Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/WvFcdZae88UqdgdF9RhlPtui0TQ.roa
File: WvFcdZae88UqdgdF9RhlPtui0TQ.roa (raw, json)
Hash identifier: ctnLdbff6QotuhvMIb0JCTWCEWxA0kPfp37hI26Pj3Y=
Subject key identifier: 5A:F1:5C:75:96:9E:F3:C5:2A:76:07:45:F5:18:65:3E:DB:A2:D1:34
Certificate issuer: /CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Certificate serial: 0189F96EFE18895AFD67B7B6FC861716CEF1
Authority key identifier: 6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/WvFcdZae88UqdgdF9RhlPtui0TQ.roa
Signing time: Tue 15 Aug 2023 13:42:28 +0000
ROA not before: Tue 15 Aug 2023 13:42:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204702
IP address blocks: 185.157.148.0/22 maxlen: 24
2a0c:f380::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f9:6e:fe:18:89:5a:fd:67:b7:b6:fc:86:17:16:ce:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e37a10a4a0273f41facf7440d59f39ad5eaf64b
Validity
Not Before: Aug 15 13:42:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5af15c75969ef3c52a760745f518653edba2d134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b1:74:a2:04:25:33:60:e2:e2:75:b0:77:7c:
3a:ac:8c:c3:3a:9b:32:a3:1a:19:e7:8f:25:86:d0:
c8:ce:c5:58:fe:9e:25:a6:08:d5:59:40:40:b1:eb:
ea:17:b0:e7:44:9f:b3:ee:8a:1f:80:3c:ae:df:02:
6b:66:91:8c:07:db:73:32:d5:3d:1e:9b:22:cc:7c:
3b:c7:1d:21:e4:23:b5:9e:9a:fb:3a:9a:6a:19:8e:
dd:74:ac:96:57:fd:07:de:fb:52:da:2f:c6:65:76:
ed:67:fa:a6:45:ee:f4:a6:f4:0a:bc:ed:40:42:dc:
b5:57:82:59:9b:a0:65:61:65:9a:2c:97:71:8f:9e:
9a:fa:78:63:3a:ac:77:cc:58:73:98:51:9f:86:34:
86:31:13:e9:b9:56:34:da:d7:73:62:e2:62:9f:4b:
c9:ec:fa:17:3d:9e:b2:68:a0:ce:38:27:27:8c:7f:
f1:6b:60:70:27:6a:6c:13:54:54:8d:25:2c:4c:02:
ab:2d:30:46:ee:80:30:5b:cb:aa:e4:c5:81:3d:79:
06:ea:85:86:3b:32:3a:10:ce:4e:4a:fb:6f:8e:c4:
1c:7e:23:c1:b2:cb:e2:9e:a5:8d:f7:13:18:32:e6:
3a:0d:6b:d8:e8:3d:e7:e2:02:05:52:45:3e:b9:cf:
7b:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:F1:5C:75:96:9E:F3:C5:2A:76:07:45:F5:18:65:3E:DB:A2:D1:34
X509v3 Authority Key Identifier:
keyid:6E:37:A1:0A:4A:02:73:F4:1F:AC:F7:44:0D:59:F3:9A:D5:EA:F6:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bjehCkoCc_QfrPdEDVnzmtXq9ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/WvFcdZae88UqdgdF9RhlPtui0TQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/f0aef3-263d-4f41-8853-18b7eb923a99/1/bjehCkoCc_QfrPdEDVnzmtXq9ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.148.0/22
IPv6:
