Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8154e3-286b-46a3-b8a5-52356cd5da90/1/wYaC5km3nndtE4S1wF13phLsTmM.roa
File: wYaC5km3nndtE4S1wF13phLsTmM.roa (raw, json)
Hash identifier: izyTPVFTHwnFcx5/AmdIfPplacQRgraz9+Bzqo63rQE=
Subject key identifier: C1:86:82:E6:49:B7:9E:77:6D:13:84:B5:C0:5D:77:A6:12:EC:4E:63
Certificate issuer: /CN=c5224ea45d081d402ffd6bf4dd95e3ff6f2dc481
Certificate serial: 01843829264943CF375F1043B03ABFF7ECB0
Authority key identifier: C5:22:4E:A4:5D:08:1D:40:2F:FD:6B:F4:DD:95:E3:FF:6F:2D:C4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xSJOpF0IHUAv_Wv03ZXj_28txIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8154e3-286b-46a3-b8a5-52356cd5da90/1/wYaC5km3nndtE4S1wF13phLsTmM.roa
Signing time: Wed 02 Nov 2022 11:45:31 +0000
ROA not before: Wed 02 Nov 2022 11:45:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 193.43.27.0/24 maxlen: 24
2001:67c:168::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:38:29:26:49:43:cf:37:5f:10:43:b0:3a:bf:f7:ec:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5224ea45d081d402ffd6bf4dd95e3ff6f2dc481
Validity
Not Before: Nov 2 11:45:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c18682e649b79e776d1384b5c05d77a612ec4e63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:85:e6:2e:6f:66:30:fc:4a:5f:03:d4:ea:ca:
17:67:96:0a:53:84:f2:80:9b:9e:6a:2d:2d:fb:44:
6e:4e:84:a7:00:27:1e:b9:bc:6c:37:3c:dd:16:59:
a3:8e:bd:2d:b6:a8:43:b6:ce:11:cd:e2:43:07:ef:
44:28:84:23:ab:04:6b:1c:30:d5:b9:4a:c2:4f:c8:
db:7b:5b:1e:6b:12:29:5a:9d:85:e1:95:8a:29:28:
3d:96:30:08:e1:b3:d1:c2:54:27:b4:26:9a:46:d2:
52:34:0c:1d:b6:02:08:d1:a8:f3:6e:2d:50:62:00:
f2:8c:7d:13:28:a0:6b:ef:31:b2:94:de:72:78:e1:
75:09:f2:b0:8c:10:44:4f:d4:8b:a0:3d:e6:23:2f:
df:46:ce:8c:a8:38:fd:c7:87:c7:06:2e:59:63:d6:
1d:67:0c:b7:8c:96:8b:55:38:88:6a:9e:80:8b:b0:
81:f8:82:35:1f:ea:dc:a5:ac:f2:74:02:32:0b:1f:
1e:f6:1a:39:03:75:01:04:ea:be:a9:8a:c7:db:48:
a4:13:ab:fe:f7:c7:6d:bb:7d:c2:e5:21:a7:aa:1c:
4e:fb:10:ad:dd:d9:bc:2d:0b:57:16:43:bd:e4:a9:
38:9f:07:7d:1e:b0:13:32:ad:96:78:73:d2:f9:e6:
d2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:86:82:E6:49:B7:9E:77:6D:13:84:B5:C0:5D:77:A6:12:EC:4E:63
X509v3 Authority Key Identifier:
keyid:C5:22:4E:A4:5D:08:1D:40:2F:FD:6B:F4:DD:95:E3:FF:6F:2D:C4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xSJOpF0IHUAv_Wv03ZXj_28txIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8154e3-286b-46a3-b8a5-52356cd5da90/1/wYaC5km3nndtE4S1wF13phLsTmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8154e3-286b-46a3-b8a5-52356cd5da90/1/xSJOpF0IHUAv_Wv03ZXj_28txIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.27.0/24
