Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/wXHxWGkWq1F0wSIMlu5pzEP1gS4.roa
File: wXHxWGkWq1F0wSIMlu5pzEP1gS4.roa (raw, json)
Hash identifier: qTAkHzb3lO3/A8kFy1LxopGstpqShu844Rgyugtgp8k=
Subject key identifier: C1:71:F1:58:69:16:AB:51:74:C1:22:0C:96:EE:69:CC:43:F5:81:2E
Certificate issuer: /CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009
Certificate serial: 01890D25F1E50497A99069332DB969D9081E
Authority key identifier: D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/wXHxWGkWq1F0wSIMlu5pzEP1gS4.roa
Signing time: Fri 30 Jun 2023 16:32:17 +0000
ROA not before: Fri 30 Jun 2023 16:32:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206150
IP address blocks: 185.205.132.0/24 maxlen: 24
185.205.132.0/22 maxlen: 22
185.205.134.0/24 maxlen: 24
185.205.133.0/24 maxlen: 24
185.205.135.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0d:25:f1:e5:04:97:a9:90:69:33:2d:b9:69:d9:08:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8915609656f08f7a28d24b7c4ba9b639ca0b009
Validity
Not Before: Jun 30 16:32:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c171f1586916ab5174c1220c96ee69cc43f5812e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:12:47:a1:3d:ea:06:80:82:f5:aa:de:88:b3:
7a:f9:89:a7:78:fb:66:9a:d8:da:3e:08:77:d8:77:
2f:95:f2:db:17:44:4d:f7:55:ec:9a:00:42:07:34:
2d:10:98:07:c8:4d:9d:8b:ca:bf:d1:1f:59:77:7c:
c1:9d:11:f3:0d:44:f9:bd:ce:e3:6f:4c:5a:4c:d2:
38:18:96:c2:52:aa:fa:83:9b:e0:fe:ba:c5:e8:0d:
99:e3:1d:9a:0e:f4:be:1c:5a:07:61:8a:8a:ef:93:
3b:2e:e7:74:36:0c:08:4f:26:03:44:49:9a:4f:47:
3b:37:ac:68:69:6a:ff:2a:d7:ca:26:c7:04:18:0d:
50:92:ef:87:c4:bc:aa:97:37:2e:f4:08:98:85:27:
49:24:e4:8b:56:a4:c1:e8:6a:33:c4:de:df:ba:76:
1d:fb:e1:1c:e5:02:c2:da:88:65:05:c4:45:3c:2c:
5a:95:61:f6:2b:d7:6b:b2:af:9e:47:fc:80:51:e0:
8e:44:29:57:a5:0b:cc:53:2a:7e:5a:85:71:67:d6:
6b:9f:16:52:a4:2e:3c:03:5f:df:c5:bc:dc:40:9c:
a1:2d:71:20:0e:a3:91:c1:eb:1b:e8:24:ed:53:2e:
c1:f0:b6:87:5b:0b:00:e1:fc:24:b6:eb:84:45:58:
e0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:71:F1:58:69:16:AB:51:74:C1:22:0C:96:EE:69:CC:43:F5:81:2E
X509v3 Authority Key Identifier:
keyid:D8:91:56:09:65:6F:08:F7:A2:8D:24:B7:C4:BA:9B:63:9C:A0:B0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JFWCWVvCPeijSS3xLqbY5ygsAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/wXHxWGkWq1F0wSIMlu5pzEP1gS4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/20e8e0-68d3-489e-bcf3-fe4b5e346840/1/2JFWCWVvCPeijSS3xLqbY5ygsAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.132.0/22
