Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/WHDnMVjTjmK94GNjQeOtgdhtvLM.roa
File: WHDnMVjTjmK94GNjQeOtgdhtvLM.roa (raw, json)
Hash identifier: CRoPAvXoq5n+w4/ERRy71yATo03GEQZ1zu9GmljBpvc=
Subject key identifier: 58:70:E7:31:58:D3:8E:62:BD:E0:63:63:41:E3:AD:81:D8:6D:BC:B3
Certificate issuer: /CN=a0251774d6d874976390a0561b766d4125efe6ec
Certificate serial: 0545BAA6
Authority key identifier: A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/WHDnMVjTjmK94GNjQeOtgdhtvLM.roa
Signing time: Sat 01 Jan 2022 08:00:44 +0000
ROA not before: Sat 01 Jan 2022 08:00:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60363
IP address blocks: 185.225.152.0/24 maxlen: 24
185.225.153.0/24 maxlen: 24
2a0d:e400::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 88455846 (0x545baa6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0251774d6d874976390a0561b766d4125efe6ec
Validity
Not Before: Jan 1 08:00:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5870e73158d38e62bde0636341e3ad81d86dbcb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:84:bb:75:46:b0:8a:24:f0:da:f7:24:11:5a:
b5:2c:61:aa:f9:57:f5:df:3a:91:bd:fe:da:70:14:
dd:8d:d8:b7:dd:1b:09:c7:75:61:42:69:45:bd:2f:
f9:7a:e2:fd:6a:18:0b:1b:74:17:cc:1e:1e:c9:19:
6c:09:40:d3:e8:4a:69:25:f0:e5:e1:5d:3d:95:89:
4b:fd:99:fc:db:cf:14:42:ca:ca:79:84:85:64:f0:
8d:db:c3:fc:de:15:c8:db:27:c7:9f:ad:f7:ba:19:
86:19:e0:0a:2c:8d:a2:45:b6:9d:57:3d:5d:c3:bf:
54:38:cd:53:ad:90:c2:c6:8c:83:1d:f0:e6:43:cf:
16:ac:b5:b3:e8:3d:23:6a:92:a5:8f:92:17:03:52:
6c:c6:af:c8:46:ef:b5:35:2c:21:3f:80:55:9c:a1:
f7:0e:d9:94:7d:51:8e:aa:f4:17:95:e8:b4:42:fe:
34:70:24:87:ed:a2:60:2e:24:71:ae:2c:f0:d7:fe:
71:9d:53:3c:53:a1:2b:b9:62:c1:9e:1a:af:32:f7:
5c:72:84:bb:19:ae:84:a8:c4:4f:b1:6f:8e:3c:7d:
27:f4:1f:0f:e9:bf:af:77:11:00:92:d5:74:a8:0e:
4a:9c:be:57:cb:fa:6d:e5:07:85:72:3b:c6:da:0a:
1d:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:70:E7:31:58:D3:8E:62:BD:E0:63:63:41:E3:AD:81:D8:6D:BC:B3
X509v3 Authority Key Identifier:
keyid:A0:25:17:74:D6:D8:74:97:63:90:A0:56:1B:76:6D:41:25:EF:E6:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/WHDnMVjTjmK94GNjQeOtgdhtvLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/b8b7e4-f4cd-4e06-b81c-c5caa7faed7d/1/oCUXdNbYdJdjkKBWG3ZtQSXv5uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.152.0/23
IPv6:
2a0d:e400::/32
Signature Algorithm: sha256WithRSAEncryption
a5:68:da:9d:c2:95:95:8c:2f:15:81:0f:35:0a:a7:9a:5b:65:
