Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/WNe76frGj5JpItYaw3YQItzxfVA.roa
File: WNe76frGj5JpItYaw3YQItzxfVA.roa (raw, json)
Hash identifier: o6ypHBghDLJdhRmgGRDDBUdgrlWaWst/6tRtp3cuUXM=
Subject key identifier: 58:D7:BB:E9:FA:C6:8F:92:69:22:D6:1A:C3:76:10:22:DC:F1:7D:50
Certificate issuer: /CN=c3bd26fe2295e462be2678533efa531e23b7f102
Certificate serial: 018571D79F2B6A5C70DE2EFC39AD5D995321
Authority key identifier: C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/WNe76frGj5JpItYaw3YQItzxfVA.roa
Signing time: Mon 02 Jan 2023 09:37:14 +0000
ROA not before: Mon 02 Jan 2023 09:37:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12552
IP address blocks: 91.208.188.0/24 maxlen: 24
2001:67c:43c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:9f:2b:6a:5c:70:de:2e:fc:39:ad:5d:99:53:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3bd26fe2295e462be2678533efa531e23b7f102
Validity
Not Before: Jan 2 09:37:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58d7bbe9fac68f926922d61ac3761022dcf17d50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e2:31:a4:f5:cb:9b:0c:c3:29:b3:fe:dc:ce:
6b:cb:da:e9:19:c8:16:23:ae:84:9d:6b:82:d1:0a:
8c:90:2f:f4:b6:50:87:7c:a4:55:2f:6d:c9:8f:ac:
d9:64:80:64:04:4e:d4:12:0c:33:bb:c2:60:59:44:
14:ab:0f:99:d2:19:e8:68:42:f3:25:b6:7e:29:07:
44:19:43:38:15:00:2b:59:90:8f:60:ec:7f:00:2b:
78:15:4c:e1:4d:ba:5f:4c:3a:42:24:7b:f1:9f:7e:
d7:84:71:0e:8c:5a:81:af:f5:66:9e:40:fa:73:08:
19:ca:ad:10:98:f1:91:fb:df:1f:26:2c:6b:c9:41:
55:10:48:b6:a0:85:f3:80:ef:93:ad:15:1d:94:fe:
40:6e:5f:a1:ba:dd:a8:6b:98:c7:ce:78:7c:f1:76:
01:39:26:c3:70:09:3d:32:86:65:2a:df:71:64:c6:
b2:18:88:97:31:64:77:bd:24:55:fa:99:74:7c:f3:
6c:ec:3e:98:ec:3c:4b:1d:6b:38:3e:25:46:d5:af:
12:89:6d:5e:d3:20:24:8d:22:9e:e8:c9:56:2a:5e:
fb:5a:50:4f:b2:98:c1:8b:a3:5d:05:bf:fa:b8:ad:
49:6f:89:30:52:69:78:63:b4:ef:67:0c:80:6a:f6:
b3:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:D7:BB:E9:FA:C6:8F:92:69:22:D6:1A:C3:76:10:22:DC:F1:7D:50
X509v3 Authority Key Identifier:
keyid:C3:BD:26:FE:22:95:E4:62:BE:26:78:53:3E:FA:53:1E:23:B7:F1:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w70m_iKV5GK-JnhTPvpTHiO38QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/WNe76frGj5JpItYaw3YQItzxfVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/9c5a00-0b5f-4a95-98a8-8bd976910dbf/1/w70m_iKV5GK-JnhTPvpTHiO38QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.188.0/24
IPv6:
2001:67c:43c::/48
