Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/wQVNzWKfy8NGthwgJ2uFQ92iiSs.roa
File: wQVNzWKfy8NGthwgJ2uFQ92iiSs.roa (raw, json)
Hash identifier: CHoQLF4Ib9R+wPj7ujl6j2N14VvKNu8cirOk2OYsFyA=
Subject key identifier: C1:05:4D:CD:62:9F:CB:C3:46:B6:1C:20:27:6B:85:43:DD:A2:89:2B
Certificate issuer: /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial: 01856B933A97275A1C804A6AF076FA1115E4
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/wQVNzWKfy8NGthwgJ2uFQ92iiSs.roa
Signing time: Sun 01 Jan 2023 04:24:48 +0000
ROA not before: Sun 01 Jan 2023 04:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43366
IP address blocks: 195.35.114.0/23 maxlen: 24
185.103.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:93:3a:97:27:5a:1c:80:4a:6a:f0:76:fa:11:15:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Validity
Not Before: Jan 1 04:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1054dcd629fcbc346b61c20276b8543dda2892b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1a:04:cb:f5:76:ad:b5:ad:a0:e2:05:02:29:
0e:19:b7:c9:bc:bb:38:00:24:49:64:b9:da:19:35:
ec:61:d0:c3:95:37:bc:3b:12:9d:20:64:5f:7d:a0:
a6:5d:d4:cd:cd:10:19:fe:f9:29:1b:d5:4d:ae:e9:
b9:b5:9f:f5:d8:23:67:b3:0e:cd:e7:6c:26:4f:99:
e1:13:7e:15:eb:22:65:c2:93:8e:a7:bd:ce:ac:7f:
02:9f:8d:78:7f:bb:40:a0:0e:a4:ab:f7:9f:bf:fe:
16:4f:c6:1a:7c:4e:5d:96:86:cd:ed:91:51:bd:6a:
70:ff:47:a0:c0:18:ec:fd:58:99:0a:4d:95:06:91:
6b:05:cc:2d:21:d8:79:aa:8f:75:d7:26:61:29:7f:
c9:6d:ec:66:35:b8:3e:aa:18:f5:fe:b1:ad:3e:e0:
7d:aa:7a:0e:a2:b7:11:85:f7:b0:da:1c:ad:9e:96:
6e:7f:a3:dd:f6:6d:74:4e:60:f6:4a:92:26:57:66:
c1:76:43:7c:23:32:47:06:c3:87:af:43:ab:16:13:
7e:e3:13:1c:69:71:41:2e:bc:5d:8a:cf:ed:3b:9b:
40:f9:3f:08:c9:8e:90:fe:d6:70:c6:1c:26:be:52:
44:31:06:6c:fd:8d:a6:85:82:bc:da:81:a6:92:ae:
b0:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:05:4D:CD:62:9F:CB:C3:46:B6:1C:20:27:6B:85:43:DD:A2:89:2B
X509v3 Authority Key Identifier:
keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/wQVNzWKfy8NGthwgJ2uFQ92iiSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.103.76.0/22
195.35.114.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:6d:82:84:09:30:7c:45:57:65:a5:8a:82:c8:1c:d5:57:a1:
92:b4:96:23:bc:af:e4:3e:89:0c:3e:72:80:95:bc:05:6a:34:
97:0c:dd:41:56:03:0f:cb:55:0c:9e:4e:99:5d:67:9b:a8:df:
8f:5c:fb:cf:17:b7:77:41:ef:5d:e5:6b:95:4e:ab:c0:29:d6:
51:7d:91:be:a4:b2:a0:4c:4b:94:fb:a7:fd:f3:a8:2d:1e:5b:
01:4a:da:8b:50:39:39:a3:b5:d7:24:d7:84:55:40:45:f2:5d:
3a:77:99:90:3b:d1:20:b7:08:27:71:db:e8:ff:9e:8b:a7:ff:
14:b6:29:dc:38:88:93:ae:ba:91:dd:1a:02:59:36:86:2f:42:
fe:f7:07:10:12:3c:da:67:e3:e9:eb:62:24:a4:c6:9f:0f:db:
e9:5b:86:89:d6:e8:08:be:03:90:38:3f:0e:d6:6d:b4:79:ea:
50:37:40:5f:dc:22:c5:6e:09:96:cb:7a:ba:79:5f:40:b6:16:
42:94:56:3d:14:39:1e:e1:3e:98:59:6f:53:c4:ea:b0:68:7a:
c3:a7:6b:21:94:44:60:9c:f2:8e:ff:50:20:7d:5c:32:16:52:
f6:92:5a:72:b7:91:77:ef:03:45:43:53:82:5f:62:8e:da:4b:
ad:48:fc:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrkzqXJ1ocgEpq8Hb6ERXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NmIyMDQ5YjNhOWFhNmYyMzY4ZTZlZWI0YmZjZDE2Nzk1
M2E1ZTkwHhcNMjMwMTAxMDQyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA1NGRjZDYyOWZjYmMzNDZiNjFjMjAyNzZiODU0M2RkYTI4OTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxoEy/V2rbWtoOIFAikOGbfJvLs4
ACRJZLnaGTXsYdDDlTe8OxKdIGRffaCmXdTNzRAZ/vkpG9VNrum5tZ/12CNnsw7N
52wmT5nhE34V6yJlwpOOp73OrH8Cn414f7tAoA6kq/efv/4WT8YafE5dlobN7ZFR
vWpw/0egwBjs/ViZCk2VBpFrBcwtIdh5qo911yZhKX/JbexmNbg+qhj1/rGtPuB9
qnoOorcRhfew2hytnpZuf6Pd9m10TmD2SpImV2bBdkN8IzJHBsOHr0OrFhN+4xMc
aXFBLrxdis/tO5tA+T8IyY6Q/tZwxhwmvlJEMQZs/Y2mhYK82oGmkq6wkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMEFTc1in8vDRrYcICdrhUPdookrMB8GA1UdIwQY
MBaAFPVrIEmzqapvI2jm7rS/zRZ5U6XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEt
MjQwMWI3NDIwNmYzLzEvd1FWTnpXS2Z5OE5HdGh3Z0oydUZROTJpaVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEtMjQwMWI3NDIwNmYz
LzEvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuWdMAwQB
wyNyMA0GCSqGSIb3DQEBCwUAA4IBAQBLbYKECTB8RVdlpYqCyBzVV6GStJYjvK/k
PokMPnKAlbwFajSXDN1BVgMPy1UMnk6ZXWebqN+PXPvPF7d3Qe9d5WuVTqvAKdZR
fZG+pLKgTEuU+6f986gtHlsBStqLUDk5o7XXJNeEVUBF8l06d5mQO9Egtwgncdvo
/56Lp/8UtincOIiTrrqR3RoCWTaGL0L+9wcQEjzaZ+Pp62IkpMafD9vpW4aJ1ugI
vgOQOD8O1m20eepQN0Bf3CLFbgmWy3q6eV9AthZClFY9FDke4T6YWW9TxOqwaHrD
p2shlERgnPKO/1AgfVwyFlL2klpyt5F37wNFQ1OCX2KO2kutSPyK
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:06 2025 by rpki-client