Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/wdxRJp64as8bvP7GiAHKKavp5_w.roa
File: wdxRJp64as8bvP7GiAHKKavp5_w.roa (raw, json)
Hash identifier: 0avjObLtrfeOEoPWb6wsuiTMy++J2wBtPznXuSqYYtc=
Subject key identifier: C1:DC:51:26:9E:B8:6A:CF:1B:BC:FE:C6:88:01:CA:29:AB:E9:E7:FC
Certificate issuer: /CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Certificate serial: 018BF76E96E543744E7A09702589BB4579B7
Authority key identifier: DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/wdxRJp64as8bvP7GiAHKKavp5_w.roa
Signing time: Wed 22 Nov 2023 14:28:21 +0000
ROA not before: Wed 22 Nov 2023 14:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206805
IP address blocks: 185.159.111.0/24 maxlen: 24
45.84.152.0/23 maxlen: 23
45.84.155.0/24 maxlen: 24
45.84.154.0/24 maxlen: 24
193.19.100.0/23 maxlen: 24
45.145.191.0/24 maxlen: 24
45.145.190.0/23 maxlen: 23
45.145.190.0/24 maxlen: 24
45.145.188.0/23 maxlen: 23
80.85.250.0/23 maxlen: 23
80.85.248.0/23 maxlen: 23
185.247.192.0/22 maxlen: 24
185.228.48.0/22 maxlen: 24
178.159.32.0/23 maxlen: 24
188.64.150.0/23 maxlen: 24
188.64.149.0/24 maxlen: 24
2a0c:ee00:20c::/48 maxlen: 48
2a0c:ee00:300::/40 maxlen: 40
2a0c:ee00:100::/40 maxlen: 40
2a0c:ee00::/40 maxlen: 40
2a0c:ee00:200::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f7:6e:96:e5:43:74:4e:7a:09:70:25:89:bb:45:79:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd3d4011175e5df7a3f57d38e78150a2c05fdd1d
Validity
Not Before: Nov 22 14:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1dc51269eb86acf1bbcfec68801ca29abe9e7fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c4:24:4d:c5:59:d8:c3:94:1e:18:25:ca:01:
94:8f:f3:a5:d6:76:26:bc:2e:fd:df:f6:e1:9f:b5:
97:a9:79:16:48:50:29:08:4c:f3:05:e4:88:0d:ec:
91:de:ff:9d:a1:e3:66:53:c2:c1:ba:8b:4c:ed:da:
ab:5f:52:e4:ef:01:73:a5:a7:92:fa:ad:11:42:9e:
95:f5:d6:30:40:1f:1f:99:c0:56:2d:68:52:83:9f:
f0:c3:3b:a8:38:b8:a7:6f:30:8d:9c:d3:7b:c1:22:
ac:89:57:80:60:6c:0d:b9:15:8f:2c:6b:f5:61:3b:
4a:c7:50:f9:85:62:44:3d:91:a4:2c:98:50:87:da:
18:e1:b3:35:f5:9e:46:70:a9:37:4a:32:c0:87:39:
6b:38:c5:af:76:24:11:5e:67:9a:3e:45:69:b9:a6:
a6:3b:6c:87:0a:e5:df:85:f0:83:b3:6d:43:20:7c:
ab:77:a7:d9:3b:f1:8f:79:d1:99:d1:8c:dd:69:83:
c0:8b:0c:87:de:28:78:c0:8d:88:06:0d:91:aa:34:
dd:ea:6c:a5:36:11:63:78:01:7c:d1:62:d3:0f:d7:
ae:92:f9:47:e9:9c:a2:05:9b:4d:4d:60:9d:03:5b:
19:3c:3c:4c:1e:d5:09:0b:12:c8:64:11:9f:74:0c:
43:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:DC:51:26:9E:B8:6A:CF:1B:BC:FE:C6:88:01:CA:29:AB:E9:E7:FC
X509v3 Authority Key Identifier:
keyid:DD:3D:40:11:17:5E:5D:F7:A3:F5:7D:38:E7:81:50:A2:C0:5F:DD:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3T1AERdeXfej9X0454FQosBf3R0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/wdxRJp64as8bvP7GiAHKKavp5_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/308589-92fe-4593-93e4-2d0a78be892d/1/3T1AERdeXfej9X0454FQosBf3R0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.152.0/22
