Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_9z5RpL9W4X9Q3K5m4dq-wgi03w.roa
File: _9z5RpL9W4X9Q3K5m4dq-wgi03w.roa (raw, json)
Hash identifier: v3X+uLOFh5LQ6md+26wam26CD45hulog4tkkXnutfmY=
Subject key identifier: FF:DC:F9:46:92:FD:5B:85:FD:43:72:B9:9B:87:6A:FB:08:22:D3:7C
Certificate issuer: /CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Certificate serial: 0FBCED2B
Authority key identifier: C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_9z5RpL9W4X9Q3K5m4dq-wgi03w.roa
Signing time: Sat 01 Jan 2022 09:57:05 +0000
ROA not before: Sat 01 Jan 2022 09:57:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198412
IP address blocks: 176.124.112.0/23 maxlen: 24
176.124.112.0/24 maxlen: 24
185.187.152.0/24 maxlen: 24
176.124.113.0/24 maxlen: 24
185.187.153.0/24 maxlen: 24
2a05:b0c0::/48 maxlen: 48
2a05:b0c4:1::/48 maxlen: 48
2a05:b0c1::/48 maxlen: 48
2a05:b0c4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 264039723 (0xfbced2b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c228348e9054973d7a5f8193bd4e5c44f67399e1
Validity
Not Before: Jan 1 09:57:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffdcf94692fd5b85fd4372b99b876afb0822d37c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f2:a7:30:93:6c:73:2c:81:c6:0e:62:56:79:
38:cd:67:d9:24:ab:c3:8a:ba:c5:f1:f2:b9:41:d9:
dc:63:ae:8f:c2:c1:ba:9d:c1:2d:56:b3:18:79:a4:
46:47:13:26:7d:46:85:6f:e7:12:2a:83:06:d6:39:
56:ab:7e:c6:6d:56:d7:9e:c9:6e:48:1a:7e:19:20:
44:6e:d1:5d:b7:97:fe:71:83:62:50:09:ac:99:6a:
a3:4c:d5:1a:a4:3f:8b:fd:d6:0e:49:ca:a2:50:54:
2e:f0:85:1f:e6:ab:91:fa:58:b5:6f:85:21:31:df:
17:1a:93:86:f2:7a:96:5c:8d:6a:ad:fe:4d:57:e0:
54:32:46:0d:dc:fd:1a:ed:ca:4b:6e:3b:14:a7:7a:
49:ee:f7:39:ab:2f:00:4c:54:b5:14:5a:47:66:2b:
62:57:81:8a:b0:8a:bb:84:87:4a:64:61:30:d4:52:
4a:90:5c:93:57:90:1b:76:49:a8:62:20:74:7d:37:
af:c4:81:d7:59:ff:31:07:98:c1:c7:77:79:11:75:
80:e5:f4:5a:71:cf:9f:78:c7:be:e0:d4:14:df:8d:
fd:7e:4a:21:54:42:8f:6f:0d:d7:86:52:5a:62:e1:
70:36:23:d1:66:32:82:cb:1e:72:b3:16:d8:98:9d:
b9:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DC:F9:46:92:FD:5B:85:FD:43:72:B9:9B:87:6A:FB:08:22:D3:7C
X509v3 Authority Key Identifier:
keyid:C2:28:34:8E:90:54:97:3D:7A:5F:81:93:BD:4E:5C:44:F6:73:99:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wig0jpBUlz16X4GTvU5cRPZzmeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/_9z5RpL9W4X9Q3K5m4dq-wgi03w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/f16794-91ad-4984-9c6c-e88fff82d553/1/wig0jpBUlz16X4GTvU5cRPZzmeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.112.0/23
185.187.152.0/23
IPv6:
2a05:b0c0::/48
2a05:b0c1::/48
2a05:b0c4::/47
