Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/WVuXhV7rlk6fbmgalhH-qI_iJRc.roa
File: WVuXhV7rlk6fbmgalhH-qI_iJRc.roa (raw, json)
Hash identifier: ZB3+QgkxbmGkTbCTfTHHoDKf3T+P95aqt5h/S6nj1/c=
Subject key identifier: 59:5B:97:85:5E:EB:96:4E:9F:6E:68:1A:96:11:FE:A8:8F:E2:25:17
Certificate issuer: /CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Certificate serial: 018540D6907BE4372E131E0FE6DFC2497852
Authority key identifier: 7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/WVuXhV7rlk6fbmgalhH-qI_iJRc.roa
Signing time: Fri 23 Dec 2022 21:14:41 +0000
ROA not before: Fri 23 Dec 2022 21:14:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41960
IP address blocks: 87.239.96.0/22 maxlen: 22
87.239.100.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:40:d6:90:7b:e4:37:2e:13:1e:0f:e6:df:c2:49:78:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e2eda6952b03e8ba45997be615d7abee1784f83
Validity
Not Before: Dec 23 21:14:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=595b97855eeb964e9f6e681a9611fea88fe22517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:d6:75:31:7f:67:90:45:9b:f2:87:6a:67:3b:
23:52:e7:37:67:c5:08:ac:3f:a4:e1:a1:83:05:cb:
c0:7a:32:1e:a2:ec:7e:8e:67:3a:75:0e:75:74:3e:
d9:fc:ac:2e:e1:37:a0:46:18:a0:a7:3c:89:ab:8b:
49:2f:f9:41:fe:64:d0:c5:26:b8:26:80:45:b4:ab:
1e:64:8a:f1:ae:0e:cf:5b:07:90:25:d8:84:26:d2:
8a:06:b2:ff:e3:0c:eb:0f:f2:16:26:56:4a:28:34:
3a:ed:d9:96:62:02:4d:2d:97:0f:7f:87:88:dc:71:
f2:58:28:d7:59:fc:b6:98:65:c1:db:fc:fa:3a:49:
93:a1:25:df:6d:93:3f:91:da:eb:35:43:5c:08:03:
d9:1e:60:d1:3a:1a:42:d3:18:f9:76:ef:5b:67:2f:
0c:60:48:c7:1a:a3:4d:33:8f:c9:56:c7:ab:ef:f0:
5a:00:4a:a3:55:6b:6e:d5:47:86:c7:47:cf:2e:c9:
81:5a:8d:39:57:61:62:4e:62:20:86:f9:81:e7:19:
19:3b:8d:0e:0c:e5:dc:a6:fd:04:b9:cc:8c:68:0a:
5c:38:25:70:c4:8e:bd:ea:2d:9a:06:25:c0:9d:39:
33:f9:a6:30:d0:39:75:6d:ed:39:16:e5:ed:55:7f:
6f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5B:97:85:5E:EB:96:4E:9F:6E:68:1A:96:11:FE:A8:8F:E2:25:17
X509v3 Authority Key Identifier:
keyid:7E:2E:DA:69:52:B0:3E:8B:A4:59:97:BE:61:5D:7A:BE:E1:78:4F:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fi7aaVKwPoukWZe-YV16vuF4T4M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/WVuXhV7rlk6fbmgalhH-qI_iJRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/380400-dc2e-494a-891a-2f2300b6e3d9/1/fi7aaVKwPoukWZe-YV16vuF4T4M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.96.0/21
