Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/wHfBaGCZrbLNZhbMvWcaJ-T-nnk.roa
File: wHfBaGCZrbLNZhbMvWcaJ-T-nnk.roa (raw, json)
Hash identifier: MHvUidnEbcizeUP8DkDNhHn5LFU891VsA/yFNYchGwI=
Subject key identifier: C0:77:C1:68:60:99:AD:B2:CD:66:16:CC:BD:67:1A:27:E4:FE:9E:79
Certificate issuer: /CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Certificate serial: 0A8179A3
Authority key identifier: 66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/wHfBaGCZrbLNZhbMvWcaJ-T-nnk.roa
Signing time: Sat 01 Jan 2022 05:53:26 +0000
ROA not before: Sat 01 Jan 2022 05:53:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30875
IP address blocks: 185.101.108.0/22 maxlen: 22
185.101.111.240/28 maxlen: 28
2a06:1d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176257443 (0xa8179a3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=661e7174bf9e9ea1b64a92ba65ffcf1e931cce32
Validity
Not Before: Jan 1 05:53:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c077c1686099adb2cd6616ccbd671a27e4fe9e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:35:a5:c4:44:bd:6e:a9:46:78:5c:5b:4a:15:
0a:70:62:e4:2e:e2:4a:42:c7:ff:01:a4:de:39:36:
ab:08:4d:a1:6a:aa:26:89:df:7c:85:36:63:4f:6f:
ae:42:66:31:85:c7:ce:d1:4e:3c:46:12:5e:c3:26:
47:a5:ed:8d:07:1a:3c:c6:5e:6d:3b:ba:61:90:0c:
1a:bb:96:2e:82:87:69:33:c5:1c:18:03:17:42:39:
4e:8f:d3:84:9a:26:ce:34:a3:02:30:e4:4f:e2:25:
2a:ff:45:62:17:97:1e:f6:18:50:cb:09:cd:74:48:
a9:86:e4:c6:fa:09:a0:05:ba:a4:b0:4e:01:ba:5d:
35:03:44:d9:93:5e:8d:a6:e7:8e:e4:ab:13:33:c8:
d1:18:f9:fd:c0:58:37:3f:e0:81:64:4f:96:7a:b3:
f9:74:77:d2:7b:c4:df:75:b6:57:e8:0d:1f:38:75:
88:1e:00:00:81:4e:98:27:65:6e:8f:30:98:18:f7:
54:c6:18:39:f3:93:6a:c2:ca:d2:1a:5f:52:4e:0d:
ee:6f:68:18:3f:47:c8:a1:95:8b:f4:27:4c:78:e7:
4a:1c:91:b3:08:32:d0:69:00:5c:a7:ac:5e:4f:39:
f7:60:c7:55:db:16:ee:46:f0:37:04:32:30:48:e8:
b7:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:77:C1:68:60:99:AD:B2:CD:66:16:CC:BD:67:1A:27:E4:FE:9E:79
X509v3 Authority Key Identifier:
keyid:66:1E:71:74:BF:9E:9E:A1:B6:4A:92:BA:65:FF:CF:1E:93:1C:CE:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zh5xdL-enqG2SpK6Zf_PHpMczjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/wHfBaGCZrbLNZhbMvWcaJ-T-nnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/c27389-de12-4d13-9880-6bd844ea86c7/1/Zh5xdL-enqG2SpK6Zf_PHpMczjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.108.0/22
IPv6:
2a06:1d00::/29
Signature Algorithm: sha256WithRSAEncryption