Signature Algorithm: sha256WithRSAEncryption
49:ae:fa:33:d8:c2:d1:d3:d3:25:8e:07:78:ad:c6:0d:2f:1d:
5a:a4:ea:64:0f:1e:62:87:8f:53:ed:56:46:95:cf:5c:44:0e:
93:bc:3c:a1:51:1f:23:18:89:21:dd:0e:e4:75:39:45:ea:61:
44:b7:e2:e5:c3:e1:3f:83:6c:b1:c9:48:c6:90:83:0c:3d:03:
e1:58:3b:dc:fa:c6:23:eb:ba:cd:6c:08:88:cb:2e:a3:bf:26:
d5:f1:13:16:94:64:ef:2c:60:46:01:fc:bf:cc:bb:30:e9:bd:
54:d3:4d:9b:44:62:be:e8:c2:ab:26:4d:84:80:a8:aa:20:ea:
5c:94:13:40:1b:20:79:47:7b:b4:45:97:13:e7:61:da:f6:d1:
69:a1:9d:b9:0a:61:f1:0b:94:ce:f5:e9:b2:79:a1:9a:60:4a:
59:c8:3d:6e:f3:c6:d2:7b:20:9a:27:89:23:e1:78:97:d9:54:
c2:55:de:37:b2:2e:b6:97:23:10:52:41:50:c1:bf:8b:3f:b3:
fc:0f:e1:af:a4:b6:30:54:11:fb:aa:6d:7a:57:e8:e8:e8:d8:
73:10:df:d5:1a:6b:30:b9:e7:08:33:f9:50:c0:c0:07:73:42:
d2:38:93:bc:e1:9b:e2:96:97:be:db:96:fb:0b:ce:7e:e1:21:
46:ac:27:00
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVx158ralxw3i78Oa1dmVMhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYmQyNmZlMjI5NWU0NjJiZTI2Nzg1MzNlZmE1MzFlMjNi
N2YxMDIwHhcNMjMwMTAyMDkzNzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGQ3YmJlOWZhYzY4ZjkyNjkyMmQ2MWFjMzc2MTAyMmRjZjE3ZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+IxpPXLmwzDKbP+3M5ry9rpGcgW
I66EnWuC0QqMkC/0tlCHfKRVL23Jj6zZZIBkBE7UEgwzu8JgWUQUqw+Z0hnoaELz
JbZ+KQdEGUM4FQArWZCPYOx/ACt4FUzhTbpfTDpCJHvxn37XhHEOjFqBr/VmnkD6
cwgZyq0QmPGR+98fJixryUFVEEi2oIXzgO+TrRUdlP5Abl+hut2oa5jHznh88XYB
OSbDcAk9MoZlKt9xZMayGIiXMWR3vSRV+pl0fPNs7D6Y7DxLHWs4PiVG1a8SiW1e
0yAkjSKe6MlWKl77WlBPspjBi6NdBb/6uK1Jb4kwUml4Y7TvZwyAavazxwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFFjXu+n6xo+SaSLWGsN2ECLc8X1QMB8GA1UdIwQY
MBaAFMO9Jv4ileRiviZ4Uz76Ux4jt/ECMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgt
OGJkOTc2OTEwZGJmLzEvV05lNzZmckdqNUpwSXRZYXczWVFJdHp4ZlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC85YzVhMDAtMGI1Zi00YTk1LTk4YTgtOGJkOTc2OTEwZGJm
LzEvdzcwbV9pS1Y1R0stSm5oVFB2cFRIaU8zOFFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9C8MA8E
AgACMAkDBwAgAQZ8BDwwDQYJKoZIhvcNAQELBQADggEBAEmu+jPYwtHT0yWOB3it
xg0vHVqk6mQPHmKHj1PtVkaVz1xEDpO8PKFRHyMYiSHdDuR1OUXqYUS34uXD4T+D
bLHJSMaQgww9A+FYO9z6xiPrus1sCIjLLqO/JtXxExaUZO8sYEYB/L/MuzDpvVTT
TZtEYr7owqsmTYSAqKog6lyUE0AbIHlHe7RFlxPnYdr20WmhnbkKYfELlM716bJ5
oZpgSlnIPW7zxtJ7IJoniSPheJfZVMJV3jeyLraXIxBSQVDBv4s/s/wP4a+ktjBU
EfuqbXpX6Ojo2HMQ39UaazC55wgz+VDAwAdzQtI4k7zhm+KWl77blvsLzn7hIUas
JwA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:28:07 2025 by rpki-client