Signature Algorithm: sha256WithRSAEncryption
61:e4:a2:2a:f7:ce:6e:64:f7:00:9f:1e:aa:17:02:13:23:29:
e1:10:45:71:73:bf:88:98:13:f2:6a:3b:72:9b:64:52:e3:c0:
6a:47:bd:5d:b2:4b:8c:7b:2b:3b:df:9b:f9:bc:dd:87:ac:a5:
ee:c3:ae:eb:11:2d:59:0c:1a:60:84:1b:0c:43:a8:06:2c:8d:
57:94:3f:0d:fd:77:e3:91:f7:1e:c7:97:8b:12:cc:40:36:51:
c8:20:5a:a3:d4:94:44:bd:a8:f3:8e:a8:d9:39:89:2c:c5:44:
98:9c:e3:ea:8b:c3:a0:65:79:bb:da:f4:d1:46:02:6e:63:23:
be:19:b6:55:e1:43:58:f1:77:6c:35:01:a5:60:fc:83:6c:06:
2c:0a:79:b6:ab:c1:3c:80:9a:bd:40:a2:0f:2e:fb:02:6e:17:
df:1f:55:ab:ea:38:12:82:00:06:a6:54:3a:25:81:44:7a:ec:
50:ca:d7:1b:df:77:98:84:e3:6b:a3:12:f5:7f:2d:ae:77:4b:
0d:e7:18:89:4b:53:e2:66:55:9b:a4:04:2f:44:87:6e:65:e6:
7f:60:11:65:37:a8:a5:04:9d:5c:44:b7:0b:12:14:45:f0:b1:
51:91:40:b1:4d:f7:60:8e:25:5e:68:88:9a:c2:2e:93:20:61:
0a:eb:d2:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVA1pB75DcuEx4P5t/CSXhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMmVkYTY5NTJiMDNlOGJhNDU5OTdiZTYxNWQ3YWJlZTE3
ODRmODMwHhcNMjIxMjIzMjExNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTViOTc4NTVlZWI5NjRlOWY2ZTY4MWE5NjExZmVhODhmZTIyNTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmdZ1MX9nkEWb8odqZzsjUuc3Z8UI
rD+k4aGDBcvAejIeoux+jmc6dQ51dD7Z/Kwu4TegRhigpzyJq4tJL/lB/mTQxSa4
JoBFtKseZIrxrg7PWweQJdiEJtKKBrL/4wzrD/IWJlZKKDQ67dmWYgJNLZcPf4eI
3HHyWCjXWfy2mGXB2/z6OkmToSXfbZM/kdrrNUNcCAPZHmDROhpC0xj5du9bZy8M
YEjHGqNNM4/JVser7/BaAEqjVWtu1UeGx0fPLsmBWo05V2FiTmIghvmB5xkZO40O
DOXcpv0EucyMaApcOCVwxI696i2aBiXAnTkz+aYw0Dl1be05FuXtVX9vwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlbl4Ve65ZOn25oGpYR/qiP4iUXMB8GA1UdIwQY
MBaAFH4u2mlSsD6LpFmXvmFder7heE+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEt
MmYyMzAwYjZlM2Q5LzEvV1Z1WGhWN3JsazZmYm1nYWxoSC1xSV9pSlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zODA0MDAtZGMyZS00OTRhLTg5MWEtMmYyMzAwYjZlM2Q5
LzEvZmk3YWFWS3dQb3VrV1plLVlWMTZ2dUY0VDRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDV+9gMA0G
CSqGSIb3DQEBCwUAA4IBAQBh5KIq985uZPcAnx6qFwITIynhEEVxc7+ImBPyajty
m2RS48BqR71dskuMeys735v5vN2HrKXuw67rES1ZDBpghBsMQ6gGLI1XlD8N/Xfj
kfcex5eLEsxANlHIIFqj1JREvajzjqjZOYksxUSYnOPqi8OgZXm72vTRRgJuYyO+
GbZV4UNY8XdsNQGlYPyDbAYsCnm2q8E8gJq9QKIPLvsCbhffH1Wr6jgSggAGplQ6
JYFEeuxQytcb33eYhONroxL1fy2ud0sN5xiJS1PiZlWbpAQvRIduZeZ/YBFlN6il
BJ1cRLcLEhRF8LFRkUCxTfdgjiVeaIiawi6TIGEK69Jg
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:23:35 2025 by rpki-client