Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/wkhaCzRgf_Y0ftd1W_3P8h7k3bM.roa
File: wkhaCzRgf_Y0ftd1W_3P8h7k3bM.roa (raw, json)
Hash identifier: pzVM9OmpqwE1WHPvRCbjgcl1HpWYHjrkBovgDb/ACko=
Subject key identifier: C2:48:5A:0B:34:60:7F:F6:34:7E:D7:75:5B:FD:CF:F2:1E:E4:DD:B3
Certificate issuer: /CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Certificate serial: 01877F7B534B1A77E9FE3EAE1E01049EBD68
Authority key identifier: 1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/wkhaCzRgf_Y0ftd1W_3P8h7k3bM.roa
Signing time: Fri 14 Apr 2023 11:16:41 +0000
ROA not before: Fri 14 Apr 2023 11:16:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205394
IP address blocks: 185.201.164.0/22 maxlen: 24
46.226.72.0/21 maxlen: 24
2a0a:c840::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7f:7b:53:4b:1a:77:e9:fe:3e:ae:1e:01:04:9e:bd:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ee5efbf65897160d55a52dc3a22c017876cd06c
Validity
Not Before: Apr 14 11:16:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2485a0b34607ff6347ed7755bfdcff21ee4ddb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:74:90:18:16:9a:0a:ae:29:6f:18:58:61:
61:be:c7:36:de:53:eb:53:5e:6e:74:a1:0c:5d:e2:
47:f9:a9:8b:6b:17:e4:68:24:3b:16:70:6d:60:f7:
5f:f2:f4:38:2b:88:ca:01:cb:e9:df:ed:88:20:4d:
76:ac:1b:3f:21:8b:e2:f5:05:b1:6c:e3:a9:8b:05:
da:57:d2:bc:b0:e3:51:05:19:92:79:c6:93:fc:df:
95:c3:40:b1:77:5a:d8:ed:1d:32:77:d0:c6:c8:d8:
1e:31:38:eb:2f:84:92:a2:14:20:ac:4e:5b:91:d8:
66:85:8b:36:34:33:99:3c:27:73:40:08:29:26:69:
45:a8:da:06:12:36:30:d3:53:5d:5b:fa:3f:29:c5:
b5:aa:49:c6:8a:20:c2:52:25:2e:c3:bb:4f:80:86:
ee:51:60:fe:da:57:cd:00:3b:d0:9b:c9:6b:f8:a6:
95:f3:a3:ef:ce:46:c4:a3:75:3c:97:d3:e7:6e:01:
0f:a9:32:12:9d:d6:aa:49:6c:44:fa:07:7f:6b:d6:
7b:39:73:a9:5d:6c:ce:27:0d:07:6f:ca:24:1a:f3:
86:8f:6b:9f:1d:93:9a:56:dc:d4:61:8c:b2:dd:2c:
a9:73:c0:e0:84:61:f2:21:90:b2:3c:61:cf:99:44:
c3:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:48:5A:0B:34:60:7F:F6:34:7E:D7:75:5B:FD:CF:F2:1E:E4:DD:B3
X509v3 Authority Key Identifier:
keyid:1E:E5:EF:BF:65:89:71:60:D5:5A:52:DC:3A:22:C0:17:87:6C:D0:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/wkhaCzRgf_Y0ftd1W_3P8h7k3bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/332477-c83c-4f80-b1be-7c0db7bae135/1/HuXvv2WJcWDVWlLcOiLAF4ds0Gw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.72.0/21
185.201.164.0/22
IPv6:
2a0a:c840::/29
