Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/WnpS2Ppw7SuMRY88XuLHUxbQ8p8.roa
File: WnpS2Ppw7SuMRY88XuLHUxbQ8p8.roa (raw, json)
Hash identifier: KkGU1U8HK/4e5VZGtUY8BADPXMMp7Nhsxn+W8IMkg1E=
Subject key identifier: 5A:7A:52:D8:FA:70:ED:2B:8C:45:8F:3C:5E:E2:C7:53:16:D0:F2:9F
Certificate issuer: /CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Certificate serial: 0184AD869CB5A893B3FD3E05F9C0CA5740AF
Authority key identifier: 6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/WnpS2Ppw7SuMRY88XuLHUxbQ8p8.roa
Signing time: Fri 25 Nov 2022 06:43:11 +0000
ROA not before: Fri 25 Nov 2022 06:43:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38917
IP address blocks: 185.24.112.0/22 maxlen: 24
109.111.64.0/19 maxlen: 24
87.255.224.0/20 maxlen: 24
87.255.224.0/19 maxlen: 24
149.255.16.0/22 maxlen: 22
87.255.240.0/20 maxlen: 24
87.255.252.0/24 maxlen: 24
87.255.248.0/22 maxlen: 24
217.175.32.0/20 maxlen: 24
176.110.206.0/23 maxlen: 23
176.110.208.0/21 maxlen: 24
185.86.112.0/20 maxlen: 24
194.32.156.0/22 maxlen: 22
2a04:2cc0::/32 maxlen: 32
2a04:2cc3::/32 maxlen: 32
2a04:2cc5::/32 maxlen: 32
2a04:2cc6::/32 maxlen: 32
2a04:2cc2::/32 maxlen: 32
2a04:2cc1::/32 maxlen: 32
2a04:2cc7::/32 maxlen: 32
2a04:2cc4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:86:9c:b5:a8:93:b3:fd:3e:05:f9:c0:ca:57:40:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5c5712fbbcd832419d4c5884ae3bc3c4a16e7b
Validity
Not Before: Nov 25 06:43:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a7a52d8fa70ed2b8c458f3c5ee2c75316d0f29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:09:0f:98:c9:cd:0e:d8:21:a2:92:5a:4e:26:
9a:62:a2:ea:9f:15:06:9f:a5:b7:ca:6d:7b:5f:fa:
54:25:63:d5:fc:5b:c8:4f:ed:37:bf:d2:64:54:dd:
f4:31:e0:2d:46:08:e1:77:6a:f3:cd:5a:30:dc:5a:
a1:59:e3:20:dd:29:f8:03:21:d4:5d:4c:f1:21:1d:
1f:55:cc:16:6f:d5:32:fc:5a:0c:1a:6d:f2:60:5a:
74:88:8e:df:61:1c:05:31:84:46:fd:53:62:f1:46:
8f:1d:4e:c6:c7:e9:ab:b8:2f:71:04:20:2a:39:91:
40:f9:ca:bb:d2:18:64:35:b8:76:41:56:94:21:d8:
b6:be:0c:d1:1e:e3:7c:a9:32:b1:d8:c4:71:f4:02:
81:95:ab:77:91:b3:db:95:d4:7d:eb:4c:b9:a4:3c:
95:6b:5d:ad:e5:0c:aa:28:d7:f5:c3:17:59:e9:f3:
fc:70:1e:19:09:e2:00:8d:03:15:b6:91:37:7d:64:
46:ae:9d:57:e7:97:7a:54:e1:b9:1a:91:3b:30:1f:
56:40:38:e4:8a:c0:c5:5e:15:99:8b:3f:66:1a:50:
0e:28:c2:3e:fc:de:39:2d:f3:4d:ca:69:32:cc:c8:
05:c1:03:f3:ae:16:6a:25:41:3f:c0:8d:37:c0:dc:
09:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7A:52:D8:FA:70:ED:2B:8C:45:8F:3C:5E:E2:C7:53:16:D0:F2:9F
X509v3 Authority Key Identifier:
keyid:6F:5C:57:12:FB:BC:D8:32:41:9D:4C:58:84:AE:3B:C3:C4:A1:6E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1xXEvu82DJBnUxYhK47w8Shbns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/WnpS2Ppw7SuMRY88XuLHUxbQ8p8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/b403cc-4e6c-4fe9-83a1-7550529d847a/1/b1xXEvu82DJBnUxYhK47w8Shbns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.255.224.0/19
