Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/WVWtT7FpcHzKoN2H-gkF-fJQU-I.roa
File: WVWtT7FpcHzKoN2H-gkF-fJQU-I.roa (raw, json)
Hash identifier: 6OvjdqQ6n5s6UIsWdTExoQKjo+hnCaUukLjFA86mgqM=
Subject key identifier: 59:55:AD:4F:B1:69:70:7C:CA:A0:DD:87:FA:09:05:F9:F2:50:53:E2
Certificate issuer: /CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Certificate serial: 018AFB3139B6FDCAAC93ED3D72A35FFDE5FF
Authority key identifier: 32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/WVWtT7FpcHzKoN2H-gkF-fJQU-I.roa
Signing time: Wed 04 Oct 2023 14:57:01 +0000
ROA not before: Wed 04 Oct 2023 14:57:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210021
IP address blocks: 86.105.144.0/24 maxlen: 24
86.105.145.0/24 maxlen: 24
86.105.147.0/24 maxlen: 24
86.105.146.0/24 maxlen: 24
185.206.172.0/24 maxlen: 24
185.206.172.0/22 maxlen: 22
185.206.175.0/24 maxlen: 24
185.206.174.0/24 maxlen: 24
185.206.173.0/24 maxlen: 24
31.14.231.0/24 maxlen: 24
31.14.230.0/24 maxlen: 24
31.14.229.0/24 maxlen: 24
31.14.228.0/22 maxlen: 22
31.14.228.0/24 maxlen: 24
2a05:27c0:1::/48 maxlen: 48
2a05:27c0::/48 maxlen: 48
2a05:27c0:4::/48 maxlen: 64
2a05:27c0:2::/48 maxlen: 64
2a05:27c0:3::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:31:39:b6:fd:ca:ac:93:ed:3d:72:a3:5f:fd:e5:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=322639b35e5d9d0fb3696fe2fd61cb6f4c3fa504
Validity
Not Before: Oct 4 14:57:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5955ad4fb169707ccaa0dd87fa0905f9f25053e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b1:4d:4a:9c:db:eb:45:e7:01:27:66:3e:cb:
ff:37:c2:48:a1:b7:ec:ae:ef:1c:01:c7:f1:b0:aa:
b2:02:23:d7:ea:af:90:5c:12:03:d5:9c:f9:fe:eb:
85:e3:db:8b:c0:73:32:e9:7e:f9:90:f5:05:79:46:
c5:f2:2b:cf:b6:c8:f9:72:ff:03:98:16:90:b6:b3:
98:4b:22:80:5f:14:3d:01:48:63:92:9b:74:d4:2a:
67:d5:fa:07:b1:1a:d4:7b:92:3a:75:af:e7:70:9d:
f7:c7:d1:9f:83:fc:f5:a6:17:af:6b:14:69:b0:58:
35:88:d3:fb:51:63:f7:77:de:35:13:1a:03:ec:bc:
27:07:f4:e5:f3:d1:82:2e:74:9e:2f:6d:5f:41:4c:
fb:b2:22:fb:f7:16:ef:eb:7c:d4:ab:9d:1e:0c:58:
db:33:a3:4f:43:36:9c:54:e8:b3:b7:59:8d:64:b9:
9f:2c:46:da:b2:e7:9c:83:8a:fa:13:b0:6f:71:45:
32:f7:62:69:14:ea:82:e2:ca:eb:62:77:b5:72:5b:
a7:78:68:63:73:ac:f0:a9:38:e1:b3:12:03:94:2b:
60:20:a7:65:4f:fd:62:78:89:31:76:a0:1e:e2:35:
fa:5a:31:a0:07:65:44:27:9a:54:23:03:84:b1:14:
d7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:55:AD:4F:B1:69:70:7C:CA:A0:DD:87:FA:09:05:F9:F2:50:53:E2
X509v3 Authority Key Identifier:
keyid:32:26:39:B3:5E:5D:9D:0F:B3:69:6F:E2:FD:61:CB:6F:4C:3F:A5:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/WVWtT7FpcHzKoN2H-gkF-fJQU-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/662fbf-5576-4595-892b-b5b3aeae98ea/1/MiY5s15dnQ-zaW_i_WHLb0w_pQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.228.0/22
