Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/Wp9FjM5UmGLENhcAhEfVOAZ7mVE.roa
File: Wp9FjM5UmGLENhcAhEfVOAZ7mVE.roa (raw, json)
Hash identifier: gtH01jAkUfS9wjazpSTqjpv0TlnBg6V0DCPDLd/zqEw=
Subject key identifier: 5A:9F:45:8C:CE:54:98:62:C4:36:17:00:84:47:D5:38:06:7B:99:51
Certificate issuer: /CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Certificate serial: 0185720C40DB863623F51A4ACF2975355099
Authority key identifier: 88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/Wp9FjM5UmGLENhcAhEfVOAZ7mVE.roa
Signing time: Mon 02 Jan 2023 10:34:43 +0000
ROA not before: Mon 02 Jan 2023 10:34:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39841
IP address blocks: 185.88.4.0/24 maxlen: 24
185.88.7.0/24 maxlen: 24
185.88.5.0/24 maxlen: 24
185.88.6.0/24 maxlen: 24
2a03:7d20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:0c:40:db:86:36:23:f5:1a:4a:cf:29:75:35:50:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Validity
Not Before: Jan 2 10:34:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a9f458cce549862c43617008447d538067b9951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5c:59:3a:c3:51:3e:cd:25:08:88:31:3b:c7:
1f:e5:a0:37:d7:f6:b9:1d:18:19:75:6a:93:16:d3:
e2:3e:16:b2:ae:68:9c:5d:04:23:cb:66:3e:64:42:
e9:6c:73:ac:5c:52:57:43:3e:d5:bf:5a:6d:6a:d0:
a3:a8:46:bf:ab:aa:86:52:96:35:34:b2:a7:00:2f:
04:06:62:47:af:6c:5f:13:09:9f:be:3b:82:b7:34:
e0:c9:a3:3e:e7:fa:db:72:0c:39:02:f2:ae:d8:45:
af:65:93:34:43:3f:a6:22:f0:f5:9b:f3:f7:96:a7:
bb:e7:79:79:44:15:9f:77:4b:c6:76:fc:f2:ca:62:
b0:d9:7d:ff:e5:e3:17:32:5f:5d:d2:e5:16:bb:7e:
05:d5:af:a7:6f:1e:66:4c:02:d4:4b:df:2a:53:23:
29:46:3d:1e:5b:ea:1a:4b:13:13:48:a9:aa:21:31:
0b:81:2a:56:61:7b:16:3e:62:8c:5c:4f:97:8e:8a:
4f:98:f9:b2:fa:94:d7:18:5d:b4:75:f4:50:a3:08:
c7:d1:dd:34:ce:bc:08:ce:52:f7:5d:fc:23:63:f3:
bf:05:d9:14:cf:89:40:89:28:9a:73:3b:87:07:95:
57:43:65:e2:9b:80:26:97:31:aa:d4:3f:f5:10:e7:
0d:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:9F:45:8C:CE:54:98:62:C4:36:17:00:84:47:D5:38:06:7B:99:51
X509v3 Authority Key Identifier:
keyid:88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/Wp9FjM5UmGLENhcAhEfVOAZ7mVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/iPNC3REnxnrxEWqx-ZfifLTIhOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.4.0/22
IPv6:
2a03:7d20::/32
Signature Algorithm: sha256WithRSAEncryption
01:9a:78:68:a2:4c:05:1c:01:7e:68:b9:57:bf:c8:63:a7:ad:
71:3e:73:7e:77:61:a8:6f:2e:e9:a3:bc:4a:88:0d:91:cf:f6:
f8:a1:1b:0b:40:a7:6e:ec:44:c9:27:52:ac:d1:fa:5e:ff:cb:
7d:e0:3c:b9:0f:0f:57:0f:55:f1:bc:da:ca:07:12:ab:f4:c3:
8f:31:39:ab:0b:55:17:5f:1f:b7:cf:02:c0:6c:44:b2:95:cf:
22:1c:50:7f:d8:9c:64:69:a7:cf:0b:e1:78:69:4c:31:e2:58:
27:0c:08:72:3c:91:97:b8:7f:80:04:0f:98:6d:26:38:2b:ea:
d3:eb:a3:af:6d:11:51:d8:87:d0:c2:43:88:43:bb:ba:99:8c:
5f:76:6a:80:17:1e:39:09:43:0f:4c:d2:db:4c:8f:cc:e1:4f:
ad:ff:8c:af:92:ac:41:2e:fb:64:6f:60:f4:ea:59:a6:b9:e4:
8e:ae:26:67:62:38:4e:1f:28:42:ec:54:c9:7d:83:76:a4:21:
09:fa:15:97:37:ac:c8:54:22:a5:a6:2c:4a:7d:07:31:e0:1a:
fa:a4:56:ef:22:f2:33:91:4a:a5:f2:0c:6c:ce:f2:28:5a:db:
70:cf:f2:c3:67:58:79:36:f7:6b:66:6a:1c:38:f8:21:2d:67:
1a:02:d4:bb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVyDEDbhjYj9RpKzyl1NVCZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4ZjM0MmRkMTEyN2M2N2FmMTExNmFiMWY5OTdlMjdjYjRj
ODg0ZTgwHhcNMjMwMTAyMTAzNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTlmNDU4Y2NlNTQ5ODYyYzQzNjE3MDA4NDQ3ZDUzODA2N2I5OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVxZOsNRPs0lCIgxO8cf5aA31/a5
HRgZdWqTFtPiPhayrmicXQQjy2Y+ZELpbHOsXFJXQz7Vv1ptatCjqEa/q6qGUpY1
NLKnAC8EBmJHr2xfEwmfvjuCtzTgyaM+5/rbcgw5AvKu2EWvZZM0Qz+mIvD1m/P3
lqe753l5RBWfd0vGdvzyymKw2X3/5eMXMl9d0uUWu34F1a+nbx5mTALUS98qUyMp
Rj0eW+oaSxMTSKmqITELgSpWYXsWPmKMXE+XjopPmPmy+pTXGF20dfRQowjH0d00
zrwIzlL3XfwjY/O/BdkUz4lAiSiaczuHB5VXQ2Xim4AmlzGq1D/1EOcNKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFqfRYzOVJhixDYXAIRH1TgGe5lRMB8GA1UdIwQY
MBaAFIjzQt0RJ8Z68RFqsfmX4ny0yIToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVBOQzNSRW54bnJ4RVdxeC1aZmlmTFRJaE9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yNGZkMTUtMjJhOS00YmQ2LWEyMzIt
OGIzNmU5ZDA2M2ExLzEvV3A5RmpNNVVtR0xFTmhjQWhFZlZPQVo3bVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yNGZkMTUtMjJhOS00YmQ2LWEyMzItOGIzNmU5ZDA2M2Ex
LzEvaVBOQzNSRW54bnJ4RVdxeC1aZmlmTFRJaE9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVgEMA0E
AgACMAcDBQAqA30gMA0GCSqGSIb3DQEBCwUAA4IBAQABmnhookwFHAF+aLlXv8hj
p61xPnN+d2Goby7po7xKiA2Rz/b4oRsLQKdu7ETJJ1Ks0fpe/8t94Dy5Dw9XD1Xx
vNrKBxKr9MOPMTmrC1UXXx+3zwLAbESylc8iHFB/2JxkaafPC+F4aUwx4lgnDAhy
PJGXuH+ABA+YbSY4K+rT66OvbRFR2IfQwkOIQ7u6mYxfdmqAFx45CUMPTNLbTI/M
4U+t/4yvkqxBLvtkb2D06lmmueSOriZnYjhOHyhC7FTJfYN2pCEJ+hWXN6zIVCKl
pixKfQcx4Br6pFbvIvIzkUql8gxszvIoWttwz/LDZ1h5NvdrZmocOPghLWcaAtS7
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:52:20 2025 by rpki-client