Signature Algorithm: sha256WithRSAEncryption
bb:e8:85:95:50:52:27:25:93:df:40:ed:88:eb:08:40:7e:8b:
f4:bd:66:9f:50:55:96:0a:97:f5:4c:01:8d:63:cc:da:86:f5:
93:b7:eb:38:43:0a:e5:1d:55:b0:50:9a:d3:a7:ef:7a:d6:9f:
cd:97:72:dc:de:d7:97:93:4d:88:d4:11:1e:cd:8a:fe:88:19:
b2:4f:3c:22:fc:92:5b:8b:1c:e1:b8:b4:06:9c:75:a9:c8:be:
da:8b:b2:ac:fc:79:08:02:b4:7e:fe:36:16:76:17:4e:7d:d7:
c1:c0:f8:02:06:34:7f:ec:3f:b5:77:f0:86:a7:0c:51:96:60:
3c:dc:0a:ea:34:20:5e:57:cd:ce:45:47:f9:1b:61:70:79:c3:
bc:0c:ef:af:59:dd:04:45:5c:da:30:96:0d:7e:69:63:cb:92:
c3:c5:f2:5a:03:e2:c3:7c:d1:ed:38:04:41:e5:c5:60:bb:6f:
70:2a:ec:21:78:0d:6b:9d:dc:3d:d4:84:c0:4a:0c:22:92:98:
0d:0d:41:3b:54:49:32:5b:c2:ff:be:a6:3b:3d:6d:cc:5d:eb:
98:67:b3:b4:11:2e:7c:b2:ca:f7:30:bb:0f:d1:90:7a:1d:a2:
5f:00:35:9b:28:d8:07:95:41:2a:6c:10:1a:72:98:e4:0f:7b:
9b:30:64:9d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYd/e1NLGnfp/j6uHgEEnr1oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZTVlZmJmNjU4OTcxNjBkNTVhNTJkYzNhMjJjMDE3ODc2
Y2QwNmMwHhcNMjMwNDE0MTExNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQ4NWEwYjM0NjA3ZmY2MzQ3ZWQ3NzU1YmZkY2ZmMjFlZTRkZGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7F0kBgWmgquKW8YWGFhvsc23lPr
U15udKEMXeJH+amLaxfkaCQ7FnBtYPdf8vQ4K4jKAcvp3+2IIE12rBs/IYvi9QWx
bOOpiwXaV9K8sONRBRmSecaT/N+Vw0Cxd1rY7R0yd9DGyNgeMTjrL4SSohQgrE5b
kdhmhYs2NDOZPCdzQAgpJmlFqNoGEjYw01NdW/o/KcW1qknGiiDCUiUuw7tPgIbu
UWD+2lfNADvQm8lr+KaV86PvzkbEo3U8l9PnbgEPqTISndaqSWxE+gd/a9Z7OXOp
XWzOJw0Hb8okGvOGj2ufHZOaVtzUYYyy3Sypc8DghGHyIZCyPGHPmUTDWwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMJIWgs0YH/2NH7XdVv9z/Ie5N2zMB8GA1UdIwQY
MBaAFB7l779liXFg1VpS3DoiwBeHbNBsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUt
N2MwZGI3YmFlMTM1LzEvd2toYUN6UmdmX1kwZnRkMVdfM1A4aDdrM2JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMzI0NzctYzgzYy00ZjgwLWIxYmUtN2MwZGI3YmFlMTM1
LzEvSHVYdnYyV0pjV0RWV2xMY09pTEFGNGRzMEd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLuJIAwQC
ucmkMA0EAgACMAcDBQMqCshAMA0GCSqGSIb3DQEBCwUAA4IBAQC76IWVUFInJZPf
QO2I6whAfov0vWafUFWWCpf1TAGNY8zahvWTt+s4QwrlHVWwUJrTp+961p/Nl3Lc
3teXk02I1BEezYr+iBmyTzwi/JJbixzhuLQGnHWpyL7ai7Ks/HkIArR+/jYWdhdO
fdfBwPgCBjR/7D+1d/CGpwxRlmA83ArqNCBeV83ORUf5G2FwecO8DO+vWd0ERVza
MJYNfmljy5LDxfJaA+LDfNHtOARB5cVgu29wKuwheA1rndw91ITASgwikpgNDUE7
VEkyW8L/vqY7PW3MXeuYZ7O0ES58ssr3MLsP0ZB6HaJfADWbKNgHlUEqbBAacpjk
D3ubMGSd
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:15:19 2025 by rpki-client