Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/W79mRoyu5L_Wc4NAgZD1XMvlRLE.roa
File: W79mRoyu5L_Wc4NAgZD1XMvlRLE.roa (raw, json)
Hash identifier: hEEXarEAuJCdsEWkvtQKr93m8LPYmFc0XpH0zu1g31w=
Subject key identifier: 5B:BF:66:46:8C:AE:E4:BF:D6:73:83:40:81:90:F5:5C:CB:E5:44:B1
Certificate issuer: /CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Certificate serial: 01856CEF10AE984944F305A44C1451B4C9B5
Authority key identifier: 34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/W79mRoyu5L_Wc4NAgZD1XMvlRLE.roa
Signing time: Sun 01 Jan 2023 10:44:44 +0000
ROA not before: Sun 01 Jan 2023 10:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8449
IP address blocks: 185.54.252.0/22 maxlen: 24
212.42.96.0/19 maxlen: 24
77.95.56.0/21 maxlen: 24
31.192.249.0/24 maxlen: 24
31.192.248.0/21 maxlen: 24
94.143.192.0/21 maxlen: 24
5.57.8.0/21 maxlen: 24
2a00:7160::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ef:10:ae:98:49:44:f3:05:a4:4c:14:51:b4:c9:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Validity
Not Before: Jan 1 10:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bbf66468caee4bfd67383408190f55ccbe544b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:67:53:d0:c2:54:f7:48:ed:db:5d:7c:f8:9b:
00:e5:1e:55:18:0c:98:ed:57:3e:bd:f0:27:06:74:
25:6f:8e:78:40:24:50:0a:ba:f9:c4:d5:0e:e4:a7:
a3:ed:49:96:cc:51:1a:f2:10:6a:19:fc:63:44:b3:
eb:ce:ff:db:87:a2:91:99:a1:b9:f5:a6:e7:5b:2e:
57:8e:cc:95:7b:c7:5e:0d:4c:e4:82:be:da:2a:7c:
5c:0c:cb:43:ab:85:28:6e:de:8b:77:41:59:5a:06:
0f:46:d8:43:ca:dd:d1:71:b7:1d:e6:4d:2d:ff:42:
62:fe:87:21:df:73:0d:2d:0a:fc:a1:4d:20:08:4e:
59:ba:68:ae:65:a0:fa:7b:66:8b:c2:c0:16:93:c3:
5d:af:86:b5:3d:28:0e:15:65:65:93:32:ac:42:27:
a2:70:64:5c:9f:7f:4b:17:d2:78:29:6e:47:a6:8a:
73:b3:99:20:91:44:cb:87:00:43:c9:2a:ba:12:b8:
4a:33:f1:9f:ba:64:af:d4:64:76:da:e0:17:e7:98:
66:b5:0a:3f:99:2b:72:54:46:6c:01:03:30:e9:bb:
46:47:b0:f3:4c:af:f9:dc:a8:c8:be:f9:a3:9d:58:
c7:8d:14:69:70:bf:99:fe:a5:ce:17:66:63:1c:04:
92:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:BF:66:46:8C:AE:E4:BF:D6:73:83:40:81:90:F5:5C:CB:E5:44:B1
X509v3 Authority Key Identifier:
keyid:34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/W79mRoyu5L_Wc4NAgZD1XMvlRLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.8.0/21
31.192.248.0/21
77.95.56.0/21
94.143.192.0/21
185.54.252.0/22
212.42.96.0/19
IPv6:
2a00:7160::/32
Signature Algorithm: sha256WithRSAEncryption
