Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/WHqLnxYwArVyMzsa_b3jp2WXwsY.roa
File: WHqLnxYwArVyMzsa_b3jp2WXwsY.roa (raw, json)
Hash identifier: Tnwo1zzu/aBuSm+JM3N31GZmQi2fKpwySTld3BZVSyg=
Subject key identifier: 58:7A:8B:9F:16:30:02:B5:72:33:3B:1A:FD:BD:E3:A7:65:97:C2:C6
Certificate issuer: /CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Certificate serial: 02ABF82D
Authority key identifier: AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/WHqLnxYwArVyMzsa_b3jp2WXwsY.roa
Signing time: Wed 08 Jun 2022 13:13:03 +0000
ROA not before: Wed 08 Jun 2022 13:13:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60505
IP address blocks: 103.57.40.0/22 maxlen: 22
45.115.108.0/22 maxlen: 22
195.72.124.0/22 maxlen: 22
45.149.52.0/24 maxlen: 24
2a11:a500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 44824621 (0x2abf82d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac7670698cfaef2647fbc9a06f7380856e2b3027
Validity
Not Before: Jun 8 13:13:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=587a8b9f163002b572333b1afdbde3a76597c2c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:c6:e6:34:34:b9:9f:3a:25:45:0d:ad:ed:
13:43:8a:aa:e4:fd:7d:c1:1d:1d:39:82:e6:9b:d6:
b0:37:24:df:46:d4:09:3d:88:d0:c1:9b:82:e0:1c:
9d:ea:51:35:4f:01:ab:14:d0:9c:e4:ed:7c:48:15:
23:49:69:37:91:8a:09:29:54:1d:eb:ad:1d:b0:74:
92:f5:66:df:6d:72:a1:88:a0:cd:16:e4:9a:f8:e9:
54:d8:9a:8f:2b:65:34:9d:e0:6f:37:6f:cd:8b:57:
6d:9a:fe:77:71:8a:00:29:22:55:9c:c4:67:6d:3f:
52:5d:eb:f8:35:99:14:7f:63:18:49:9a:5b:a3:d7:
d4:81:a4:b0:21:ba:ad:18:25:f8:e6:c5:b9:25:57:
70:7d:70:26:a8:b8:23:61:23:b3:30:cf:24:02:f9:
ac:2d:e3:87:b1:da:65:18:35:95:43:11:d5:63:99:
4d:68:24:34:f2:fd:21:c1:db:7b:ee:19:18:f6:db:
32:26:a2:5e:6f:2c:7e:17:6d:1d:4f:4c:82:db:6f:
0b:e5:ca:99:43:22:32:10:79:e2:3b:b2:72:f3:69:
38:a7:75:9f:18:e0:42:35:a4:4d:cb:b2:2a:ec:10:
58:4e:b4:03:d6:88:92:a9:e6:20:2e:89:1f:de:1a:
71:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:7A:8B:9F:16:30:02:B5:72:33:3B:1A:FD:BD:E3:A7:65:97:C2:C6
X509v3 Authority Key Identifier:
keyid:AC:76:70:69:8C:FA:EF:26:47:FB:C9:A0:6F:73:80:85:6E:2B:30:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rHZwaYz67yZH-8mgb3OAhW4rMCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/WHqLnxYwArVyMzsa_b3jp2WXwsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/68f651-f3a6-4252-9faf-9e044092b826/1/rHZwaYz67yZH-8mgb3OAhW4rMCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.115.108.0/22
45.149.52.0/24
103.57.40.0/22
195.72.124.0/22
IPv6:
2a11:a500::/32
Signature Algorithm: sha256WithRSAEncryption