Signature Algorithm: sha256WithRSAEncryption
1a:c0:56:5a:fb:a0:f8:c1:b1:e1:16:6c:d4:fc:ee:cc:2e:bd:
dd:82:e9:b6:cd:e4:aa:36:b3:fc:f3:e2:91:d1:a5:ff:25:3e:
bf:a0:cc:b7:14:4c:bc:a2:09:dc:58:aa:2d:99:89:d0:b5:b5:
4b:21:23:b3:32:40:d0:29:04:d3:4e:8c:ed:60:bd:0d:b8:4a:
78:08:bf:4a:a4:b9:20:a3:a4:01:2d:80:a7:c5:c0:26:4b:88:
a1:5b:e8:07:31:ad:f9:55:31:12:60:e7:de:2d:6b:f3:c6:ae:
2d:a4:fc:8e:60:56:06:56:d1:0d:f2:2b:0b:12:63:6d:99:1e:
93:b1:0f:33:54:d4:88:9b:26:c1:6f:76:c3:e3:82:20:00:2e:
27:22:04:10:77:f8:91:c6:b1:b9:2a:ba:a1:f1:c2:bd:de:77:
6c:01:df:ec:4f:71:23:be:12:19:67:ce:99:48:df:50:36:ed:
16:e3:9a:26:44:dd:b6:ea:98:04:08:19:19:8a:3f:c2:55:f7:
62:45:1c:f5:ec:1d:33:bb:f2:d2:b5:a5:3d:a8:67:16:5a:b5:
d3:33:ec:76:f6:73:8c:e3:46:a2:24:35:fd:61:20:1e:0b:ac:
d5:48:32:04:d4:6b:54:76:64:c0:95:b0:2c:ed:73:95:2c:92:
17:94:2e:57
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgIED7ztKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MjI4MzQ4ZTkwNTQ5NzNkN2E1ZjgxOTNiZDRlNWM0NGY2NzM5OWUxMB4XDTIyMDEw
MTA5NTcwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmZkY2Y5NDY5MmZk
NWI4NWZkNDM3MmI5OWI4NzZhZmIwODIyZDM3YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHypzCTbHMsgcYOYlZ5OM1n2SSrw4q6xfHyuUHZ3GOuj8LB
up3BLVazGHmkRkcTJn1GhW/nEiqDBtY5Vqt+xm1W157JbkgafhkgRG7RXbeX/nGD
YlAJrJlqo0zVGqQ/i/3WDknKolBULvCFH+arkfpYtW+FITHfFxqThvJ6llyNaq3+
TVfgVDJGDdz9Gu3KS247FKd6Se73OasvAExUtRRaR2YrYleBirCKu4SHSmRhMNRS
SpBck1eQG3ZJqGIgdH03r8SB11n/MQeYwcd3eRF1gOX0WnHPn3jHvuDUFN+N/X5K
IVRCj28N14ZSWmLhcDYj0WYygssecrMW2JiduXECAwEAAaOCAjIwggIuMB0GA1Ud
DgQWBBT/3PlGkv1bhf1Dcrmbh2r7CCLTfDAfBgNVHSMEGDAWgBTCKDSOkFSXPXpf
gZO9TlxE9nOZ4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dpZzBqcEJVbHoxNlg0R1R2VTVjUlBaem1lRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2MvZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8x
L185ejVScEw5VzRYOVEzSzVtNGRxLXdnaTAzdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Mv
ZjE2Nzk0LTkxYWQtNDk4NC05YzZjLWU4OGZmZjgyZDU1My8xL3dpZzBqcEJVbHox
Nlg0R1R2VTVjUlBaem1lRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBI
BggrBgEFBQcBBwEB/wQ5MDcwEgQCAAEwDAMEAbB8cAMEAbm7mDAhBAIAAjAbAwcA
KgWwwAAAAwcAKgWwwQAAAwcBKgWwxAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAawFZa
+6D4wbHhFmzU/O7MLr3dgum2zeSqNrP88+KR0aX/JT6/oMy3FEy8ogncWKotmYnQ
tbVLISOzMkDQKQTTToztYL0NuEp4CL9KpLkgo6QBLYCnxcAmS4ihW+gHMa35VTES
YOfeLWvzxq4tpPyOYFYGVtEN8isLEmNtmR6TsQ8zVNSImybBb3bD44IgAC4nIgQQ
d/iRxrG5Krqh8cK93ndsAd/sT3EjvhIZZ86ZSN9QNu0W45omRN226pgECBkZij/C
VfdiRRz17B0zu/LStaU9qGcWWrXTM+x29nOM40aiJDX9YSAeC6zVSDIE1GtUdmTA
lbAs7XOVLJIXlC5X
-----END CERTIFICATE-----
Generated at Fri Apr 11 11:59:55 2025 by rpki-client