04:b3:0b:cb:32:8f:a1:6d:28:47:bc:02:f3:ce:dc:5b:3b:c7:
00:00:92:20:8c:66:35:e1:38:fc:5d:86:d9:d9:5b:16:0c:85:
0b:15:b3:6f:f0:22:31:62:c5:71:bc:ff:10:e2:c6:1a:1c:2d:
d7:9c:0c:b0:27:64:1c:98:7f:42:e9:00:41:8f:66:23:5a:57:
c3:fb:90:11:24:4b:08:91:e6:34:b0:7f:e6:cb:52:aa:8f:80:
07:f1:5f:50:3e:c1:52:7b:4b:28:0d:bb:dc:78:7e:86:17:cb:
cd:fe:b6:e6:5f:2b:67:d8:df:e4:52:7a:66:5a:f9:b9:00:e5:
57:32:94:9e:38:b8:79:48:21:19:d9:d1:a2:01:8e:e9:e8:54:
0f:b0:54:22:8a:1c:c9:d0:52:f6:0c:2e:d9:65:f3:3d:0f:c0:
d0:d1:e3:5b:75:90:b3:e6:97:2e:68:b5:7a:0d:eb:ed:6e:39:
ef:b0:33:e8:97:2f:39:39:70:66:cf:66:d6:93:f9:f0:15:5a:
38:50:b7:70:ff:49:27:82:48:26:2b:55:16:89:8e:97:64:a5:
03:04:ac:b1:db:98:81:68:72:ef:c5:2d:f0:7c:24:4d:31:a0:
e6:f4:c5:09:64:4e:c6:df:a2:f3:3e:a2:af:1d:8f:28:a7:18:
a4:92:f4:d6
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVs7xCumElE8wWkTBRRtMm1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MDc3YjQxZTk4ODczZTdmMDZmYjFkZjNmNWQzOWM3MjFi
MTM0M2YwHhcNMjMwMTAxMTA0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmJmNjY0NjhjYWVlNGJmZDY3MzgzNDA4MTkwZjU1Y2NiZTU0NGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGdT0MJU90jt2118+JsA5R5VGAyY
7Vc+vfAnBnQlb454QCRQCrr5xNUO5Kej7UmWzFEa8hBqGfxjRLPrzv/bh6KRmaG5
9abnWy5XjsyVe8deDUzkgr7aKnxcDMtDq4Uobt6Ld0FZWgYPRthDyt3Rcbcd5k0t
/0Ji/och33MNLQr8oU0gCE5ZumiuZaD6e2aLwsAWk8Ndr4a1PSgOFWVlkzKsQiei
cGRcn39LF9J4KW5Hpopzs5kgkUTLhwBDySq6ErhKM/GfumSv1GR22uAX55hmtQo/
mStyVEZsAQMw6btGR7DzTK/53KjIvvmjnVjHjRRpcL+Z/qXOF2ZjHASSmQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFFu/ZkaMruS/1nODQIGQ9VzL5USxMB8GA1UdIwQY
MBaAFDQHe0HpiHPn8G+x3z9dOcchsTQ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQt
Y2I3Y2JjYTdjMWUwLzEvVzc5bVJveXU1TF9XYzROQWdaRDFYTXZsUkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC80NDg4MDAtODI5ZS00YjdhLTkyYzQtY2I3Y2JjYTdjMWUw
LzEvTkFkN1FlbUljLWZ3YjdIZlAxMDV4eUd4TkQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBTkIAwQD
H8D4AwQDTV84AwQDXo/AAwQCuTb8AwQF1CpgMA0EAgACMAcDBQAqAHFgMA0GCSqG
SIb3DQEBCwUAA4IBAQAEswvLMo+hbShHvALzztxbO8cAAJIgjGY14Tj8XYbZ2VsW
DIULFbNv8CIxYsVxvP8Q4sYaHC3XnAywJ2QcmH9C6QBBj2YjWlfD+5ARJEsIkeY0
sH/my1Kqj4AH8V9QPsFSe0soDbvceH6GF8vN/rbmXytn2N/kUnpmWvm5AOVXMpSe
OLh5SCEZ2dGiAY7p6FQPsFQiihzJ0FL2DC7ZZfM9D8DQ0eNbdZCz5pcuaLV6Devt
bjnvsDPoly85OXBmz2bWk/nwFVo4ULdw/0kngkgmK1UWiY6XZKUDBKyx25iBaHLv
xS3wfCRNMaDm9MUJZE7G36LzPqKvHY8opxikkvTW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:44 2025 by rpki-client