Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/WXGb63yYXbcf-kCSgRqwxr35MPM.roa
File: WXGb63yYXbcf-kCSgRqwxr35MPM.roa (raw, json)
Hash identifier: EJOgM7JWA9UTC93AKjhQvTYAqXYx9+MFiWXmClVf03k=
Subject key identifier: 59:71:9B:EB:7C:98:5D:B7:1F:FA:40:92:81:1A:B0:C6:BD:F9:30:F3
Certificate issuer: /CN=b4089f84483057ac364647c80a1b23c976b93016
Certificate serial: 018571A78CC0F84EBB1DB792F457D80AEA99
Authority key identifier: B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/WXGb63yYXbcf-kCSgRqwxr35MPM.roa
Signing time: Mon 02 Jan 2023 08:44:44 +0000
ROA not before: Mon 02 Jan 2023 08:44:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20582
IP address blocks: 185.113.20.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:8c:c0:f8:4e:bb:1d:b7:92:f4:57:d8:0a:ea:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4089f84483057ac364647c80a1b23c976b93016
Validity
Not Before: Jan 2 08:44:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59719beb7c985db71ffa4092811ab0c6bdf930f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a1:9d:97:7d:3c:29:0d:ba:1d:20:d6:f8:28:
81:fd:fd:5f:83:7b:0c:75:26:f3:c7:1c:ef:bb:6c:
e1:47:2b:1e:1b:2a:6d:c3:7c:65:31:24:7e:ce:e9:
98:6e:ad:ad:50:17:54:61:f2:9f:4c:b8:54:6d:d5:
17:11:3c:a1:f0:7e:20:d7:77:34:1d:8d:74:37:c9:
f0:54:a0:4d:3d:af:f0:cb:65:4e:a2:51:0a:ff:49:
6d:94:c4:08:0d:c2:01:95:78:cb:f3:71:a9:40:97:
c4:b8:cf:cb:ae:fd:08:47:eb:cd:f8:a4:50:50:26:
54:87:98:7d:f9:d6:27:bf:38:2b:bc:81:5a:17:78:
1a:1c:0a:1e:1a:ec:66:6c:55:44:fc:27:9b:cb:7c:
54:e0:03:90:42:32:af:74:74:02:fd:22:67:2e:75:
70:63:32:b7:69:c1:ec:a9:3e:92:b9:6e:4c:5e:df:
e6:21:69:8e:02:a0:f2:51:dd:67:be:5f:09:67:a2:
15:2a:a9:d4:fd:90:ce:9f:eb:86:1c:e3:ff:91:78:
60:74:80:b8:18:8e:df:29:b4:28:22:1a:85:64:66:
c9:9d:0f:bd:9c:23:ec:7b:30:78:32:f8:db:00:23:
1c:7d:a8:60:a9:95:72:37:74:3a:09:4c:5b:0e:6c:
2f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:71:9B:EB:7C:98:5D:B7:1F:FA:40:92:81:1A:B0:C6:BD:F9:30:F3
X509v3 Authority Key Identifier:
keyid:B4:08:9F:84:48:30:57:AC:36:46:47:C8:0A:1B:23:C9:76:B9:30:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAifhEgwV6w2RkfIChsjyXa5MBY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/WXGb63yYXbcf-kCSgRqwxr35MPM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/645f6a-2653-4d31-bb4e-1f87976137a0/1/tAifhEgwV6w2RkfIChsjyXa5MBY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.113.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:76:da:38:78:52:5e:17:69:23:5b:7c:ab:c0:96:9a:9e:ed:
0b:cd:93:1f:8c:76:8f:ee:5b:8b:7d:f3:0c:6f:c3:01:9d:f4:
21:80:fc:d3:5f:e9:0e:9b:d6:ec:a0:97:7f:17:fa:08:2f:a5:
6d:5f:65:23:87:1c:b9:66:66:99:71:d1:16:dc:38:6e:2a:7d:
3c:4a:96:42:61:1e:b5:33:5b:0b:7f:65:3d:22:ff:06:d8:00:
06:9c:8a:d6:f4:a9:b7:b3:00:19:1c:38:2f:9c:c6:53:f4:c1:
cb:45:7c:3c:45:64:7b:93:6c:21:aa:a6:9a:29:57:df:7e:84:
f3:d0:6f:22:5d:4c:0e:96:b4:4d:b8:bf:e4:c6:e5:cb:bc:c7:
a5:af:f1:3a:c7:62:db:29:a0:03:ff:38:e3:98:cb:97:df:c0:
a1:07:07:38:17:d7:67:e6:20:74:0c:3a:bc:2c:0d:a7:fd:6f:
51:4a:fd:5e:87:c0:61:23:c6:9b:8a:68:d2:4c:fe:43:9d:32:
fa:af:30:05:a3:80:94:4f:fc:f1:d5:5d:8f:ae:7d:d5:8e:82:
ee:e2:7c:c1:09:36:a5:15:de:6e:ca:fd:5f:92:b0:8b:d7:2a:
0f:69:e0:3e:7d:37:ca:49:2b:29:9c:0c:87:7e:75:87:fe:41:
3b:52:59:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxp4zA+E67HbeS9FfYCuqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDg5Zjg0NDgzMDU3YWMzNjQ2NDdjODBhMWIyM2M5NzZi
OTMwMTYwHhcNMjMwMTAyMDg0NDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTcxOWJlYjdjOTg1ZGI3MWZmYTQwOTI4MTFhYjBjNmJkZjkzMGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Gdl308KQ26HSDW+CiB/f1fg3sM
dSbzxxzvu2zhRyseGyptw3xlMSR+zumYbq2tUBdUYfKfTLhUbdUXETyh8H4g13c0
HY10N8nwVKBNPa/wy2VOolEK/0ltlMQIDcIBlXjL83GpQJfEuM/Lrv0IR+vN+KRQ
UCZUh5h9+dYnvzgrvIFaF3gaHAoeGuxmbFVE/Ceby3xU4AOQQjKvdHQC/SJnLnVw
YzK3acHsqT6SuW5MXt/mIWmOAqDyUd1nvl8JZ6IVKqnU/ZDOn+uGHOP/kXhgdIC4
GI7fKbQoIhqFZGbJnQ+9nCPsezB4MvjbACMcfahgqZVyN3Q6CUxbDmwvJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFlxm+t8mF23H/pAkoEasMa9+TDzMB8GA1UdIwQY
MBaAFLQIn4RIMFesNkZHyAobI8l2uTAWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUt
MWY4Nzk3NjEzN2EwLzEvV1hHYjYzeVlYYmNmLWtDU2dScXd4cjM1TVBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC82NDVmNmEtMjY1My00ZDMxLWJiNGUtMWY4Nzk3NjEzN2Ew
LzEvdEFpZmhFZ3dWNncyUmtmSUNoc2p5WGE1TUJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXEUMA0G
CSqGSIb3DQEBCwUAA4IBAQArdto4eFJeF2kjW3yrwJaanu0LzZMfjHaP7luLffMM
b8MBnfQhgPzTX+kOm9bsoJd/F/oIL6VtX2Ujhxy5ZmaZcdEW3DhuKn08SpZCYR61
M1sLf2U9Iv8G2AAGnIrW9Km3swAZHDgvnMZT9MHLRXw8RWR7k2whqqaaKVfffoTz
0G8iXUwOlrRNuL/kxuXLvMelr/E6x2LbKaAD/zjjmMuX38ChBwc4F9dn5iB0DDq8
LA2n/W9RSv1eh8BhI8abimjSTP5DnTL6rzAFo4CUT/zx1V2Prn3VjoLu4nzBCTal
Fd5uyv1fkrCL1yoPaeA+fTfKSSspnAyHfnWH/kE7Ulmv
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:26 2025 by rpki-client