Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/WQT-CvJHCXMdsRyicOGlcfw5A9E.roa
File: WQT-CvJHCXMdsRyicOGlcfw5A9E.roa (raw, json)
Hash identifier: nK9RFrcOaDoQjgHm8aD/Q5Chuf0o9WQt0GK5j4cWZsE=
Subject key identifier: 59:04:FE:0A:F2:47:09:73:1D:B1:1C:A2:70:E1:A5:71:FC:39:03:D1
Certificate issuer: /CN=5b8a16522ec34b1c5bc4708206cc1963a15bbdb1
Certificate serial: 0188AFEFC108B16F4B1D5E731530E694616B
Authority key identifier: 5B:8A:16:52:2E:C3:4B:1C:5B:C4:70:82:06:CC:19:63:A1:5B:BD:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W4oWUi7DSxxbxHCCBswZY6FbvbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/WQT-CvJHCXMdsRyicOGlcfw5A9E.roa
Signing time: Mon 12 Jun 2023 14:08:25 +0000
ROA not before: Mon 12 Jun 2023 14:08:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212905
IP address blocks: 5.182.247.0/24 maxlen: 24
178.159.35.0/24 maxlen: 24
2a0c:d200::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:af:ef:c1:08:b1:6f:4b:1d:5e:73:15:30:e6:94:61:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b8a16522ec34b1c5bc4708206cc1963a15bbdb1
Validity
Not Before: Jun 12 14:08:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5904fe0af24709731db11ca270e1a571fc3903d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cf:5f:be:41:a5:8e:d5:3f:48:7e:8a:d0:07:
b9:3d:10:15:96:a3:59:51:eb:b9:b9:f8:5d:fd:19:
dc:7d:bd:96:38:d0:8a:11:53:67:c1:fc:1b:3c:37:
02:42:ad:b6:a4:3b:d5:83:ab:1b:03:91:79:75:e4:
e4:73:a5:85:77:d8:e9:71:22:43:0f:07:30:24:e9:
21:33:23:fc:d6:4b:35:40:f7:f4:de:7c:85:97:49:
42:68:82:3b:85:99:fe:bb:f2:b4:6d:99:76:e9:86:
82:7a:d9:9d:8a:38:ae:b4:42:9a:a1:98:30:0e:38:
43:9c:03:3d:41:c1:81:2f:3f:51:8c:21:87:00:a0:
42:61:8a:b5:34:9b:4c:f5:82:2d:df:d3:ee:50:14:
1e:80:40:91:29:a0:ce:62:35:7a:b0:73:7d:1b:ea:
94:ad:3b:83:06:88:0b:10:b2:fe:69:8d:c3:54:f5:
04:48:10:c0:70:81:84:0d:10:9c:3a:14:c4:14:d1:
8d:ae:3c:fa:11:3b:79:de:ec:5e:44:22:e7:88:ae:
0b:e4:42:c0:ee:2d:cd:9d:ec:c6:26:f9:51:c7:40:
25:19:c1:6d:30:cc:3c:17:9e:42:d7:15:3e:3f:77:
69:1d:61:9f:c9:bf:7f:16:12:b8:78:db:97:3d:27:
19:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:04:FE:0A:F2:47:09:73:1D:B1:1C:A2:70:E1:A5:71:FC:39:03:D1
X509v3 Authority Key Identifier:
keyid:5B:8A:16:52:2E:C3:4B:1C:5B:C4:70:82:06:CC:19:63:A1:5B:BD:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W4oWUi7DSxxbxHCCBswZY6FbvbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/WQT-CvJHCXMdsRyicOGlcfw5A9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/34536a-771a-4775-b2bd-cac8ed76a844/1/W4oWUi7DSxxbxHCCBswZY6FbvbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.247.0/24
178.159.35.0/24