Signature Algorithm: sha256WithRSAEncryption
62:83:d6:27:03:95:8c:2b:95:17:3c:8e:f6:ae:53:21:95:fc:
07:ea:ba:14:b0:57:fa:58:04:bf:5d:b8:80:18:9b:61:e2:29:
ba:6b:a9:6b:24:b2:0f:b4:94:98:bf:be:d3:75:49:7d:6c:38:
a9:f3:9c:a7:41:4c:3d:e3:77:c1:95:a7:73:d1:f3:c0:71:51:
f4:2e:98:5c:53:bd:65:b0:d2:bd:9b:9a:d1:79:b4:36:23:25:
98:76:81:3a:11:da:c8:8b:73:d3:93:7a:73:7f:8c:67:c7:01:
13:9b:c1:01:37:51:8b:b6:b4:8d:fa:87:9d:ad:fa:f1:a8:f4:
1a:ef:f0:c6:5c:31:ad:c3:eb:70:1d:de:9c:df:45:d0:87:65:
5f:9e:59:60:63:4b:27:a0:2c:78:1f:2a:c9:9c:27:09:fd:1c:
53:3c:89:88:de:42:02:b2:52:e5:58:92:09:1b:b3:c2:f2:cc:
16:63:f9:21:d1:11:f1:b7:15:a9:f3:2c:43:40:57:3e:e4:24:
1b:5f:0a:d4:d8:f6:d2:14:d9:37:7b:d0:2d:a9:46:72:4d:38:
e5:5f:4d:b6:cf:dd:ef:66:c8:53:e1:59:9d:4d:20:09:0e:29:
e9:1e:0b:36:f2:85:58:eb:dc:68:bb:63:d6:b8:df:9a:c2:70:
9e:62:4e:c4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkNJfHlBJepkGkzLblp2QgeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTE1NjA5NjU2ZjA4ZjdhMjhkMjRiN2M0YmE5YjYzOWNh
MGIwMDkwHhcNMjMwNjMwMTYzMjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTcxZjE1ODY5MTZhYjUxNzRjMTIyMGM5NmVlNjljYzQzZjU4MTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxJHoT3qBoCC9areiLN6+YmnePtm
mtjaPgh32HcvlfLbF0RN91XsmgBCBzQtEJgHyE2di8q/0R9Zd3zBnRHzDUT5vc7j
b0xaTNI4GJbCUqr6g5vg/rrF6A2Z4x2aDvS+HFoHYYqK75M7Lud0NgwITyYDREma
T0c7N6xoaWr/KtfKJscEGA1Qku+HxLyqlzcu9AiYhSdJJOSLVqTB6GozxN7funYd
++Ec5QLC2ohlBcRFPCxalWH2K9drsq+eR/yAUeCORClXpQvMUyp+WoVxZ9ZrnxZS
pC48A1/fxbzcQJyhLXEgDqORwesb6CTtUy7B8LaHWwsA4fwktuuERVjgGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFx8VhpFqtRdMEiDJbuacxD9YEuMB8GA1UdIwQY
MBaAFNiRVgllbwj3oo0kt8S6m2OcoLAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMt
ZmU0YjVlMzQ2ODQwLzEvd1hIeFdHa1dxMUYwd1NJTWx1NXB6RVAxZ1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy8yMGU4ZTAtNjhkMy00ODllLWJjZjMtZmU0YjVlMzQ2ODQw
LzEvMkpGV0NXVnZDUGVpalNTM3hMcWJZNXlnc0FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuc2EMA0G
CSqGSIb3DQEBCwUAA4IBAQBig9YnA5WMK5UXPI72rlMhlfwH6roUsFf6WAS/XbiA
GJth4im6a6lrJLIPtJSYv77TdUl9bDip85ynQUw943fBladz0fPAcVH0LphcU71l
sNK9m5rRebQ2IyWYdoE6EdrIi3PTk3pzf4xnxwETm8EBN1GLtrSN+oedrfrxqPQa
7/DGXDGtw+twHd6c30XQh2VfnllgY0snoCx4HyrJnCcJ/RxTPImI3kICslLlWJIJ
G7PC8swWY/kh0RHxtxWp8yxDQFc+5CQbXwrU2PbSFNk3e9AtqUZyTTjlX022z93v
ZshT4VmdTSAJDinpHgs28oVY69xou2PWuN+awnCeYk7E
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:40 2025 by rpki-client