Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/WMtWTQq3iEC6VTqrwY7NLtDvI2Q.roa
File: WMtWTQq3iEC6VTqrwY7NLtDvI2Q.roa (raw, json)
Hash identifier: GyAqpGxlYUwENcviGlbiDSRhsqDzAHZKdftzPHM+pao=
Subject key identifier: 58:CB:56:4D:0A:B7:88:40:BA:55:3A:AB:C1:8E:CD:2E:D0:EF:23:64
Certificate issuer: /CN=a8bab61c360ea108cd192c7ce7a7ed5565bdfbe0
Certificate serial: 01856C4A563C70B86E2F166F9DB4C3565927
Authority key identifier: A8:BA:B6:1C:36:0E:A1:08:CD:19:2C:7C:E7:A7:ED:55:65:BD:FB:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qLq2HDYOoQjNGSx856ftVWW9--A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/WMtWTQq3iEC6VTqrwY7NLtDvI2Q.roa
Signing time: Sun 01 Jan 2023 07:44:49 +0000
ROA not before: Sun 01 Jan 2023 07:44:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29397
IP address blocks: 91.224.240.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:4a:56:3c:70:b8:6e:2f:16:6f:9d:b4:c3:56:59:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8bab61c360ea108cd192c7ce7a7ed5565bdfbe0
Validity
Not Before: Jan 1 07:44:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=58cb564d0ab78840ba553aabc18ecd2ed0ef2364
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c6:93:d6:2a:19:f9:14:54:cb:8f:ef:84:c7:
9f:8b:61:91:fa:fd:bf:bf:1b:5a:55:e9:f6:07:ec:
cd:db:fc:ac:c9:3d:e2:e4:a6:47:4b:d2:47:0e:5c:
5f:9d:73:40:c9:aa:24:43:9e:cb:84:39:ef:a5:36:
11:6a:65:cb:c2:fe:3b:b3:de:75:4b:99:b6:0c:92:
5d:13:a2:8b:fb:75:17:79:2b:08:94:be:76:0a:a6:
08:3f:ad:18:c7:d5:f8:e6:fd:4b:f5:e5:10:04:51:
b3:28:b1:a1:1d:d3:a2:0b:90:f6:c2:d5:19:d4:d2:
aa:c0:f9:f5:83:0f:36:3f:eb:d1:60:d3:d1:cd:a5:
a0:db:a2:bd:4e:be:47:e8:46:f9:a8:0a:9a:ef:8b:
40:cb:e6:98:45:87:c6:1e:42:cf:7a:72:06:f9:2f:
e3:03:91:71:61:5a:32:8c:a7:fc:86:2e:4e:06:1f:
c8:58:a8:9e:44:05:88:f9:77:8b:64:e4:9b:6c:b8:
6a:7b:84:c9:97:d7:bb:9c:c9:e6:c4:4e:c7:3f:be:
84:d7:ee:91:1e:35:83:8d:12:93:72:c8:1d:9a:bc:
d4:dd:03:d6:10:77:1e:e5:c6:c8:b0:26:9a:d0:76:
d0:80:39:d3:88:1e:24:c7:05:c1:12:2e:48:33:85:
ea:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:CB:56:4D:0A:B7:88:40:BA:55:3A:AB:C1:8E:CD:2E:D0:EF:23:64
X509v3 Authority Key Identifier:
keyid:A8:BA:B6:1C:36:0E:A1:08:CD:19:2C:7C:E7:A7:ED:55:65:BD:FB:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qLq2HDYOoQjNGSx856ftVWW9--A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/WMtWTQq3iEC6VTqrwY7NLtDvI2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/9b39b9-82c8-4c7d-b268-766e546057a7/1/qLq2HDYOoQjNGSx856ftVWW9--A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.240.0/23
