Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/W1DI93RfypviWUV18jq4YrP3yag.roa
File: W1DI93RfypviWUV18jq4YrP3yag.roa (raw, json)
Hash identifier: dR82xemgu4sGnDc4+qmqfvlm+1ZZKuKBktvHvRT8EeM=
Subject key identifier: 5B:50:C8:F7:74:5F:CA:9B:E2:59:45:75:F2:3A:B8:62:B3:F7:C9:A8
Certificate issuer: /CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Certificate serial: 018570C2DFEBF67505CF889DAE85C117C0E0
Authority key identifier: 8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/W1DI93RfypviWUV18jq4YrP3yag.roa
Signing time: Mon 02 Jan 2023 04:34:57 +0000
ROA not before: Mon 02 Jan 2023 04:34:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39280
IP address blocks: 89.219.44.0/22 maxlen: 22
89.219.40.0/22 maxlen: 22
89.219.40.0/21 maxlen: 21
81.21.80.0/21 maxlen: 21
81.21.80.0/20 maxlen: 20
81.21.88.0/21 maxlen: 21
93.184.224.0/20 maxlen: 20
93.184.224.0/21 maxlen: 21
93.184.232.0/21 maxlen: 21
46.228.176.0/21 maxlen: 21
46.228.176.0/20 maxlen: 20
46.228.184.0/21 maxlen: 21
185.41.202.0/23 maxlen: 23
185.41.200.0/23 maxlen: 23
185.41.200.0/22 maxlen: 22
46.18.64.0/21 maxlen: 21
46.18.64.0/22 maxlen: 22
46.18.68.0/22 maxlen: 22
2a03:ba40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:df:eb:f6:75:05:cf:88:9d:ae:85:c1:17:c0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d4dd2d06d920e403933fdb2cd1984893552579c
Validity
Not Before: Jan 2 04:34:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b50c8f7745fca9be2594575f23ab862b3f7c9a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ab:8c:70:30:99:76:05:0f:0c:fc:32:0e:46:
18:2c:6f:13:da:21:62:38:5f:00:8d:23:b3:91:10:
c2:8f:e0:a3:7b:ec:4a:7b:fc:95:ce:53:86:da:e8:
13:50:9e:b1:8e:bb:0d:55:39:98:7b:53:22:43:c8:
9e:72:8b:89:46:8a:16:73:59:3a:c1:ac:b9:db:cc:
23:a9:72:65:9f:54:b5:b1:2f:06:3b:75:b0:2a:43:
a0:64:47:4c:dc:99:6a:71:c2:dd:af:2b:eb:97:ad:
42:0a:02:5e:7d:b1:51:aa:15:26:45:84:7c:8c:1a:
20:06:bb:13:7c:80:25:aa:f0:f3:83:6e:6f:47:3e:
ae:b2:94:79:9b:3a:6f:a9:fe:02:20:38:44:e6:ff:
6e:ec:12:e8:38:09:ac:45:2e:eb:d3:86:49:94:e1:
55:c1:e8:89:6c:2b:ef:45:85:de:e5:4f:45:fc:23:
db:75:bf:4b:59:62:18:f6:c5:dc:7c:be:2d:7c:89:
5e:90:4f:51:23:43:57:36:3e:c5:07:a7:cd:a3:96:
d2:67:b1:b6:8d:c2:2f:c6:2e:ae:d0:44:40:e3:41:
79:a4:d7:7e:ef:11:0e:0f:aa:58:f4:f8:46:df:09:
4c:5f:f0:bd:79:40:a9:49:08:18:1e:aa:84:52:ba:
e0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:50:C8:F7:74:5F:CA:9B:E2:59:45:75:F2:3A:B8:62:B3:F7:C9:A8
X509v3 Authority Key Identifier:
keyid:8D:4D:D2:D0:6D:92:0E:40:39:33:FD:B2:CD:19:84:89:35:52:57:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jU3S0G2SDkA5M_2yzRmEiTVSV5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/W1DI93RfypviWUV18jq4YrP3yag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/f621a7-e080-4255-926d-32ff31ceec8b/1/jU3S0G2SDkA5M_2yzRmEiTVSV5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.64.0/21