45.145.188.0/22
80.85.248.0/22
178.159.32.0/23
185.159.111.0/24
185.228.48.0/22
185.247.192.0/22
188.64.149.0-188.64.151.255
193.19.100.0/23
IPv6:
2a0c:ee00::/38
Signature Algorithm: sha256WithRSAEncryption
11:c9:e8:f2:ca:14:4a:50:b2:c8:01:d0:9e:35:d3:a7:45:59:
a3:03:4f:84:24:95:2e:0a:78:d8:03:f3:bc:43:21:a8:81:68:
cd:56:97:24:b4:ba:c9:26:77:1a:ed:c8:79:08:28:fb:89:26:
8e:2b:66:ec:c9:8a:d0:ac:8e:2a:d1:eb:42:00:e8:31:b5:89:
55:6a:dd:c2:69:d2:20:fa:aa:00:7c:b7:83:60:64:42:60:2e:
4a:b6:41:d5:df:bb:93:46:c0:2d:ae:7d:d8:62:f5:5a:5e:4a:
1e:3f:2f:f7:fa:5e:65:b0:f2:07:56:39:f6:25:81:29:91:4e:
f6:73:dd:f7:91:8d:32:d2:47:e6:2d:26:d2:58:6f:35:52:f4:
b0:b4:cc:b0:4c:be:df:ac:e6:19:c8:fd:4e:5b:4d:20:45:83:
99:0b:2b:10:82:5c:d1:0a:f1:1d:d1:af:7a:88:7e:50:5a:92:
19:6b:79:47:a5:e0:56:8c:c0:9f:01:61:8b:02:65:19:16:04:
41:54:b8:f3:d2:dc:89:e2:d6:76:67:da:1c:57:bd:8e:9b:97:
d4:d7:40:53:b7:00:37:82:c2:40:20:f0:da:11:12:72:ae:da:
1d:f0:10:fb:a5:5d:62:e6:9d:de:3d:13:d7:67:14:19:45:a2:
ae:3e:4a:46
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYv3bpblQ3ROeglwJYm7RXm3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkM2Q0MDExMTc1ZTVkZjdhM2Y1N2QzOGU3ODE1MGEyYzA1
ZmRkMWQwHhcNMjMxMTIyMTQyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWRjNTEyNjllYjg2YWNmMWJiY2ZlYzY4ODAxY2EyOWFiZTllN2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsQkTcVZ2MOUHhglygGUj/Ol1nYm
vC793/bhn7WXqXkWSFApCEzzBeSIDeyR3v+doeNmU8LBuotM7dqrX1Lk7wFzpaeS
+q0RQp6V9dYwQB8fmcBWLWhSg5/wwzuoOLinbzCNnNN7wSKsiVeAYGwNuRWPLGv1
YTtKx1D5hWJEPZGkLJhQh9oY4bM19Z5GcKk3SjLAhzlrOMWvdiQRXmeaPkVpuaam
O2yHCuXfhfCDs21DIHyrd6fZO/GPedGZ0YzdaYPAiwyH3ih4wI2IBg2RqjTd6myl
NhFjeAF80WLTD9eukvlH6ZyiBZtNTWCdA1sZPDxMHtUJCxLIZBGfdAxDRwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFMHcUSaeuGrPG7z+xogByimr6ef8MB8GA1UdIwQY
MBaAFN09QBEXXl33o/V9OOeBUKLAX90dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQt
MmQwYTc4YmU4OTJkLzEvd2R4UkpwNjRhczhidlA3R2lBSEtLYXZwNV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMDg1ODktOTJmZS00NTkzLTkzZTQtMmQwYTc4YmU4OTJk
LzEvM1QxQUVSZGVYZmVqOVgwNDU0RlFvc0JmM1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBEBAIAATA+AwQCLVSYAwQC
LZG8AwQCUFX4AwQBsp8gAwQAuZ9vAwQCueQwAwQCuffAMAwDBAC8QJUDBAO8QJAD
BAHBE2QwDgQCAAIwCAMGAioM7gAAMA0GCSqGSIb3DQEBCwUAA4IBAQARyejyyhRK
ULLIAdCeNdOnRVmjA0+EJJUuCnjYA/O8QyGogWjNVpcktLrJJnca7ch5CCj7iSaO
K2bsyYrQrI4q0etCAOgxtYlVat3CadIg+qoAfLeDYGRCYC5KtkHV37uTRsAtrn3Y
YvVaXkoePy/3+l5lsPIHVjn2JYEpkU72c933kY0y0kfmLSbSWG81UvSwtMywTL7f
rOYZyP1OW00gRYOZCysQglzRCvEd0a96iH5QWpIZa3lHpeBWjMCfAWGLAmUZFgRB
VLjz0tyJ4tZ2Z9ocV72Om5fU10BTtwA3gsJAIPDaERJyrtod8BD7pV1i5p3ePRPX
ZxQZRaKuPkpG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:53 2025 by rpki-client