Signature Algorithm: sha256WithRSAEncryption
10:83:92:71:4e:a9:48:2b:e2:90:14:36:5a:01:62:61:ea:18:
20:5c:ea:97:b2:8a:71:fd:94:6a:c4:4e:d4:88:a6:5b:3d:7a:
95:e1:80:e1:70:44:27:c9:e0:87:48:67:5d:7b:9b:ed:76:9b:
69:bb:ca:a9:d8:67:b6:8d:c4:a0:f2:1c:bc:cb:07:02:c9:0e:
da:b4:08:12:72:c0:57:34:69:b1:39:c9:74:2d:f9:65:a3:c6:
45:ee:26:27:48:54:44:80:53:28:e8:34:ea:47:07:8a:92:00:
c0:3f:af:1d:c5:af:e5:3e:0b:bf:d2:b2:00:63:49:a1:a1:fb:
df:d3:36:c1:12:89:80:53:c6:6f:6d:54:84:e8:4b:4d:fc:ec:
88:06:9b:26:d0:66:98:8a:53:8b:a9:c6:a6:06:76:c8:d9:b5:
aa:d7:64:30:25:3d:13:c0:ae:4d:bf:26:39:72:23:38:8a:b0:
32:6f:11:44:88:2c:05:ca:01:27:2b:04:66:11:d1:1c:6f:b1:
50:29:c4:10:25:50:8a:48:63:43:8e:c9:db:94:81:b3:6b:f9:
4d:87:2e:14:85:a4:43:32:0e:ef:3e:cb:0f:cc:d8:b4:08:6e:
b2:b6:df:7b:ac:fa:92:5b:87:64:47:c9:bb:74:42:ef:aa:83:
b8:07:2d:5a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsSlY8cLhuLxZvnbTDVlknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4YmFiNjFjMzYwZWExMDhjZDE5MmM3Y2U3YTdlZDU1NjVi
ZGZiZTAwHhcNMjMwMTAxMDc0NDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OGNiNTY0ZDBhYjc4ODQwYmE1NTNhYWJjMThlY2QyZWQwZWYyMzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8aT1ioZ+RRUy4/vhMefi2GR+v2/
vxtaVen2B+zN2/ysyT3i5KZHS9JHDlxfnXNAyaokQ57LhDnvpTYRamXLwv47s951
S5m2DJJdE6KL+3UXeSsIlL52CqYIP60Yx9X45v1L9eUQBFGzKLGhHdOiC5D2wtUZ
1NKqwPn1gw82P+vRYNPRzaWg26K9Tr5H6Eb5qAqa74tAy+aYRYfGHkLPenIG+S/j
A5FxYVoyjKf8hi5OBh/IWKieRAWI+XeLZOSbbLhqe4TJl9e7nMnmxE7HP76E1+6R
HjWDjRKTcsgdmrzU3QPWEHce5cbIsCaa0HbQgDnTiB4kxwXBEi5IM4XqQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFjLVk0Kt4hAulU6q8GOzS7Q7yNkMB8GA1UdIwQY
MBaAFKi6thw2DqEIzRksfOen7VVlvfvgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUxxMkhEWU9vUWpOR1N4ODU2ZnRWV1c5LS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC85YjM5YjktODJjOC00YzdkLWIyNjgt
NzY2ZTU0NjA1N2E3LzEvV010V1RRcTNpRUM2VlRxcndZN05MdER2STJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC85YjM5YjktODJjOC00YzdkLWIyNjgtNzY2ZTU0NjA1N2E3
LzEvcUxxMkhEWU9vUWpOR1N4ODU2ZnRWV1c5LS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+DwMA0G
CSqGSIb3DQEBCwUAA4IBAQAQg5JxTqlIK+KQFDZaAWJh6hggXOqXsopx/ZRqxE7U
iKZbPXqV4YDhcEQnyeCHSGdde5vtdptpu8qp2Ge2jcSg8hy8ywcCyQ7atAgScsBX
NGmxOcl0Lfllo8ZF7iYnSFREgFMo6DTqRweKkgDAP68dxa/lPgu/0rIAY0mhofvf
0zbBEomAU8ZvbVSE6EtN/OyIBpsm0GaYilOLqcamBnbI2bWq12QwJT0TwK5NvyY5
ciM4irAybxFEiCwFygEnKwRmEdEcb7FQKcQQJVCKSGNDjsnblIGza/lNhy4UhaRD
Mg7vPssPzNi0CG6ytt97rPqSW4dkR8m7dELvqoO4By1a
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:15 2025 by rpki-client