46.228.176.0/20
81.21.80.0/20
89.219.40.0/21
93.184.224.0/20
185.41.200.0/22
IPv6:
2a03:ba40::/32
Signature Algorithm: sha256WithRSAEncryption
55:04:74:08:62:73:5f:70:26:94:0e:11:53:1b:81:10:65:ff:
f2:43:15:b8:7b:ec:8d:f0:8f:5a:40:a2:fd:8b:cd:f7:96:88:
bd:f1:68:50:26:cc:7e:fe:b5:64:9e:43:8d:2b:a1:56:95:c3:
16:bb:89:eb:64:17:88:ed:53:b5:3f:91:51:f2:5e:dd:a9:c0:
87:8a:7d:00:66:f1:50:c4:04:bc:f6:87:85:5b:09:bd:62:eb:
a9:b4:88:77:63:2b:39:c4:5a:35:1e:82:25:d7:bc:2c:86:d6:
a7:08:25:8c:77:21:8d:ea:6f:ac:ba:dd:be:01:46:c2:18:37:
a2:f4:06:90:d8:7a:32:9d:f0:03:3e:98:5e:57:6c:27:8c:9c:
8b:08:85:a9:42:4a:57:00:30:a7:02:cf:df:c4:1c:bb:db:81:
fc:02:b8:20:9f:82:08:b3:43:77:05:84:a5:4e:0c:71:e0:c8:
3d:b8:c8:86:76:09:5e:ff:99:0d:8a:73:a6:6c:83:44:91:b7:
95:48:b1:cc:9c:46:33:35:29:64:59:2a:49:ef:67:f7:f0:65:
51:0b:60:2d:37:18:c6:f7:9e:77:ee:94:8c:7f:ba:0b:1f:8e:
d6:5d:ae:82:04:b9:14:d9:8a:0b:b4:80:a5:28:d1:bb:de:f7:
66:b9:9a:ed
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVwwt/r9nUFz4idroXBF8DgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNGRkMmQwNmQ5MjBlNDAzOTMzZmRiMmNkMTk4NDg5MzU1
MjU3OWMwHhcNMjMwMTAyMDQzNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjUwYzhmNzc0NWZjYTliZTI1OTQ1NzVmMjNhYjg2MmIzZjdjOWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgquMcDCZdgUPDPwyDkYYLG8T2iFi
OF8AjSOzkRDCj+Cje+xKe/yVzlOG2ugTUJ6xjrsNVTmYe1MiQ8iecouJRooWc1k6
way528wjqXJln1S1sS8GO3WwKkOgZEdM3JlqccLdryvrl61CCgJefbFRqhUmRYR8
jBogBrsTfIAlqvDzg25vRz6uspR5mzpvqf4CIDhE5v9u7BLoOAmsRS7r04ZJlOFV
weiJbCvvRYXe5U9F/CPbdb9LWWIY9sXcfL4tfIlekE9RI0NXNj7FB6fNo5bSZ7G2
jcIvxi6u0ERA40F5pNd+7xEOD6pY9PhG3wlMX/C9eUCpSQgYHqqEUrrgSwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFtQyPd0X8qb4llFdfI6uGKz98moMB8GA1UdIwQY
MBaAFI1N0tBtkg5AOTP9ss0ZhIk1UlecMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQt
MzJmZjMxY2VlYzhiLzEvVzFESTkzUmZ5cHZpV1VWMThqcTRZclAzeWFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS9mNjIxYTctZTA4MC00MjU1LTkyNmQtMzJmZjMxY2VlYzhi
LzEvalUzUzBHMlNEa0E1TV8yeXpSbUVpVFZTVjV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDLhJAAwQE
LuSwAwQEURVQAwQDWdsoAwQEXbjgAwQCuSnIMA0EAgACMAcDBQAqA7pAMA0GCSqG
SIb3DQEBCwUAA4IBAQBVBHQIYnNfcCaUDhFTG4EQZf/yQxW4e+yN8I9aQKL9i833
loi98WhQJsx+/rVknkONK6FWlcMWu4nrZBeI7VO1P5FR8l7dqcCHin0AZvFQxAS8
9oeFWwm9YuuptIh3Yys5xFo1HoIl17wshtanCCWMdyGN6m+sut2+AUbCGDei9AaQ
2HoynfADPpheV2wnjJyLCIWpQkpXADCnAs/fxBy724H8Arggn4IIs0N3BYSlTgxx
4Mg9uMiGdgle/5kNinOmbINEkbeVSLHMnEYzNSlkWSpJ72f38GVRC2AtNxjG9553
7pSMf7oLH47WXa6CBLkU2YoLtIClKNG73vdmuZrt
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:02 2025 by rpki-client