Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/Wl2dODx95St1ru8pYE7ANDDKYLY.roa
File: Wl2dODx95St1ru8pYE7ANDDKYLY.roa (raw, json)
Hash identifier: 5gRYZpP03evGbIUV2p6DhWmSCHIxJJjHJX6uIMg7I9Y=
Subject key identifier: 5A:5D:9D:38:3C:7D:E5:2B:75:AE:EF:29:60:4E:C0:34:30:CA:60:B6
Certificate issuer: /CN=f90e719baa4c8310483679fb6a3cb4ce9ac00c09
Certificate serial: 01856D6F55BB8D42F838B5CF8D3929707A96
Authority key identifier: F9:0E:71:9B:AA:4C:83:10:48:36:79:FB:6A:3C:B4:CE:9A:C0:0C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Q5xm6pMgxBINnn7ajy0zprADAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/Wl2dODx95St1ru8pYE7ANDDKYLY.roa
Signing time: Sun 01 Jan 2023 13:04:50 +0000
ROA not before: Sun 01 Jan 2023 13:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205244
IP address blocks: 185.224.100.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:6f:55:bb:8d:42:f8:38:b5:cf:8d:39:29:70:7a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f90e719baa4c8310483679fb6a3cb4ce9ac00c09
Validity
Not Before: Jan 1 13:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a5d9d383c7de52b75aeef29604ec03430ca60b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:40:b8:dd:75:02:f8:0b:2a:48:fb:39:75:bd:
89:29:21:f6:d6:ea:49:38:db:d7:ad:6a:de:ec:7a:
3f:2c:a7:36:9b:01:60:6e:26:13:db:e2:c6:94:f4:
b3:b6:14:33:6f:73:b3:7e:2a:e5:bc:01:dd:24:2c:
d4:cf:bf:22:f6:d7:62:1d:d1:25:e4:92:a2:14:a4:
41:61:f8:de:2c:2a:d6:68:e8:b4:bc:13:bd:7b:4d:
2b:49:e0:12:fe:2a:5a:2c:b6:5a:16:04:cb:d3:64:
f0:ca:a8:9a:5e:09:28:01:e3:7b:57:67:de:a8:3f:
20:bd:82:df:9e:43:92:66:a4:7b:f1:46:00:3c:f1:
72:1c:f2:03:c3:34:80:b1:2b:49:32:9d:72:c4:53:
75:dc:70:a3:04:19:75:44:46:ee:b0:51:2b:23:14:
73:b9:54:07:6e:4c:c0:8d:e6:f2:aa:8a:e2:c1:0c:
f2:bc:46:aa:de:7d:50:39:92:ce:41:dd:1d:0c:6a:
41:20:72:4f:c7:2d:7f:c7:d9:c7:5f:58:06:66:ca:
17:f1:64:4a:94:14:ef:1e:f8:67:f7:f6:6b:75:0a:
fa:ef:d7:12:74:e7:c8:8d:66:21:2d:1e:84:6e:7a:
90:35:ae:ed:51:a9:1b:ad:1c:ae:a1:73:06:19:b5:
89:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:5D:9D:38:3C:7D:E5:2B:75:AE:EF:29:60:4E:C0:34:30:CA:60:B6
X509v3 Authority Key Identifier:
keyid:F9:0E:71:9B:AA:4C:83:10:48:36:79:FB:6A:3C:B4:CE:9A:C0:0C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Q5xm6pMgxBINnn7ajy0zprADAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/Wl2dODx95St1ru8pYE7ANDDKYLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3b27b0-a1a7-4bf5-8cdd-595bfa1e1a9b/1/1-Q5xm6pMgxBINnn7ajy0zprADAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.224.100.0/22
