Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/wmGjTWIhQzRRiqU20snrV4BhV0Q.roa
File: wmGjTWIhQzRRiqU20snrV4BhV0Q.roa (raw, json)
Hash identifier: ztY0bWntBFXIlhAFPYNQWd3f4kqLXTGVuOY/Th0FzXE=
Subject key identifier: C2:61:A3:4D:62:21:43:34:51:8A:A5:36:D2:C9:EB:57:80:61:57:44
Certificate issuer: /CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
Certificate serial: 0DA320DF
Authority key identifier: 9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/wmGjTWIhQzRRiqU20snrV4BhV0Q.roa
Signing time: Sat 01 Jan 2022 03:57:43 +0000
ROA not before: Sat 01 Jan 2022 03:57:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59962
IP address blocks: 194.33.104.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228794591 (0xda320df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c47ee73c28780b12f152cfa259ade3d8ae0d13b
Validity
Not Before: Jan 1 03:57:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c261a34d62214334518aa536d2c9eb5780615744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3a:dd:1f:98:35:46:36:65:1a:02:cf:28:52:
fa:48:b1:8e:18:61:aa:38:3b:68:0e:a8:6b:d2:26:
76:a9:e3:ab:df:3f:2a:a4:7b:59:d0:38:34:7b:92:
87:4a:a7:87:42:6e:60:de:96:cc:55:9d:46:43:31:
f7:e9:b9:cf:01:cb:23:94:27:95:88:73:51:a7:66:
e2:65:30:4d:7a:f4:91:50:da:b5:28:88:96:28:77:
b3:bd:af:be:8d:18:c2:72:b2:9a:46:3e:54:c4:43:
f4:37:f5:b4:df:74:46:57:d8:e1:0e:9f:08:87:4c:
e7:63:cb:b3:32:43:78:66:ab:1b:25:b8:ac:b1:77:
36:d0:22:27:88:46:2d:3f:ea:f6:ac:93:06:8d:ba:
31:dc:72:df:38:25:f4:06:17:6a:d6:82:e1:30:58:
e8:3f:91:53:1e:16:82:00:4a:ed:75:dd:f7:94:5f:
a9:f9:eb:e1:4a:5e:88:55:73:7e:14:81:00:b1:66:
c0:cd:c9:09:98:8f:3e:65:9c:31:ca:6b:ad:75:6e:
1f:09:b1:7d:4e:98:b9:77:30:84:19:96:d2:24:fa:
98:46:3f:95:23:e1:c6:00:e7:43:42:f3:5a:60:c9:
69:c9:af:3a:cd:16:24:36:4d:b8:f4:2b:cc:4f:bd:
d5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:61:A3:4D:62:21:43:34:51:8A:A5:36:D2:C9:EB:57:80:61:57:44
X509v3 Authority Key Identifier:
keyid:9C:47:EE:73:C2:87:80:B1:2F:15:2C:FA:25:9A:DE:3D:8A:E0:D1:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nEfuc8KHgLEvFSz6JZrePYrg0Ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/wmGjTWIhQzRRiqU20snrV4BhV0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/c7c51d-4f90-4087-a13a-f3c1a9a11d73/1/nEfuc8KHgLEvFSz6JZrePYrg0Ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.104.0/24
Signature Algorithm: sha256WithRSAEncryption
73:e1:17:2e:9a:7d:b6:12:a6:9f:d2:a2:8e:af:52:66:a6:cf:
b0:96:e7:96:72:81:fb:ed:6e:21:9d:58:35:80:8b:c1:0a:70:
04:f2:97:e9:80:06:0a:31:2a:f4:44:0a:de:7c:6b:3f:7e:7f:
c8:fa:5c:bd:8f:3d:cc:ac:cb:82:2c:9a:72:5d:f7:1c:7c:08:
83:8b:9a:52:3d:27:f6:76:aa:15:43:46:72:ec:79:bd:64:9f:
25:c8:fe:ff:76:b0:d7:9d:8e:2a:2c:79:3c:d9:66:e3:63:43:
7c:9f:db:53:e7:ec:33:be:24:0b:83:6e:44:44:f8:78:f6:8a:
3f:db:01:2a:41:49:42:48:4d:c3:6a:7f:c9:c8:ff:c7:eb:dc:
58:9c:30:dc:6b:89:ff:2e:0c:14:d9:d3:95:9a:29:92:de:1c:
c7:e9:be:f3:35:78:f2:96:22:7d:1f:9c:9c:58:de:26:fd:78:
08:d8:01:31:7b:43:04:40:44:68:9d:21:81:2b:2f:fa:7d:3e:
32:b2:ed:10:b0:02:76:5a:e1:9f:62:9b:6b:16:b5:04:6e:8c:
e6:cd:e6:c6:7f:88:97:9d:92:a6:25:d2:99:8d:50:da:22:af:
92:28:f8:dd:9a:1d:1d:47:31:94:54:45:d8:3f:47:f2:65:c3:
f2:57:89:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDaMg3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YzQ3ZWU3M2MyODc4MGIxMmYxNTJjZmEyNTlhZGUzZDhhZTBkMTNiMB4XDTIyMDEw
MTAzNTc0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzI2MWEzNGQ2MjIx
NDMzNDUxOGFhNTM2ZDJjOWViNTc4MDYxNTc0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALA63R+YNUY2ZRoCzyhS+kixjhhhqjg7aA6oa9Imdqnjq98/
KqR7WdA4NHuSh0qnh0JuYN6WzFWdRkMx9+m5zwHLI5QnlYhzUadm4mUwTXr0kVDa
tSiIlih3s72vvo0YwnKymkY+VMRD9Df1tN90RlfY4Q6fCIdM52PLszJDeGarGyW4
rLF3NtAiJ4hGLT/q9qyTBo26Mdxy3zgl9AYXataC4TBY6D+RUx4WggBK7XXd95Rf
qfnr4UpeiFVzfhSBALFmwM3JCZiPPmWcMcprrXVuHwmxfU6YuXcwhBmW0iT6mEY/
lSPhxgDnQ0LzWmDJacmvOs0WJDZNuPQrzE+91ZUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTCYaNNYiFDNFGKpTbSyetXgGFXRDAfBgNVHSMEGDAWgBScR+5zwoeAsS8V
LPolmt49iuDROzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25FZnVjOEtIZ0xFdkZTejZKWnJlUFlyZzBUcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvYzdjNTFkLTRmOTAtNDA4Ny1hMTNhLWYzYzFhOWExMWQ3My8x
L3dtR2pUV0loUXpSUmlxVTIwc25yVjRCaFYwUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
YzdjNTFkLTRmOTAtNDA4Ny1hMTNhLWYzYzFhOWExMWQ3My8xL25FZnVjOEtIZ0xF
dkZTejZKWnJlUFlyZzBUcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIhaDANBgkqhkiG9w0BAQsFAAOC
AQEAc+EXLpp9thKmn9Kijq9SZqbPsJbnlnKB++1uIZ1YNYCLwQpwBPKX6YAGCjEq
9EQK3nxrP35/yPpcvY89zKzLgiyacl33HHwIg4uaUj0n9naqFUNGcux5vWSfJcj+
/3aw152OKix5PNlm42NDfJ/bU+fsM74kC4NuRET4ePaKP9sBKkFJQkhNw2p/ycj/
x+vcWJww3GuJ/y4MFNnTlZopkt4cx+m+8zV48pYifR+cnFjeJv14CNgBMXtDBEBE
aJ0hgSsv+n0+MrLtELACdlrhn2Kbaxa1BG6M5s3mxn+Il52SpiXSmY1Q2iKvkij4
3ZodHUcxlFRF2D9H8mXD8leJEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:17:47 2025 by rpki-client