109.111.64.0/19
149.255.16.0/22
176.110.206.0-176.110.215.255
185.24.112.0/22
185.86.112.0/20
194.32.156.0/22
217.175.32.0/20
IPv6:
2a04:2cc0::/29
Signature Algorithm: sha256WithRSAEncryption
8c:60:c1:2a:c9:9b:28:ff:ab:0b:50:77:56:b5:11:cd:09:52:
34:32:40:2a:71:e3:eb:68:78:27:e9:8d:5b:16:83:96:00:2a:
fb:14:7c:06:77:70:18:25:c9:08:d6:d2:0c:f4:e2:38:3f:57:
e1:1f:66:d6:4c:6b:1c:9f:72:fe:02:8b:d2:1d:9b:a2:9d:3c:
53:3b:04:ff:86:eb:96:e5:d1:07:ee:fd:8f:ae:39:0d:f9:4d:
19:60:58:73:cd:43:5c:65:3a:62:0f:29:6d:c0:ea:4a:af:35:
c7:8b:2c:d3:aa:ee:2f:22:d0:0d:f5:1e:ac:bd:f1:93:3d:ad:
34:00:1e:66:93:2f:70:e5:11:4f:0a:2e:1d:db:3b:b7:df:06:
53:58:8d:28:d6:c0:e2:c9:a5:d4:ea:e9:17:02:a8:1a:1b:94:
df:08:8e:41:55:f2:69:62:a4:a4:87:03:3a:ef:89:02:89:33:
9c:9e:01:eb:50:aa:60:51:d2:be:5c:c7:cf:82:fc:b3:ce:c3:
3f:41:69:91:48:77:5e:90:1d:7c:2a:1b:e9:42:cf:c0:c3:07:
eb:39:cc:51:a2:e7:6e:32:44:1a:bf:c5:db:8d:39:21:6d:bd:
28:d1:6d:f2:25:f5:10:99:b9:d0:69:2c:5e:03:a2:a5:c0:2a:
29:83:97:2d
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYSthpy1qJOz/T4F+cDKV0CvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWM1NzEyZmJiY2Q4MzI0MTlkNGM1ODg0YWUzYmMzYzRh
MTZlN2IwHhcNMjIxMTI1MDY0MzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTdhNTJkOGZhNzBlZDJiOGM0NThmM2M1ZWUyYzc1MzE2ZDBmMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowkPmMnNDtghopJaTiaaYqLqnxUG
n6W3ym17X/pUJWPV/FvIT+03v9JkVN30MeAtRgjhd2rzzVow3FqhWeMg3Sn4AyHU
XUzxIR0fVcwWb9Uy/FoMGm3yYFp0iI7fYRwFMYRG/VNi8UaPHU7Gx+mruC9xBCAq
OZFA+cq70hhkNbh2QVaUIdi2vgzRHuN8qTKx2MRx9AKBlat3kbPbldR960y5pDyV
a12t5QyqKNf1wxdZ6fP8cB4ZCeIAjQMVtpE3fWRGrp1X55d6VOG5GpE7MB9WQDjk
isDFXhWZiz9mGlAOKMI+/N45LfNNymkyzMgFwQPzrhZqJUE/wI03wNwJuwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFp6Utj6cO0rjEWPPF7ix1MW0PKfMB8GA1UdIwQY
MBaAFG9cVxL7vNgyQZ1MWISuO8PEoW57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEt
NzU1MDUyOWQ4NDdhLzEvV25wUzJQcHc3U3VNUlk4OFh1TEhVeGJROHA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9iNDAzY2MtNGU2Yy00ZmU5LTgzYTEtNzU1MDUyOWQ4NDdh
LzEvYjF4WEV2dTgyREpCblV4WWhLNDd3OFNoYm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQFV//gAwQF
bW9AAwQClf8QMAwDBAGwbs4DBAOwbtADBAK5GHADBAS5VnADBALCIJwDBATZryAw
DQQCAAIwBwMFAyoELMAwDQYJKoZIhvcNAQELBQADggEBAIxgwSrJmyj/qwtQd1a1
Ec0JUjQyQCpx4+toeCfpjVsWg5YAKvsUfAZ3cBglyQjW0gz04jg/V+EfZtZMaxyf
cv4Ci9Idm6KdPFM7BP+G65bl0Qfu/Y+uOQ35TRlgWHPNQ1xlOmIPKW3A6kqvNceL
LNOq7i8i0A31Hqy98ZM9rTQAHmaTL3DlEU8KLh3bO7ffBlNYjSjWwOLJpdTq6RcC
qBoblN8IjkFV8mlipKSHAzrviQKJM5yeAetQqmBR0r5cx8+C/LPOwz9BaZFId16Q
HXwqG+lCz8DDB+s5zFGi524yRBq/xduNOSFtvSjRbfIl9RCZudBpLF4DoqXAKimD
ly0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:14 2025 by rpki-client