Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/W_9O8TtldsZ5pfUAHDN40mwysC8.roa
File: W_9O8TtldsZ5pfUAHDN40mwysC8.roa (raw, json)
Hash identifier: mwWUlCxNeB4XOCkJxK5VLezb1h1sxg0DM/k+vk2/Gp0=
Subject key identifier: 5B:FF:4E:F1:3B:65:76:C6:79:A5:F5:00:1C:33:78:D2:6C:32:B0:2F
Certificate issuer: /CN=03a6dc2f2668ebdcf86b6c0258a8187e5f7ce270
Certificate serial: 018B6283F152C92BE7562529B9A19F2BD570
Authority key identifier: 03:A6:DC:2F:26:68:EB:DC:F8:6B:6C:02:58:A8:18:7E:5F:7C:E2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A6bcLyZo69z4a2wCWKgYfl984nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/W_9O8TtldsZ5pfUAHDN40mwysC8.roa
Signing time: Tue 24 Oct 2023 16:28:15 +0000
ROA not before: Tue 24 Oct 2023 16:28:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20799
IP address blocks: 185.115.68.0/22 maxlen: 24
80.68.32.0/19 maxlen: 24
77.241.176.0/20 maxlen: 24
2a02:df8::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:62:83:f1:52:c9:2b:e7:56:25:29:b9:a1:9f:2b:d5:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03a6dc2f2668ebdcf86b6c0258a8187e5f7ce270
Validity
Not Before: Oct 24 16:28:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bff4ef13b6576c679a5f5001c3378d26c32b02f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:78:43:d4:98:8f:fa:41:bc:a1:bf:5a:11:3a:
8a:70:65:65:1f:58:67:7f:ac:7f:25:9c:99:ae:95:
c3:5b:1f:5d:55:2d:7b:eb:1d:8a:d8:3b:a6:84:8e:
3f:c1:28:0f:a9:8b:35:f5:5c:06:90:97:dc:ff:3e:
7b:c7:c9:1b:3f:bd:e0:01:6b:eb:1a:f6:a7:c9:ba:
3e:a5:a2:54:37:35:8b:67:04:a7:98:17:d4:8f:81:
c5:8a:ed:17:b7:20:ed:fb:d2:ad:fc:f7:df:3c:af:
e5:e6:39:5a:68:58:f3:87:45:5b:d8:f6:5a:ab:a4:
b5:a5:75:7c:44:88:72:ae:3f:f6:0b:d2:41:80:33:
bd:ed:96:ee:53:21:1e:51:eb:8b:ba:42:11:bb:bc:
cb:9a:76:38:79:70:a3:ab:d3:27:43:ba:d5:4f:cd:
a5:2d:bc:b4:20:05:4d:da:fa:7f:8e:e8:6c:d0:79:
95:bd:35:84:59:ae:23:f7:1e:1f:e5:2e:19:cc:e3:
0f:56:77:78:2c:9b:58:95:91:96:0d:8e:04:1c:79:
08:35:fe:6a:5e:90:50:3e:c3:08:6e:d3:c1:b4:80:
40:07:ac:4d:86:e4:55:5a:cf:39:64:88:5d:25:b6:
db:52:c0:03:44:16:14:f7:e4:59:fa:17:ab:cd:78:
90:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:FF:4E:F1:3B:65:76:C6:79:A5:F5:00:1C:33:78:D2:6C:32:B0:2F
X509v3 Authority Key Identifier:
keyid:03:A6:DC:2F:26:68:EB:DC:F8:6B:6C:02:58:A8:18:7E:5F:7C:E2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A6bcLyZo69z4a2wCWKgYfl984nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/W_9O8TtldsZ5pfUAHDN40mwysC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/28b303-47a5-4a92-b02e-ebd0c3ee44ae/1/A6bcLyZo69z4a2wCWKgYfl984nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.176.0/20