IPv6:
2a0c:d200::/48
Signature Algorithm: sha256WithRSAEncryption
41:34:11:28:a9:71:bb:28:af:b8:92:3a:a3:3f:ee:a0:a7:91:
6d:4c:f1:8d:2d:2a:9f:36:27:cc:63:a4:64:46:ff:23:cd:b8:
15:a0:9f:5c:6c:d0:7e:ca:28:29:71:0d:ee:de:98:39:c0:4b:
46:27:ce:17:6d:08:01:eb:53:8d:a3:ed:ca:ac:77:a8:d9:66:
cc:ec:40:17:b7:13:54:ba:52:87:94:93:9a:22:1f:53:fc:ff:
c8:70:1a:63:2b:3b:c0:66:ee:16:f3:6c:55:8c:72:95:eb:e1:
f7:8d:53:9d:4b:b2:30:38:7c:5b:14:82:17:c7:57:5d:58:0d:
4b:df:98:c5:a8:05:12:7b:e4:ae:51:9d:51:3c:b8:0a:56:53:
a1:aa:cf:24:62:a6:db:2d:90:99:d6:35:24:c0:ee:ad:95:09:
d6:36:ad:5b:65:9f:c2:21:91:a2:77:08:15:b5:e2:c2:f4:a5:
e0:ee:a6:0b:9b:37:65:f3:c4:a6:02:fb:b4:7a:a9:49:60:c1:
bf:62:fe:7e:a1:9c:15:bf:4c:26:f6:76:f3:98:f4:db:b6:4a:
7a:4d:6c:a3:40:6b:52:8e:36:7e:f0:ee:99:cc:2e:9b:87:a9:
c3:9e:ad:c6:3a:09:17:49:d6:99:e2:a8:4b:60:65:77:f0:3b:
a2:92:4a:f4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYiv78EIsW9LHV5zFTDmlGFrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOGExNjUyMmVjMzRiMWM1YmM0NzA4MjA2Y2MxOTYzYTE1
YmJkYjEwHhcNMjMwNjEyMTQwODI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTA0ZmUwYWYyNDcwOTczMWRiMTFjYTI3MGUxYTU3MWZjMzkwM2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM9fvkGljtU/SH6K0Ae5PRAVlqNZ
Ueu5ufhd/Rncfb2WONCKEVNnwfwbPDcCQq22pDvVg6sbA5F5deTkc6WFd9jpcSJD
DwcwJOkhMyP81ks1QPf03nyFl0lCaII7hZn+u/K0bZl26YaCetmdijiutEKaoZgw
DjhDnAM9QcGBLz9RjCGHAKBCYYq1NJtM9YIt39PuUBQegECRKaDOYjV6sHN9G+qU
rTuDBogLELL+aY3DVPUESBDAcIGEDRCcOhTEFNGNrjz6ETt53uxeRCLniK4L5ELA
7i3NnezGJvlRx0AlGcFtMMw8F55C1xU+P3dpHWGfyb9/FhK4eNuXPScZuQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFkE/gryRwlzHbEconDhpXH8OQPRMB8GA1UdIwQY
MBaAFFuKFlIuw0scW8RwggbMGWOhW72xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzRvV1VpN0RTeHhieEhDQ0Jzd1pZNkZidmJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8zNDUzNmEtNzcxYS00Nzc1LWIyYmQt
Y2FjOGVkNzZhODQ0LzEvV1FULUN2SkhDWE1kc1J5aWNPR2xjZnc1QTlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8zNDUzNmEtNzcxYS00Nzc1LWIyYmQtY2FjOGVkNzZhODQ0
LzEvVzRvV1VpN0RTeHhieEhDQ0Jzd1pZNkZidmJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABbb3AwQA
sp8jMA8EAgACMAkDBwAqDNIAAAAwDQYJKoZIhvcNAQELBQADggEBAEE0ESipcbso
r7iSOqM/7qCnkW1M8Y0tKp82J8xjpGRG/yPNuBWgn1xs0H7KKClxDe7emDnAS0Yn
zhdtCAHrU42j7cqsd6jZZszsQBe3E1S6UoeUk5oiH1P8/8hwGmMrO8Bm7hbzbFWM
cpXr4feNU51LsjA4fFsUghfHV11YDUvfmMWoBRJ75K5RnVE8uApWU6GqzyRiptst
kJnWNSTA7q2VCdY2rVtln8IhkaJ3CBW14sL0peDupgubN2XzxKYC+7R6qUlgwb9i
/n6hnBW/TCb2dvOY9Nu2SnpNbKNAa1KONn7w7pnMLpuHqcOercY6CRdJ1pniqEtg
ZXfwO6KSSvQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:11 2025 by rpki-client