLxfY64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.242.0/24
185.28.212.0/22
IPv6:
2a04:3fc0::/29
Signature Algorithm: sha256WithRSAEncryption
b4:66:8b:7e:75:2a:19:2b:43:41:60:71:1e:cc:2b:89:37:13:
14:9a:80:cb:c3:da:0b:1a:cb:c8:4d:42:a9:91:28:77:a9:2d:
be:b5:f7:9e:e6:17:d7:83:7a:d9:75:fc:d5:4c:d6:87:fb:01:
12:26:c3:5e:42:5b:8d:0e:05:e4:19:19:33:d6:ac:97:49:06:
96:d2:96:4d:bc:c4:4c:07:c9:4a:4e:32:77:58:7b:92:eb:a9:
de:dc:3e:58:a5:de:96:58:d4:65:c5:fd:cf:30:b0:6c:35:c3:
e7:1e:df:c1:16:16:c4:c0:3e:48:d7:f3:19:6f:3d:e0:9a:4b:
c0:83:e1:30:0c:3b:db:6b:0c:2d:86:a8:49:6e:bd:57:01:7a:
5f:70:13:10:5e:05:a7:54:ba:55:0f:f2:5a:8b:cf:c1:32:07:
2f:89:f5:f9:be:02:fd:7c:41:07:05:68:3f:84:ec:fb:12:f8:
c3:6a:db:ad:fd:0e:0b:19:c3:f9:68:ff:d4:76:cd:e5:69:e6:
fd:72:51:9a:62:fe:33:b5:dc:2b:76:1f:13:b0:ed:67:14:22:
64:fa:7e:bb:b0:b6:a6:41:7e:73:31:44:ec:a6:31:8b:fd:af:
df:ae:5a:f2:7e:2f:5f:0b:22:38:50:c3:c4:f7:69:78:60:8d:
3f:fa:5e:7f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxp6ZDWdZk5c0l/JR99zsMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5YWU4Mjg1NzNmMzk0MTNmODA2YjUxZWUwNDBjZDM0YmM1
ZjYzYWUwHhcNMjMwMTAyMDg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjU5Yzg5YTFmZmU2Y2Q5Y2ZmZTczZjc2NDA2OTE5YWU0NGIyNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqAZ1O17y5EWWlJ3EezIdvRwAA/7
oUQakT45IPK5iyhdn5H18yl6aeHtukfKmGpe62ARUfWfNouRISyos0OtFvzOe0Aq
FqRmRTt28APn1Kex/n2VTJEUC6t/JcUXiTfZGXa5ZUwZf1lVjq4s4wYdw31STzSB
vf7Y35C/6o1nFGOBvOHMnlOXmQgQBlzdjX6rg/xF6sHCuGTtKGfCXJnxvMlci5Zn
6q+ww/GmJK8dycI1OEXD0Jk1TVip1X3lMSeEDv9UwdTplj//RS/lPIA0TRoe7HuO
/uZqR5xxmaIlh9+pjpbVhaCglKitccfeTyMXq00qtsZed2edxEUBBeSDQwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFtZyJof/mzZz/5z92QGkZrkSybHMB8GA1UdIwQY
MBaAFDmugoVz85QT+Aa1HuBAzTS8X2OuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2E2Q2hYUHpsQlA0QnJVZTRFRE5OTHhmWTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iNjFhMWMtYmE2Zi00MzI3LWJhY2Qt
ODk3MThlYmMzODQ3LzEvVzFuSW1oXy1iTm5QX25QM1pBYVJtdVJMSnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iNjFhMWMtYmE2Zi00MzI3LWJhY2QtODk3MThlYmMzODQ3
LzEvT2E2Q2hYUHpsQlA0QnJVZTRFRE5OTHhmWTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+TyAwQC
uRzUMA0EAgACMAcDBQMqBD/AMA0GCSqGSIb3DQEBCwUAA4IBAQC0Zot+dSoZK0NB
YHEezCuJNxMUmoDLw9oLGsvITUKpkSh3qS2+tfee5hfXg3rZdfzVTNaH+wESJsNe
QluNDgXkGRkz1qyXSQaW0pZNvMRMB8lKTjJ3WHuS66ne3D5Ypd6WWNRlxf3PMLBs
NcPnHt/BFhbEwD5I1/MZbz3gmkvAg+EwDDvbawwthqhJbr1XAXpfcBMQXgWnVLpV
D/Jai8/BMgcvifX5vgL9fEEHBWg/hOz7EvjDatut/Q4LGcP5aP/Uds3laeb9clGa
Yv4ztdwrdh8TsO1nFCJk+n67sLamQX5zMUTspjGL/a/frlryfi9fCyI4UMPE92l4
YI0/+l5/
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:07:37 2025 by rpki-client