2a0c:f380::/29
Signature Algorithm: sha256WithRSAEncryption
1e:54:ba:69:0f:24:95:70:b4:30:cc:a4:0b:31:f2:8e:bc:76:
c6:dc:f0:7f:ae:dc:2a:12:03:cb:9d:0d:3c:84:83:a3:2c:bf:
d4:5f:8e:da:96:5f:55:91:4a:d0:5e:b4:fc:a1:c5:29:fb:87:
42:35:8d:c0:dd:05:cc:ac:bf:a6:42:e5:4a:1a:e6:95:d8:65:
a0:42:b0:12:8a:bf:d0:8d:97:8c:7a:ff:4b:f1:29:c6:99:b5:
78:a3:42:1c:78:c9:b2:5c:f5:30:af:b5:b7:b2:a9:5b:b7:89:
fc:d6:ef:17:0d:14:28:df:80:e2:49:c8:50:bb:da:58:e2:ad:
b1:ec:ea:41:87:bb:11:82:e1:66:34:3b:04:a3:8d:70:cb:4c:
cc:88:ff:8a:f6:a1:b7:af:e3:de:89:85:b0:91:12:ec:bc:06:
7e:c7:0b:93:61:93:db:10:e0:d2:6a:ed:f2:f5:4f:ed:ee:05:
43:6a:72:54:0e:4a:81:0f:52:7d:2c:c1:01:39:74:c5:37:80:
bd:4e:ef:b6:e4:f0:2b:e9:7a:0b:eb:33:22:17:ce:ac:64:9d:
3b:68:70:ee:c7:a3:36:1d:d3:9f:6d:ed:c2:44:81:ff:bf:83:
d9:55:e1:a5:c5:87:d6:bf:98:c5:57:45:aa:66:f8:78:a5:10:
41:6e:70:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYn5bv4YiVr9Z7e2/IYXFs7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlMzdhMTBhNGEwMjczZjQxZmFjZjc0NDBkNTlmMzlhZDVl
YWY2NGIwHhcNMjMwODE1MTM0MjI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWYxNWM3NTk2OWVmM2M1MmE3NjA3NDVmNTE4NjUzZWRiYTJkMTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7F0ogQlM2Di4nWwd3w6rIzDOpsy
oxoZ548lhtDIzsVY/p4lpgjVWUBAsevqF7DnRJ+z7oofgDyu3wJrZpGMB9tzMtU9
HpsizHw7xx0h5CO1npr7OppqGY7ddKyWV/0H3vtS2i/GZXbtZ/qmRe70pvQKvO1A
Qty1V4JZm6BlYWWaLJdxj56a+nhjOqx3zFhzmFGfhjSGMRPpuVY02tdzYuJin0vJ
7PoXPZ6yaKDOOCcnjH/xa2BwJ2psE1RUjSUsTAKrLTBG7oAwW8uq5MWBPXkG6oWG
OzI6EM5OSvtvjsQcfiPBssvinqWN9xMYMuY6DWvY6D3n4gIFUkU+uc97mQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFrxXHWWnvPFKnYHRfUYZT7botE0MB8GA1UdIwQY
MBaAFG43oQpKAnP0H6z3RA1Z85rV6vZLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMt
MThiN2ViOTIzYTk5LzEvV3ZGY2RaYWU4OFVxZGdkRjlSaGxQdHVpMFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9mMGFlZjMtMjYzZC00ZjQxLTg4NTMtMThiN2ViOTIzYTk5
LzEvYmplaENrb0NjX1FmclBkRURWbnptdFhxOWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ2UMA0E
AgACMAcDBQMqDPOAMA0GCSqGSIb3DQEBCwUAA4IBAQAeVLppDySVcLQwzKQLMfKO
vHbG3PB/rtwqEgPLnQ08hIOjLL/UX47all9VkUrQXrT8ocUp+4dCNY3A3QXMrL+m
QuVKGuaV2GWgQrASir/QjZeMev9L8SnGmbV4o0IceMmyXPUwr7W3sqlbt4n81u8X
DRQo34DiSchQu9pY4q2x7OpBh7sRguFmNDsEo41wy0zMiP+K9qG3r+PeiYWwkRLs
vAZ+xwuTYZPbEODSau3y9U/t7gVDanJUDkqBD1J9LMEBOXTFN4C9Tu+25PAr6XoL
6zMiF86sZJ07aHDux6M2HdOfbe3CRIH/v4PZVeGlxYfWv5jFV0WqZvh4pRBBbnCe
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:08 2025 by rpki-client