86.105.144.0/22
185.206.172.0/22
IPv6:
2a05:27c0::-2a05:27c0:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
cc:8e:24:1f:f9:4f:14:4f:5f:ba:fb:01:dc:d0:9b:64:33:f1:
2e:e0:5a:8d:dd:39:36:60:31:72:76:01:2f:02:b5:6f:af:3d:
5b:82:f4:27:80:d6:50:dc:8b:1c:d3:bc:d5:82:7d:04:60:fd:
77:21:fc:fe:8c:34:80:f2:19:f3:c6:0c:65:9e:62:6a:f8:d7:
45:ed:08:fb:d3:f2:39:c1:94:9d:7f:11:d5:24:e5:b5:f4:52:
26:84:55:b5:e4:6c:85:a0:e9:e5:db:44:f4:9b:88:94:6b:2b:
4a:5e:cc:2d:ea:c2:e4:d7:c2:ad:39:28:26:00:32:45:ad:3c:
1f:4d:07:7b:cb:90:02:58:42:8d:17:54:75:43:09:2b:48:83:
df:d9:13:58:11:99:cc:cc:65:71:fa:38:d6:22:4f:a8:fc:99:
26:8e:f5:d4:70:e5:c0:0d:f4:12:45:00:2e:64:c5:7b:e5:a8:
b4:dc:d7:e9:51:1d:52:e1:d8:85:e1:c5:8d:66:40:bc:32:ed:
88:fb:53:c2:01:50:39:09:45:5a:54:4f:ab:ca:7c:e0:1c:c3:
39:a4:89:89:ab:7f:a2:f7:fd:30:5d:26:ae:21:50:bf:50:4f:
41:1e:ef:a3:97:af:9b:64:8f:ef:f9:eb:51:e4:d4:04:da:d6:
a5:e6:5f:52
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYr7MTm2/cqsk+09cqNf/eX/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMjYzOWIzNWU1ZDlkMGZiMzY5NmZlMmZkNjFjYjZmNGMz
ZmE1MDQwHhcNMjMxMDA0MTQ1NzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTU1YWQ0ZmIxNjk3MDdjY2FhMGRkODdmYTA5MDVmOWYyNTA1M2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrFNSpzb60XnASdmPsv/N8JIobfs
ru8cAcfxsKqyAiPX6q+QXBID1Zz5/uuF49uLwHMy6X75kPUFeUbF8ivPtsj5cv8D
mBaQtrOYSyKAXxQ9AUhjkpt01Cpn1foHsRrUe5I6da/ncJ33x9Gfg/z1phevaxRp
sFg1iNP7UWP3d941ExoD7LwnB/Tl89GCLnSeL21fQUz7siL79xbv63zUq50eDFjb
M6NPQzacVOizt1mNZLmfLEbasuecg4r6E7BvcUUy92JpFOqC4srrYne1cluneGhj
c6zwqTjhsxIDlCtgIKdlT/1ieIkxdqAe4jX6WjGgB2VEJ5pUIwOEsRTXGQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFFlVrU+xaXB8yqDdh/oJBfnyUFPiMB8GA1UdIwQY
MBaAFDImObNeXZ0Ps2lv4v1hy29MP6UEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmIt
YjViM2FlYWU5OGVhLzEvV1ZXdFQ3RnBjSHpLb04ySC1na0YtZkpRVS1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82NjJmYmYtNTU3Ni00NTk1LTg5MmItYjViM2FlYWU5OGVh
LzEvTWlZNXMxNWRuUS16YVdfaV9XSExiMHdfcFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQCHw7kAwQC
VmmQAwQCuc6sMBgEAgACMBIwEAMFBioFJ8ADBwAqBSfAAAQwDQYJKoZIhvcNAQEL
BQADggEBAMyOJB/5TxRPX7r7AdzQm2Qz8S7gWo3dOTZgMXJ2AS8CtW+vPVuC9CeA
1lDcixzTvNWCfQRg/Xch/P6MNIDyGfPGDGWeYmr410XtCPvT8jnBlJ1/EdUk5bX0
UiaEVbXkbIWg6eXbRPSbiJRrK0pezC3qwuTXwq05KCYAMkWtPB9NB3vLkAJYQo0X
VHVDCStIg9/ZE1gRmczMZXH6ONYiT6j8mSaO9dRw5cAN9BJFAC5kxXvlqLTc1+lR
HVLh2IXhxY1mQLwy7Yj7U8IBUDkJRVpUT6vKfOAcwzmkiYmrf6L3/TBdJq4hUL9Q
T0Ee76OXr5tkj+/561Hk1ATa1qXmX1I=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:41 2025 by rpki-client