Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/wg2YU_QZtNK4eMRx38XUMyCsqIw.roa
File: wg2YU_QZtNK4eMRx38XUMyCsqIw.roa (raw, json)
Hash identifier: PsdeBypNB//VowSE8u0E9B/SFoaFBYnpQhmIlSbSO7c=
Subject key identifier: C2:0D:98:53:F4:19:B4:D2:B8:78:C4:71:DF:C5:D4:33:20:AC:A8:8C
Certificate issuer: /CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Certificate serial: 01856F1D9C2FE01FCFFFBE61B21C87334ED4
Authority key identifier: 3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/wg2YU_QZtNK4eMRx38XUMyCsqIw.roa
Signing time: Sun 01 Jan 2023 20:54:49 +0000
ROA not before: Sun 01 Jan 2023 20:54:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203299
IP address blocks: 185.135.20.0/24 maxlen: 24
2a06:f080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:9c:2f:e0:1f:cf:ff:be:61:b2:1c:87:33:4e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e46fa1d779c196ceb28029106b4ef7d17553d2b
Validity
Not Before: Jan 1 20:54:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c20d9853f419b4d2b878c471dfc5d43320aca88c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:9b:ae:5d:20:b3:3b:45:1e:7a:5b:9a:d1:d8:
da:6d:f3:36:10:a8:63:a1:59:56:a3:6a:8e:bb:bb:
89:24:67:f4:b6:47:7e:fe:18:76:69:85:71:8a:7e:
b7:55:66:c0:66:50:9b:81:a4:59:f4:a8:30:a7:5c:
a6:86:16:c4:75:9a:50:cf:a5:2d:5a:c9:61:58:18:
7d:48:04:32:dc:05:4e:8e:38:6f:3a:bc:2b:47:26:
c3:fe:4d:7f:9e:52:05:6e:97:a8:14:78:62:22:a3:
e5:80:b6:a1:c4:2d:82:12:d4:09:13:18:f2:31:16:
ee:fb:02:60:4a:dd:d4:bc:56:01:5d:fe:29:07:86:
04:cf:f9:f3:2f:e7:ad:3a:22:01:6a:52:d7:24:d3:
52:4b:c2:ce:4a:d5:ab:6d:bb:2f:03:9a:07:d2:3b:
78:a1:3c:ea:05:a8:92:a5:fb:81:57:e0:dd:40:71:
53:57:33:b6:80:06:f2:85:5c:db:d1:c1:82:73:fc:
6b:46:0d:96:de:65:bb:31:2c:d6:0d:c9:0e:eb:07:
71:df:a5:32:cd:a9:e7:22:fe:03:3f:ba:e9:c1:11:
80:59:bd:4b:7c:a9:78:24:c0:62:ef:b5:9c:7a:a1:
6c:c8:f2:c2:38:47:05:00:1f:c1:6b:65:71:14:dd:
58:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:0D:98:53:F4:19:B4:D2:B8:78:C4:71:DF:C5:D4:33:20:AC:A8:8C
X509v3 Authority Key Identifier:
keyid:3E:46:FA:1D:77:9C:19:6C:EB:28:02:91:06:B4:EF:7D:17:55:3D:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pkb6HXecGWzrKAKRBrTvfRdVPSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/wg2YU_QZtNK4eMRx38XUMyCsqIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/03cb31-62f2-48c7-9b7f-0cd1d28965d1/1/Pkb6HXecGWzrKAKRBrTvfRdVPSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.20.0/24
IPv6:
2a06:f080::/32