6b:2f:7f:0d:64:ad:dd:73:e8:3d:1d:eb:21:74:5c:1e:f8:bc:
c8:08:76:72:b8:e0:77:e4:a4:e9:ab:5c:27:8e:d1:e6:4f:cd:
77:3d:01:ce:fc:67:84:67:b1:d7:38:05:c3:75:3d:72:93:0a:
e4:2e:04:f0:74:99:a9:33:4b:d8:4a:0e:7a:22:09:98:54:8d:
0d:13:35:b1:9e:74:c6:c2:58:e2:34:30:bc:ec:5f:a2:29:f5:
ea:76:b2:2b:4e:cb:a3:1c:9f:fb:03:ab:3c:f2:f3:d8:47:a7:
c6:32:4e:56:fa:bd:90:a2:95:67:03:3c:25:d8:db:30:e7:df:
14:d9:32:97:4c:b1:66:69:44:98:00:55:ab:61:a4:41:e0:89:
ee:7d:80:63:df:82:7e:fb:54:47:96:89:31:a2:6b:e6:85:91:
66:d6:59:91:e8:a7:c8:db:b4:e6:19:7c:96:e0:10:74:13:d0:
61:aa:1f:5e:0b:de:72:85:08:57:e6:3d:54:e0:25:fb:8f:33:
0d:a2:72:2e:27:bd:f1:7e:73:5d:62:9c:27:a9:6a:14:54:21:
8a:13:67:be:d1:91:7e:4a:5e:3e:ec:b1:55:5a:6c:82:23:8e:
78:f4:37:b6
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBUW6pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MDI1MTc3NGQ2ZDg3NDk3NjM5MGEwNTYxYjc2NmQ0MTI1ZWZlNmVjMB4XDTIyMDEw
MTA4MDA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg3MGU3MzE1OGQz
OGU2MmJkZTA2MzYzNDFlM2FkODFkODZkYmNiMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSEu3VGsIok8Nr3JBFatSxhqvlX9d86kb3+2nAU3Y3Yt90b
Ccd1YUJpRb0v+Xri/WoYCxt0F8weHskZbAlA0+hKaSXw5eFdPZWJS/2Z/NvPFELK
ynmEhWTwjdvD/N4VyNsnx5+t97oZhhngCiyNokW2nVc9XcO/VDjNU62QwsaMgx3w
5kPPFqy1s+g9I2qSpY+SFwNSbMavyEbvtTUsIT+AVZyh9w7ZlH1Rjqr0F5XotEL+
NHAkh+2iYC4kca4s8Nf+cZ1TPFOhK7liwZ4arzL3XHKEuxmuhKjET7Fvjjx9J/Qf
D+m/r3cRAJLVdKgOSpy+V8v6beUHhXI7xtoKHV8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRYcOcxWNOOYr3gY2NB462B2G28szAfBgNVHSMEGDAWgBSgJRd01th0l2OQ
oFYbdm1BJe/m7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29DVVhkTmJZZEpkamtLQldHM1p0UVNYdjV1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWUvYjhiN2U0LWY0Y2QtNGUwNi1iODFjLWM1Y2FhN2ZhZWQ3ZC8x
L1dIRG5NVmpUam1LOTRHTmpRZU90Z2RodHZMTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWUv
YjhiN2U0LWY0Y2QtNGUwNi1iODFjLWM1Y2FhN2ZhZWQ3ZC8xL29DVVhkTmJZZEpk
amtLQldHM1p0UVNYdjV1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbnhmDANBAIAAjAHAwUAKg3kADAN
BgkqhkiG9w0BAQsFAAOCAQEApWjancKVlYwvFYEPNQqnmltlay9/DWSt3XPoPR3r
IXRcHvi8yAh2crjgd+Sk6atcJ47R5k/Ndz0BzvxnhGex1zgFw3U9cpMK5C4E8HSZ
qTNL2EoOeiIJmFSNDRM1sZ50xsJY4jQwvOxfoin16nayK07Loxyf+wOrPPLz2Een
xjJOVvq9kKKVZwM8JdjbMOffFNkyl0yxZmlEmABVq2GkQeCJ7n2AY9+CfvtUR5aJ
MaJr5oWRZtZZkeinyNu05hl8luAQdBPQYaofXgvecoUIV+Y9VOAl+48zDaJyLie9
8X5zXWKcJ6lqFFQhihNnvtGRfkpePuyxVVpsgiOOePQ3tg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:22 2024 by rpki-client on console-ams.rpki-client.org