Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/w2PspGMQztHa0u1jh020ztftizQ.roa
File: w2PspGMQztHa0u1jh020ztftizQ.roa (raw, json)
Hash identifier: UfXyEgq73t8vGVFeA9bydKyzUPuWu/phg+7h5oznmfk=
Subject key identifier: C3:63:EC:A4:63:10:CE:D1:DA:D2:ED:63:87:4D:B4:CE:D7:ED:8B:34
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 018572CC9A8D5A976070F3E2268AF332EB38
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/w2PspGMQztHa0u1jh020ztftizQ.roa
Signing time: Mon 02 Jan 2023 14:04:49 +0000
ROA not before: Mon 02 Jan 2023 14:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 85.203.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:cc:9a:8d:5a:97:60:70:f3:e2:26:8a:f3:32:eb:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 14:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c363eca46310ced1dad2ed63874db4ced7ed8b34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:70:2c:fb:ce:36:43:f8:52:27:4c:c1:46:31:
d1:5f:ce:07:75:6e:56:5d:2b:2d:99:93:b3:5b:14:
2f:90:5c:c2:03:e9:44:ee:2b:78:c7:ab:aa:5b:2e:
44:6b:22:e3:5c:68:46:03:d5:82:3e:97:d0:fc:35:
d6:c5:d3:ac:e3:35:7f:31:5d:18:a8:2c:47:a9:87:
b6:5a:2e:f3:90:8b:be:d2:11:8c:80:64:27:1e:f8:
37:95:6e:1d:8b:eb:ef:89:6a:7a:44:98:09:ff:df:
6c:68:ad:31:6e:79:71:36:f4:f8:79:c8:d6:5b:5b:
08:a1:4d:a8:00:93:81:c4:4e:81:4a:8d:e4:22:ec:
9b:c9:35:cf:3b:ac:ad:f7:19:1e:c3:05:43:d1:41:
ab:9a:f1:be:db:1e:0c:a7:5a:09:36:c3:c7:11:4d:
1b:5e:7d:75:9d:93:2b:c5:a9:89:99:83:cd:7f:57:
02:ef:6b:f7:31:53:19:36:1e:e9:24:80:f7:50:d1:
81:a0:34:a2:e0:af:63:3d:59:a1:cd:f2:b1:95:ca:
b2:06:44:35:88:88:cb:8d:22:e5:b6:59:bb:e4:ae:
68:92:50:84:e8:1e:c0:56:f6:8b:eb:cd:ed:57:05:
4e:23:50:47:22:d3:e7:b8:5f:ae:ce:8a:7c:98:35:
80:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:63:EC:A4:63:10:CE:D1:DA:D2:ED:63:87:4D:B4:CE:D7:ED:8B:34
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/w2PspGMQztHa0u1jh020ztftizQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.39.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:47:e4:34:db:c9:2c:16:ae:54:7f:7b:a8:87:66:21:ba:f3:
a8:8d:bd:f8:6b:70:6b:b7:cd:83:97:9c:79:80:1c:2b:b1:8c:
60:46:af:a9:57:29:af:e9:0a:38:5f:7f:14:da:d0:6d:8b:eb:
8b:c0:86:84:2c:4e:1b:6e:8e:66:4b:fd:d0:b9:5c:43:ff:05:
c1:0e:c0:51:06:20:d2:1c:d3:83:08:8c:9d:49:42:1e:12:6d:
e5:5e:c9:ea:80:80:ed:9b:e4:77:85:af:05:96:de:9a:69:67:
79:91:18:5b:f1:41:a6:b3:ac:fb:72:e4:29:40:51:ea:ee:8a:
33:2d:98:af:1c:6c:a6:46:55:68:ef:3e:15:29:e7:37:7d:4a:
96:c8:fd:a2:f5:57:bd:73:60:2c:a4:b4:20:81:94:36:b3:55:
f6:6a:11:15:3b:8d:e2:98:41:13:68:7a:db:3a:1a:84:17:68:
51:35:b7:73:bb:b6:ed:3c:6c:d8:8e:8e:f9:b0:53:52:2a:ef:
15:71:e2:39:d2:2d:e6:9f:26:e9:6b:fa:b2:9a:45:c4:b4:3e:
a5:7f:a7:c9:f4:50:64:3a:53:a5:1d:13:ac:5c:45:51:1f:43:
aa:76:f7:78:44:49:4e:3c:40:7c:9a:c5:46:62:c9:d6:e3:c2:
50:da:64:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVyzJqNWpdgcPPiJorzMus4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjMwMTAyMTQwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYzZWNhNDYzMTBjZWQxZGFkMmVkNjM4NzRkYjRjZWQ3ZWQ4YjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3As+842Q/hSJ0zBRjHRX84HdW5W
XSstmZOzWxQvkFzCA+lE7it4x6uqWy5EayLjXGhGA9WCPpfQ/DXWxdOs4zV/MV0Y
qCxHqYe2Wi7zkIu+0hGMgGQnHvg3lW4di+vviWp6RJgJ/99saK0xbnlxNvT4ecjW
W1sIoU2oAJOBxE6BSo3kIuybyTXPO6yt9xkewwVD0UGrmvG+2x4Mp1oJNsPHEU0b
Xn11nZMrxamJmYPNf1cC72v3MVMZNh7pJID3UNGBoDSi4K9jPVmhzfKxlcqyBkQ1
iIjLjSLltlm75K5oklCE6B7AVvaL683tVwVOI1BHItPnuF+uzop8mDWAmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNj7KRjEM7R2tLtY4dNtM7X7Ys0MB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvdzJQc3BHTVF6dEhhMHUxamgwMjB6dGZ0aXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsnMA0G
CSqGSIb3DQEBCwUAA4IBAQANR+Q028ksFq5Uf3uoh2YhuvOojb34a3Brt82Dl5x5
gBwrsYxgRq+pVymv6Qo4X38U2tBti+uLwIaELE4bbo5mS/3QuVxD/wXBDsBRBiDS
HNODCIydSUIeEm3lXsnqgIDtm+R3ha8Flt6aaWd5kRhb8UGms6z7cuQpQFHq7ooz
LZivHGymRlVo7z4VKec3fUqWyP2i9Ve9c2AspLQggZQ2s1X2ahEVO43imEETaHrb
OhqEF2hRNbdzu7btPGzYjo75sFNSKu8VceI50i3mnybpa/qymkXEtD6lf6fJ9FBk
OlOlHROsXEVRH0Oqdvd4RElOPEB8msVGYsnW48JQ2mSH
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:59:34 2025 by rpki-client