c1:aa:64:66:90:24:48:4d:be:e3:64:08:ce:3b:6d:54:2f:98:
26:ba:58:b2:f3:a7:12:42:23:80:50:76:be:87:f6:83:03:6d:
b5:f1:a5:cc:c7:f1:0c:39:a6:2f:4c:a2:f2:29:65:d9:10:21:
eb:58:10:da:8d:ff:3e:af:22:a5:fd:f3:f1:d9:48:bb:5d:f5:
d3:ab:cd:23:99:9d:6c:ee:04:dd:fd:54:0a:4e:ea:d2:ca:71:
b5:a1:d8:a8:54:47:53:63:fa:0d:0a:2e:e9:d6:a5:c4:1a:f0:
61:fd:06:23:27:99:3e:bd:08:94:56:8f:fc:59:a2:64:5f:21:
07:c3:27:fe:dd:25:a6:43:d4:29:db:2c:25:b1:71:c9:e3:5d:
cc:8f:72:80:03:73:90:cd:7a:58:28:14:6a:8f:8b:3f:4d:7c:
ab:be:ad:36:c0:c1:9f:5e:4d:31:69:61:7b:86:ca:3e:0e:e7:
c2:4f:05:74:ed:2d:a5:fc:b9:77:c1:aa:00:cb:f8:81:e1:53:
c9:75:ed:36:18:77:a0:be:68:f6:96:48:e0:63:f9:b5:1e:d3:
36:04:12:64:7f:a0:49:10:06:bd:4e:4c:66:61:ab:0a:85:77:
66:40:b3:54:bf:be:87:66:27:8b:e4:67:99:cd:20:21:1b:42:
db:22:00:ad
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECoF5ozANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjFlNzE3NGJmOWU5ZWExYjY0YTkyYmE2NWZmY2YxZTkzMWNjZTMyMB4XDTIyMDEw
MTA1NTMyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzA3N2MxNjg2MDk5
YWRiMmNkNjYxNmNjYmQ2NzFhMjdlNGZlOWU3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALw1pcREvW6pRnhcW0oVCnBi5C7iSkLH/wGk3jk2qwhNoWqq
JonffIU2Y09vrkJmMYXHztFOPEYSXsMmR6XtjQcaPMZebTu6YZAMGruWLoKHaTPF
HBgDF0I5To/ThJomzjSjAjDkT+IlKv9FYheXHvYYUMsJzXRIqYbkxvoJoAW6pLBO
AbpdNQNE2ZNejabnjuSrEzPI0Rj5/cBYNz/ggWRPlnqz+XR30nvE33W2V+gNHzh1
iB4AAIFOmCdlbo8wmBj3VMYYOfOTasLK0hpfUk4N7m9oGD9HyKGVi/QnTHjnShyR
swgy0GkAXKesXk8592DHVdsW7kbwNwQyMEjot3UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTAd8FoYJmtss1mFsy9Zxon5P6eeTAfBgNVHSMEGDAWgBRmHnF0v56eobZK
krpl/88ekxzOMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1poNXhkTC1lbnFHMlNwSzZaZl9QSHBNY3pqSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzEvYzI3Mzg5LWRlMTItNGQxMy05ODgwLTZiZDg0NGVhODZjNy8x
L3dIZkJhR0NacmJMTlpoYk12V2NhSi1ULW5uay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzEv
YzI3Mzg5LWRlMTItNGQxMy05ODgwLTZiZDg0NGVhODZjNy8xL1poNXhkTC1lbnFH
MlNwSzZaZl9QSHBNY3pqSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArllbDANBAIAAjAHAwUDKgYdADAN
BgkqhkiG9w0BAQsFAAOCAQEAwapkZpAkSE2+42QIzjttVC+YJrpYsvOnEkIjgFB2
vof2gwNttfGlzMfxDDmmL0yi8ill2RAh61gQ2o3/Pq8ipf3z8dlIu13106vNI5md
bO4E3f1UCk7q0spxtaHYqFRHU2P6DQou6dalxBrwYf0GIyeZPr0IlFaP/FmiZF8h
B8Mn/t0lpkPUKdssJbFxyeNdzI9ygANzkM16WCgUao+LP018q76tNsDBn15NMWlh
e4bKPg7nwk8FdO0tpfy5d8GqAMv4geFTyXXtNhh3oL5o9pZI4GP5tR7TNgQSZH+g
SRAGvU5MZmGrCoV3ZkCzVL++h2Yni+Rnmc0gIRtC2yIArQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:59 2025 by rpki-client