9f:67:74:f0:ff:b5:95:98:1a:1e:cb:56:59:8d:fc:98:c5:c2:
df:5a:f1:a2:ac:e7:4a:e3:dc:86:b8:64:59:7f:3c:ca:69:65:
e4:5f:70:23:82:3a:fb:05:c0:7c:0e:88:e6:6d:6a:4f:db:62:
16:d5:03:06:23:a4:2f:d9:c8:e5:27:45:39:5d:0e:dc:f5:0a:
4d:2f:9d:4a:50:47:dc:da:14:dc:bb:6e:90:1e:d9:06:4b:aa:
2f:a8:13:55:2f:88:eb:9d:86:af:65:58:f6:d0:0c:d2:c5:c2:
46:ba:82:db:b9:6f:51:f7:e2:cd:10:33:b1:23:20:bb:bb:95:
16:20:11:f3:b6:21:50:53:a5:83:86:14:be:98:9f:5b:12:c2:
04:14:e9:25:72:c6:c5:82:24:ee:45:4a:c9:55:cb:c6:52:66:
ae:3f:b5:87:e4:96:48:33:d8:90:03:b2:15:e0:5a:82:22:73:
22:cc:8a:84:3f:7d:7d:1c:ea:05:09:79:45:aa:1e:3c:1f:a6:
4c:50:7e:68:31:e8:12:18:64:f6:f0:56:11:94:5b:7c:b5:26:
94:5b:06:31:4d:d8:29:6a:b0:f0:63:44:b4:a4:45:f5:b7:5e:
6c:8e:4a:2e:79:b7:d2:7e:01:1c:1d:eb:b9:73:0b:d7:94:5f:
5b:35:26:0e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEAqv4LTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
Yzc2NzA2OThjZmFlZjI2NDdmYmM5YTA2ZjczODA4NTZlMmIzMDI3MB4XDTIyMDYw
ODEzMTMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTg3YThiOWYxNjMw
MDJiNTcyMzMzYjFhZmRiZGUzYTc2NTk3YzJjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyJxuY0NLmfOiVFDa3tE0OKquT9fcEdHTmC5pvWsDck30bU
CT2I0MGbguAcnepRNU8BqxTQnOTtfEgVI0lpN5GKCSlUHeutHbB0kvVm321yoYig
zRbkmvjpVNiajytlNJ3gbzdvzYtXbZr+d3GKACkiVZzEZ20/Ul3r+DWZFH9jGEma
W6PX1IGksCG6rRgl+ObFuSVXcH1wJqi4I2EjszDPJAL5rC3jh7HaZRg1lUMR1WOZ
TWgkNPL9IcHbe+4ZGPbbMiaiXm8sfhdtHU9MgttvC+XKmUMiMhB54juycvNpOKd1
nxjgQjWkTcuyKuwQWE60A9aIkqnmIC6JH94acQkCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRYeoufFjACtXIzOxr9veOnZZfCxjAfBgNVHSMEGDAWgBSsdnBpjPrvJkf7
yaBvc4CFbiswJzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JIWndhWXo2N3laSC04bWdiM09BaFc0ck1DYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDQvNjhmNjUxLWYzYTYtNDI1Mi05ZmFmLTllMDQ0MDkyYjgyNi8x
L1dIcUxueFl3QXJWeU16c2FfYjNqcDJXWHdzWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQv
NjhmNjUxLWYzYTYtNDI1Mi05ZmFmLTllMDQ0MDkyYjgyNi8xL3JIWndhWXo2N3la
SC04bWdiM09BaFc0ck1DYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi1zbAMEAC2VNAMEAmc5KAMEAsNI
fDANBAIAAjAHAwUAKhGlADANBgkqhkiG9w0BAQsFAAOCAQEAn2d08P+1lZgaHstW
WY38mMXC31rxoqznSuPchrhkWX88ymll5F9wI4I6+wXAfA6I5m1qT9tiFtUDBiOk
L9nI5SdFOV0O3PUKTS+dSlBH3NoU3LtukB7ZBkuqL6gTVS+I652Gr2VY9tAM0sXC
RrqC27lvUffizRAzsSMgu7uVFiAR87YhUFOlg4YUvpifWxLCBBTpJXLGxYIk7kVK
yVXLxlJmrj+1h+SWSDPYkAOyFeBagiJzIsyKhD99fRzqBQl5RaoePB+mTFB+aDHo
Ehhk9vBWEZRbfLUmlFsGMU3YKWqw8GNEtKRF9bdebI5KLnm30n4BHB3ruXML15Rf
WzUmDg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:49:39 2025 by rpki-client