80.68.32.0/19
185.115.68.0/22
IPv6:
2a02:df8::/29
Signature Algorithm: sha256WithRSAEncryption
67:09:c8:e6:a8:27:e4:12:33:56:6e:bd:53:27:b2:9c:1e:fb:
83:04:44:69:2e:5c:b9:16:87:e9:82:ce:c3:d4:38:bb:14:cf:
00:11:af:81:8a:ab:1f:c4:9b:8a:08:5e:8d:c9:4b:e1:c9:9b:
1e:98:24:81:b6:8a:f9:db:7e:4f:15:89:38:8a:43:9f:72:f0:
77:76:17:71:1f:34:cf:08:3e:70:a3:24:d0:ca:9f:d4:ab:24:
ff:ab:14:71:8e:a7:12:dd:8b:fd:cc:17:9e:1a:68:f8:95:1b:
81:97:c1:9a:13:38:43:34:1f:69:4a:18:45:79:03:ef:d6:1a:
5b:f3:9d:6b:60:c4:c0:ef:0b:d8:69:0d:6c:97:93:29:90:56:
ca:bf:14:0b:3e:f9:de:d4:e2:51:c4:7d:41:02:14:1e:86:e1:
39:74:19:f1:60:a7:42:0b:6a:74:30:65:1e:10:9f:b6:51:9c:
e0:87:df:9d:6a:5d:17:45:29:13:e4:02:54:5b:b2:f5:e5:7b:
f2:cc:14:64:86:d0:ba:ae:be:df:95:4c:1f:1d:71:cd:3d:19:
bc:f3:bc:3c:4d:c6:35:42:1e:10:41:b3:cf:21:ec:b4:50:61:
83:07:3f:18:2a:d8:4d:40:7c:72:c9:25:a1:c4:40:da:40:2e:
e0:99:91:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYtig/FSySvnViUpuaGfK9VwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzYTZkYzJmMjY2OGViZGNmODZiNmMwMjU4YTgxODdlNWY3
Y2UyNzAwHhcNMjMxMDI0MTYyODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmZmNGVmMTNiNjU3NmM2NzlhNWY1MDAxYzMzNzhkMjZjMzJiMDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXhD1JiP+kG8ob9aETqKcGVlH1hn
f6x/JZyZrpXDWx9dVS176x2K2DumhI4/wSgPqYs19VwGkJfc/z57x8kbP73gAWvr
Gvanybo+paJUNzWLZwSnmBfUj4HFiu0XtyDt+9Kt/PffPK/l5jlaaFjzh0Vb2PZa
q6S1pXV8RIhyrj/2C9JBgDO97ZbuUyEeUeuLukIRu7zLmnY4eXCjq9MnQ7rVT82l
Lby0IAVN2vp/juhs0HmVvTWEWa4j9x4f5S4ZzOMPVnd4LJtYlZGWDY4EHHkINf5q
XpBQPsMIbtPBtIBAB6xNhuRVWs85ZIhdJbbbUsADRBYU9+RZ+herzXiQCwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFv/TvE7ZXbGeaX1ABwzeNJsMrAvMB8GA1UdIwQY
MBaAFAOm3C8maOvc+GtsAlioGH5ffOJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTZiY0x5Wm82OXo0YTJ3Q1dLZ1lmbDk4NG5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8yOGIzMDMtNDdhNS00YTkyLWIwMmUt
ZWJkMGMzZWU0NGFlLzEvV185TzhUdGxkc1o1cGZVQUhETjQwbXd5c0M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8yOGIzMDMtNDdhNS00YTkyLWIwMmUtZWJkMGMzZWU0NGFl
LzEvQTZiY0x5Wm82OXo0YTJ3Q1dLZ1lmbDk4NG5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETfGwAwQF
UEQgAwQCuXNEMA0EAgACMAcDBQMqAg34MA0GCSqGSIb3DQEBCwUAA4IBAQBnCcjm
qCfkEjNWbr1TJ7KcHvuDBERpLly5Fofpgs7D1Di7FM8AEa+BiqsfxJuKCF6NyUvh
yZsemCSBtor5235PFYk4ikOfcvB3dhdxHzTPCD5woyTQyp/UqyT/qxRxjqcS3Yv9
zBeeGmj4lRuBl8GaEzhDNB9pShhFeQPv1hpb851rYMTA7wvYaQ1sl5MpkFbKvxQL
Pvne1OJRxH1BAhQehuE5dBnxYKdCC2p0MGUeEJ+2UZzgh9+dal0XRSkT5AJUW7L1
5XvyzBRkhtC6rr7flUwfHXHNPRm887w8TcY1Qh4QQbPPIey0UGGDBz8YKthNQHxy
ySWhxEDaQC7gmZFa
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:28 2025 by rpki-client