IPv6:
2001:67c:168::/48
Signature Algorithm: sha256WithRSAEncryption
05:dc:1e:89:2c:43:21:75:30:84:cb:84:42:11:69:3c:ac:02:
e8:5d:2e:03:0f:ba:36:a9:97:e3:4c:53:3d:e7:6e:58:fc:6c:
b5:e4:2d:31:ad:9e:cb:df:87:dd:e8:5e:91:a2:a3:df:f7:b4:
49:55:85:e9:3b:db:73:c2:56:66:80:7b:d6:d6:ed:68:63:5a:
ca:34:5c:bb:39:f9:77:f1:fa:75:91:bb:15:9f:8f:ff:f0:da:
5e:bf:76:27:b5:cd:b3:a7:a3:fd:1b:d0:05:5d:e1:f3:cf:3d:
2e:a7:18:00:cd:dd:20:f4:91:04:8c:53:6f:26:e3:b2:44:48:
b3:2d:94:b6:bf:57:b3:8a:88:53:08:65:a1:ff:89:89:a9:d7:
25:e6:8c:ac:2f:f5:2a:13:87:24:49:5d:69:67:c3:82:35:4b:
9f:ec:29:e0:c5:fa:84:19:75:44:60:e6:2a:07:90:0f:9a:ff:
05:a6:f3:b7:be:5b:a7:cc:31:4f:87:91:1d:de:c5:ab:27:94:
b0:da:cf:c3:b1:3c:64:07:28:db:32:07:e0:8d:99:1c:f4:ea:
6d:61:6c:d6:d8:e0:bf:45:90:99:71:3b:c0:79:60:18:3c:e0:
23:d8:3e:ec:d8:d8:93:62:18:5e:9f:8e:db:22:ab:aa:b8:39:
2f:b1:e0:6c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYQ4KSZJQ883XxBDsDq/9+ywMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1MjI0ZWE0NWQwODFkNDAyZmZkNmJmNGRkOTVlM2ZmNmYy
ZGM0ODEwHhcNMjIxMTAyMTE0NTMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTg2ODJlNjQ5Yjc5ZTc3NmQxMzg0YjVjMDVkNzdhNjEyZWM0ZTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64XmLm9mMPxKXwPU6soXZ5YKU4Ty
gJueai0t+0RuToSnACceubxsNzzdFlmjjr0ttqhDts4RzeJDB+9EKIQjqwRrHDDV
uUrCT8jbe1seaxIpWp2F4ZWKKSg9ljAI4bPRwlQntCaaRtJSNAwdtgII0ajzbi1Q
YgDyjH0TKKBr7zGylN5yeOF1CfKwjBBET9SLoD3mIy/fRs6MqDj9x4fHBi5ZY9Yd
Zwy3jJaLVTiIap6Ai7CB+II1H+rcpazydAIyCx8e9ho5A3UBBOq+qYrH20ikE6v+
98dtu33C5SGnqhxO+xCt3dm8LQtXFkO95Kk4nwd9HrATMq2WeHPS+ebSlwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMGGguZJt553bROEtcBdd6YS7E5jMB8GA1UdIwQY
MBaAFMUiTqRdCB1AL/1r9N2V4/9vLcSBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFNKT3BGMElIVUF2X1d2MDNaWGpfMjh0eElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84MTU0ZTMtMjg2Yi00NmEzLWI4YTUt
NTIzNTZjZDVkYTkwLzEvd1lhQzVrbTNubmR0RTRTMXdGMTNwaExzVG1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84MTU0ZTMtMjg2Yi00NmEzLWI4YTUtNTIzNTZjZDVkYTkw
LzEveFNKT3BGMElIVUF2X1d2MDNaWGpfMjh0eElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwSsbMA8E
AgACMAkDBwAgAQZ8AWgwDQYJKoZIhvcNAQELBQADggEBAAXcHoksQyF1MITLhEIR
aTysAuhdLgMPujapl+NMUz3nblj8bLXkLTGtnsvfh93oXpGio9/3tElVhek723PC
VmaAe9bW7WhjWso0XLs5+Xfx+nWRuxWfj//w2l6/die1zbOno/0b0AVd4fPPPS6n
GADN3SD0kQSMU28m47JESLMtlLa/V7OKiFMIZaH/iYmp1yXmjKwv9SoThyRJXWln
w4I1S5/sKeDF+oQZdURg5ioHkA+a/wWm87e+W6fMMU+HkR3exasnlLDaz8OxPGQH
KNsyB+CNmRz06m1hbNbY4L9FkJlxO8B5YBg84CPYPuzY2JNiGF6fjtsiq6q4OS+x
4Gw=
-----END CERTIFICATE-----
Generated at Wed Apr 16 05:09:04 2025 by rpki-client