Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/HW23a7Wh5Cl1hmATVsrqBmmUCEI.roa
File: HW23a7Wh5Cl1hmATVsrqBmmUCEI.roa (raw, json)
Hash identifier: dfZhup1bfaNSilvOffLLVqpHZmw1pz4e3daMd3DDsRA=
Subject key identifier: 1D:6D:B7:6B:B5:A1:E4:29:75:86:60:13:56:CA:EA:06:69:94:08:42
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 0187DB5F853B5F62CF2607497720AF8B25D6
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/HW23a7Wh5Cl1hmATVsrqBmmUCEI.roa
Signing time: Tue 02 May 2023 07:31:23 +0000
ROA not before: Tue 02 May 2023 07:31:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204818
IP address blocks: 217.16.0.0/20 maxlen: 20
185.158.4.0/22 maxlen: 22
46.182.4.0/22 maxlen: 22
2a05:36c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:5f:85:3b:5f:62:cf:26:07:49:77:20:af:8b:25:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: May 2 07:31:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d6db76bb5a1e4297586601356caea0669940842
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:69:ab:1b:e2:62:b0:2e:87:d4:6e:fa:16:1a:
e6:e5:b5:1d:25:f7:f4:8a:07:d6:cb:bc:af:c2:6c:
fc:b9:ca:65:a5:d9:b5:eb:7d:41:d9:b0:73:e8:2b:
c3:9c:9f:bc:04:21:7b:89:77:3b:31:54:38:9d:6b:
97:07:b7:9b:4d:32:06:6f:f5:73:ed:14:94:55:d1:
aa:ae:f8:d4:9f:b1:e0:80:44:71:0c:06:a6:d4:98:
70:f9:47:53:a0:db:dd:c0:a5:4b:cc:35:a4:70:89:
3b:c4:02:b8:b9:23:3d:65:53:33:77:03:bf:8e:88:
c5:5d:f8:f2:bb:72:36:5f:3e:ac:8a:d9:9b:9b:92:
cb:48:3e:16:ee:48:10:96:ec:2e:f0:03:ae:15:b3:
10:41:90:84:0c:32:c0:87:19:09:ff:50:d4:ba:91:
69:d7:00:b1:8f:72:d4:01:43:97:2e:56:77:27:a1:
92:1c:e2:f4:22:fa:22:ee:be:50:de:16:79:0f:30:
d4:0b:ef:84:65:be:5f:50:fd:61:ac:18:4a:99:c1:
60:db:1b:d2:d8:36:32:ac:ee:5d:0b:16:15:7a:1d:
23:db:a9:e7:da:c2:ac:5d:f1:24:9d:ed:ed:27:9b:
95:a9:24:95:c4:e8:53:3a:95:37:5b:b9:1d:7f:5c:
a0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:6D:B7:6B:B5:A1:E4:29:75:86:60:13:56:CA:EA:06:69:94:08:42
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/HW23a7Wh5Cl1hmATVsrqBmmUCEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.4.0/22
185.158.4.0/22
217.16.0.0/20
IPv6:
2a05:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:d2:07:ac:35:7d:0f:85:81:a2:3e:f5:59:5c:5a:31:54:84:
10:d5:86:06:3c:68:15:f5:5c:cd:6c:f3:81:aa:f0:62:54:96:
00:6d:04:60:06:3c:57:01:3e:0c:9b:f3:7a:d5:04:36:96:02:
a8:a4:3a:b4:b5:90:35:a6:5e:55:e1:61:9d:31:32:72:ed:41:
ab:48:1b:0d:9b:54:ea:37:57:6b:1b:79:14:d9:a9:7c:90:3e:
f4:61:49:ba:8c:0b:1d:ba:b2:59:24:9a:6d:cd:de:52:da:8b:
75:fd:21:20:37:6a:db:5b:4a:1c:2b:bd:a8:91:62:c2:d0:4c:
cf:54:41:09:5e:e8:22:08:3f:83:b0:83:eb:5b:54:18:45:4e:
6f:e4:a9:ad:90:70:03:b7:2c:7c:5c:2b:83:40:98:ca:41:07:
f2:0a:03:a3:7a:44:f8:22:a5:8a:95:c7:4d:38:85:b5:4b:24:
7b:7a:03:37:1b:71:79:75:86:f7:c8:fb:b7:a8:6a:38:bd:1e:
5b:88:b8:89:0a:e9:38:68:b5:7a:75:ca:11:d7:f2:7e:9d:bc:
5a:8e:34:73:22:e5:aa:30:e3:a0:08:76:02:b4:9a:e4:c3:0c:
bf:7b:ba:c2:e5:50:3f:f1:07:53:dd:b8:f3:b3:a5:2e:35:60:
a5:3d:73:44
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYfbX4U7X2LPJgdJdyCviyXWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjMwNTAyMDczMTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDZkYjc2YmI1YTFlNDI5NzU4NjYwMTM1NmNhZWEwNjY5OTQwODQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWmrG+JisC6H1G76Fhrm5bUdJff0
igfWy7yvwmz8ucplpdm1631B2bBz6CvDnJ+8BCF7iXc7MVQ4nWuXB7ebTTIGb/Vz
7RSUVdGqrvjUn7HggERxDAam1Jhw+UdToNvdwKVLzDWkcIk7xAK4uSM9ZVMzdwO/
jojFXfjyu3I2Xz6sitmbm5LLSD4W7kgQluwu8AOuFbMQQZCEDDLAhxkJ/1DUupFp
1wCxj3LUAUOXLlZ3J6GSHOL0Ivoi7r5Q3hZ5DzDUC++EZb5fUP1hrBhKmcFg2xvS
2DYyrO5dCxYVeh0j26nn2sKsXfEkne3tJ5uVqSSVxOhTOpU3W7kdf1ygbQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB1tt2u1oeQpdYZgE1bK6gZplAhCMB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEvSFcyM2E3V2g1Q2wxaG1BVFZzcnFCbW1VQ0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLrYEAwQC
uZ4EAwQE2RAAMA0EAgACMAcDBQMqBTbAMA0GCSqGSIb3DQEBCwUAA4IBAQBm0ges
NX0PhYGiPvVZXFoxVIQQ1YYGPGgV9VzNbPOBqvBiVJYAbQRgBjxXAT4Mm/N61QQ2
lgKopDq0tZA1pl5V4WGdMTJy7UGrSBsNm1TqN1drG3kU2al8kD70YUm6jAsdurJZ
JJptzd5S2ot1/SEgN2rbW0ocK72okWLC0EzPVEEJXugiCD+DsIPrW1QYRU5v5Kmt
kHADtyx8XCuDQJjKQQfyCgOjekT4IqWKlcdNOIW1SyR7egM3G3F5dYb3yPu3qGo4
vR5biLiJCuk4aLV6dcoR1/J+nbxajjRzIuWqMOOgCHYCtJrkwwy/e7rC5VA/8QdT
3bjzs6UuNWClPXNE
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:09:43 2025 by rpki-client