Signature Algorithm: sha256WithRSAEncryption
81:4f:2b:5a:5c:83:1d:26:ad:ab:1a:5d:c9:f6:ad:24:46:83:
96:23:45:41:ab:21:b6:85:5d:91:cf:6d:db:90:81:d9:2d:40:
af:4c:ea:0c:d8:d2:2f:9c:82:62:26:c7:a2:83:2f:42:7f:24:
d3:ff:ca:80:08:b3:df:b0:c4:5e:e4:b0:fe:e3:4e:68:36:48:
e9:8d:a6:7e:74:c2:af:76:33:b7:72:a7:bb:6a:7d:a8:b2:17:
89:5f:82:29:ed:14:b2:ea:e1:a2:79:39:7b:f6:34:b7:ed:2f:
79:a8:02:78:90:b8:93:0a:de:48:76:da:8c:58:ec:46:50:0e:
a9:48:17:e3:9b:34:86:d4:d4:8b:46:a3:e5:8e:8d:9c:63:8f:
ce:b5:c3:00:cb:88:80:da:3e:54:3e:3f:09:3e:92:49:14:2a:
b5:90:9c:41:24:e4:ca:68:49:1e:80:23:6b:61:5b:49:c5:e5:
3f:4c:ff:12:89:9b:61:a0:80:05:e3:bc:0c:f5:b6:cc:2c:4d:
cd:0e:7c:f8:c0:7c:b6:e3:14:2e:b6:3d:bf:91:bc:4e:64:ef:
be:38:97:66:3c:44:b2:ff:2b:01:bf:d0:1b:37:ea:bc:7d:11:
fb:78:90:6b:95:a0:cb:f0:c3:80:1b:c2:1b:f5:f4:93:89:ba:
f5:6c:40:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVvHZwv4B/P/75hshyHM07UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNDZmYTFkNzc5YzE5NmNlYjI4MDI5MTA2YjRlZjdkMTc1
NTNkMmIwHhcNMjMwMTAxMjA1NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjBkOTg1M2Y0MTliNGQyYjg3OGM0NzFkZmM1ZDQzMzIwYWNhODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5uuXSCzO0Ueelua0djabfM2EKhj
oVlWo2qOu7uJJGf0tkd+/hh2aYVxin63VWbAZlCbgaRZ9Kgwp1ymhhbEdZpQz6Ut
WslhWBh9SAQy3AVOjjhvOrwrRybD/k1/nlIFbpeoFHhiIqPlgLahxC2CEtQJExjy
MRbu+wJgSt3UvFYBXf4pB4YEz/nzL+etOiIBalLXJNNSS8LOStWrbbsvA5oH0jt4
oTzqBaiSpfuBV+DdQHFTVzO2gAbyhVzb0cGCc/xrRg2W3mW7MSzWDckO6wdx36Uy
zannIv4DP7rpwRGAWb1LfKl4JMBi77WceqFsyPLCOEcFAB/Ba2VxFN1YSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMINmFP0GbTSuHjEcd/F1DMgrKiMMB8GA1UdIwQY
MBaAFD5G+h13nBls6ygCkQa0730XVT0rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2Yt
MGNkMWQyODk2NWQxLzEvd2cyWVVfUVp0Tks0ZU1SeDM4WFVNeUNzcUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8wM2NiMzEtNjJmMi00OGM3LTliN2YtMGNkMWQyODk2NWQx
LzEvUGtiNkhYZWNHV3pyS0FLUkJyVHZmUmRWUFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuYcUMA0E
AgACMAcDBQAqBvCAMA0GCSqGSIb3DQEBCwUAA4IBAQCBTytaXIMdJq2rGl3J9q0k
RoOWI0VBqyG2hV2Rz23bkIHZLUCvTOoM2NIvnIJiJseigy9CfyTT/8qACLPfsMRe
5LD+405oNkjpjaZ+dMKvdjO3cqe7an2osheJX4Ip7RSy6uGieTl79jS37S95qAJ4
kLiTCt5IdtqMWOxGUA6pSBfjmzSG1NSLRqPljo2cY4/OtcMAy4iA2j5UPj8JPpJJ
FCq1kJxBJOTKaEkegCNrYVtJxeU/TP8SiZthoIAF47wM9bbMLE3NDnz4wHy24xQu
tj2/kbxOZO++OJdmPESy/ysBv9AbN+q8fRH7eJBrlaDL8MOAG8Ib9fSTibr1bEDk
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:43 2025 by rpki-client