Signature Algorithm: sha256WithRSAEncryption
76:0e:3e:df:08:c0:fe:21:35:d8:17:9c:fb:64:0f:b2:42:0f:
67:a6:07:98:a5:9c:58:85:f6:48:84:a0:0a:e1:f2:36:79:1f:
63:25:0f:48:e1:14:c1:26:71:6d:1a:5d:60:83:be:6e:c7:8d:
74:f6:fc:ce:8f:a1:16:b1:ee:6b:59:a6:47:00:18:7d:7b:c3:
bb:4e:59:df:a1:0d:09:90:48:78:38:ea:24:14:a2:a3:66:c7:
bb:2d:15:9d:5a:33:a5:c6:9d:63:89:3f:d5:10:dd:6d:89:c7:
32:51:2b:2e:f8:62:9a:91:d6:77:4e:b1:35:95:ae:4c:52:20:
f9:37:39:7f:29:e5:9f:11:b2:11:07:65:d4:49:c6:64:d0:0b:
b8:5f:1a:68:dc:28:ee:fc:11:59:50:a0:a3:d3:5e:5a:c7:4f:
b1:e9:a8:c8:96:86:10:96:38:40:8a:51:ce:eb:30:bd:14:68:
dc:ad:92:ce:cd:80:71:dd:5c:0d:1a:b6:ea:e1:66:48:7f:5b:
68:83:93:75:0a:4d:ad:9e:40:3b:20:f0:1e:e5:ed:48:d1:27:
a9:13:e3:91:2c:a8:2b:a3:6a:29:0f:3d:4d:37:14:0b:d2:c7:
15:b0:ff:e5:2f:b3:58:ce:8b:b4:2e:2d:ad:86:3e:56:d6:0a:
da:f2:fe:b9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVtb1W7jUL4OLXPjTkpcHqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MGU3MTliYWE0YzgzMTA0ODM2NzlmYjZhM2NiNGNlOWFj
MDBjMDkwHhcNMjMwMTAxMTMwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTVkOWQzODNjN2RlNTJiNzVhZWVmMjk2MDRlYzAzNDMwY2E2MGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkC43XUC+AsqSPs5db2JKSH21upJ
ONvXrWre7Ho/LKc2mwFgbiYT2+LGlPSzthQzb3OzfirlvAHdJCzUz78i9tdiHdEl
5JKiFKRBYfjeLCrWaOi0vBO9e00rSeAS/ipaLLZaFgTL02TwyqiaXgkoAeN7V2fe
qD8gvYLfnkOSZqR78UYAPPFyHPIDwzSAsStJMp1yxFN13HCjBBl1REbusFErIxRz
uVQHbkzAjebyqoriwQzyvEaq3n1QOZLOQd0dDGpBIHJPxy1/x9nHX1gGZsoX8WRK
lBTvHvhn9/ZrdQr679cSdOfIjWYhLR6EbnqQNa7tUakbrRyuoXMGGbWJXQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFpdnTg8feUrda7vKWBOwDQwymC2MB8GA1UdIwQY
MBaAFPkOcZuqTIMQSDZ5+2o8tM6awAwJMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1RNXhtNnBNZ3hCSU5ubjdhankwenByQURBay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQvM2IyN2IwLWExYTctNGJmNS04Y2Rk
LTU5NWJmYTFlMWE5Yi8xL1dsMmRPRHg5NVN0MXJ1OHBZRTdBTkRES1lMWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvM2IyN2IwLWExYTctNGJmNS04Y2RkLTU5NWJmYTFlMWE5
Yi8xLzEtUTV4bTZwTWd4QklObm43YWp5MHpwckFEQWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAK54GQw
DQYJKoZIhvcNAQELBQADggEBAHYOPt8IwP4hNdgXnPtkD7JCD2emB5ilnFiF9kiE
oArh8jZ5H2MlD0jhFMEmcW0aXWCDvm7HjXT2/M6PoRax7mtZpkcAGH17w7tOWd+h
DQmQSHg46iQUoqNmx7stFZ1aM6XGnWOJP9UQ3W2JxzJRKy74YpqR1ndOsTWVrkxS
IPk3OX8p5Z8RshEHZdRJxmTQC7hfGmjcKO78EVlQoKPTXlrHT7HpqMiWhhCWOECK
Uc7rML0UaNytks7NgHHdXA0aturhZkh/W2iDk3UKTa2eQDsg8B7l7UjRJ6kT45Es
qCujaikPPU03FAvSxxWw/+Uvs1jOi7QuLa2GPlbWCtry/rk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:55 2025 by rpki-client