Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/wtfNbwnOvcGFwOl19RiN1ql4N5U.roa
File: wtfNbwnOvcGFwOl19RiN1ql4N5U.roa (raw, json)
Hash identifier: nnLdt3btYBBM15KOsEnDxNuiuF+Q3FHcPkiO8Reo1zQ=
Subject key identifier: C2:D7:CD:6F:09:CE:BD:C1:85:C0:E9:75:F5:18:8D:D6:A9:78:37:95
Certificate issuer: /CN=2ab32a51f01880f48415691b6008b8f3699c343d
Certificate serial: 01856EA6A4A2C3C7F65A41789D4D476EE71D
Authority key identifier: 2A:B3:2A:51:F0:18:80:F4:84:15:69:1B:60:08:B8:F3:69:9C:34:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrMqUfAYgPSEFWkbYAi482mcND0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/wtfNbwnOvcGFwOl19RiN1ql4N5U.roa
Signing time: Sun 01 Jan 2023 18:44:52 +0000
ROA not before: Sun 01 Jan 2023 18:44:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209994
IP address blocks: 193.176.88.0/22 maxlen: 24
2a0e:e900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:a4:a2:c3:c7:f6:5a:41:78:9d:4d:47:6e:e7:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab32a51f01880f48415691b6008b8f3699c343d
Validity
Not Before: Jan 1 18:44:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2d7cd6f09cebdc185c0e975f5188dd6a9783795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:db:53:46:75:cc:67:98:6e:6a:0c:e5:ce:eb:
f1:33:74:45:3b:83:4e:9a:a5:12:de:dc:64:ea:f5:
04:19:b7:93:03:c7:94:74:af:fd:89:6e:22:03:25:
d7:f9:5e:d3:8c:b6:8d:55:a9:d7:1d:1e:c7:81:4d:
3f:53:37:cd:82:db:21:bb:e2:3a:82:52:c4:4a:65:
bd:44:2c:cd:33:60:5c:91:12:36:d3:13:61:a5:05:
95:c9:1b:c3:41:6c:5f:b5:6e:c9:5f:a8:b4:13:b4:
6b:82:4b:c5:24:c3:5e:4a:28:8e:f4:dc:fa:84:1f:
e2:83:1f:96:7e:24:b5:b3:df:ac:65:96:39:59:86:
52:03:fb:6c:4e:31:78:7c:59:e2:d3:41:b9:f1:e3:
01:fb:a8:f9:13:72:92:66:5b:23:b0:f3:d7:b9:14:
83:3a:be:72:80:b8:cf:e3:a7:c5:53:b1:91:3f:eb:
c1:c5:32:c7:57:4a:c7:cb:52:cf:90:78:32:91:db:
c7:7f:5e:13:6d:f5:68:0b:ba:1c:ac:9e:0e:a8:67:
d8:94:da:84:f9:3e:b9:60:d5:08:0b:e7:98:c8:1f:
18:36:57:91:17:50:65:1f:9c:e2:c1:a7:3b:ce:fd:
39:da:27:6a:1e:d5:4c:50:ef:2c:3c:a5:dd:77:d7:
cf:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D7:CD:6F:09:CE:BD:C1:85:C0:E9:75:F5:18:8D:D6:A9:78:37:95
X509v3 Authority Key Identifier:
keyid:2A:B3:2A:51:F0:18:80:F4:84:15:69:1B:60:08:B8:F3:69:9C:34:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrMqUfAYgPSEFWkbYAi482mcND0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/wtfNbwnOvcGFwOl19RiN1ql4N5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/KrMqUfAYgPSEFWkbYAi482mcND0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.88.0/22
IPv6:
2a0e:e900::/29
Signature Algorithm: sha256WithRSAEncryption
5a:f0:cf:05:6a:13:bf:dd:9c:66:31:31:f4:c4:07:25:2e:4e:
77:b8:10:fe:63:0d:dc:54:1f:ab:8d:fa:74:d4:78:a8:c6:40:
58:37:0d:c2:7d:76:e9:0a:c2:51:c2:89:a6:4d:1b:6a:5a:4d:
88:93:45:dc:bf:56:34:f7:21:a0:bc:9c:74:10:bd:a6:c7:90:
1f:25:7e:02:5c:a6:c4:c5:24:1d:b3:69:6d:d5:0b:3d:cf:bb:
27:e7:29:e1:0d:d8:25:c2:80:2f:38:84:5d:96:b8:1a:57:af:
0b:6b:99:82:cf:9a:12:c1:90:b9:1b:f8:49:7e:82:c6:da:2b:
58:47:52:c0:cb:53:2c:dc:07:da:cf:7e:37:bb:9a:2b:76:96:
69:23:d9:2e:dc:64:7a:a4:73:bd:b8:63:ac:15:90:4c:c3:70:
0d:84:73:14:23:8d:53:01:70:13:89:2e:b5:f5:df:bf:48:af:
94:77:7f:be:56:f4:f7:da:35:5a:d9:c9:a8:a0:f7:cc:3b:87:
82:4e:bd:dc:96:b9:b5:e9:2c:87:98:ec:93:78:b0:4c:e0:01:
34:4a:e3:6c:06:87:62:28:f2:4a:45:a0:d8:8b:f1:68:49:8c:
42:e1:32:71:18:d8:77:60:80:6b:da:f0:18:70:58:e6:39:eb:
3a:ad:79:b5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVupqSiw8f2WkF4nU1HbucdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjMyYTUxZjAxODgwZjQ4NDE1NjkxYjYwMDhiOGYzNjk5
YzM0M2QwHhcNMjMwMTAxMTg0NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ3Y2Q2ZjA5Y2ViZGMxODVjMGU5NzVmNTE4OGRkNmE5NzgzNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdtTRnXMZ5huagzlzuvxM3RFO4NO
mqUS3txk6vUEGbeTA8eUdK/9iW4iAyXX+V7TjLaNVanXHR7HgU0/UzfNgtshu+I6
glLESmW9RCzNM2BckRI20xNhpQWVyRvDQWxftW7JX6i0E7RrgkvFJMNeSiiO9Nz6
hB/igx+WfiS1s9+sZZY5WYZSA/tsTjF4fFni00G58eMB+6j5E3KSZlsjsPPXuRSD
Or5ygLjP46fFU7GRP+vBxTLHV0rHy1LPkHgykdvHf14TbfVoC7ocrJ4OqGfYlNqE
+T65YNUIC+eYyB8YNleRF1BlH5ziwac7zv052idqHtVMUO8sPKXdd9fPawIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMLXzW8Jzr3BhcDpdfUYjdapeDeVMB8GA1UdIwQY
MBaAFCqzKlHwGID0hBVpG2AIuPNpnDQ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JNcVVmQVlnUFNFRldrYllBaTQ4Mm1jTkQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNWFkODMtOTcxMS00NGIwLThjZDUt
ZGZkZWY2Y2FhYmRmLzEvd3RmTmJ3bk92Y0dGd09sMTlSaU4xcWw0TjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNWFkODMtOTcxMS00NGIwLThjZDUtZGZkZWY2Y2FhYmRm
LzEvS3JNcVVmQVlnUFNFRldrYllBaTQ4Mm1jTkQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbBYMA0E
AgACMAcDBQMqDukAMA0GCSqGSIb3DQEBCwUAA4IBAQBa8M8FahO/3ZxmMTH0xAcl
Lk53uBD+Yw3cVB+rjfp01HioxkBYNw3CfXbpCsJRwommTRtqWk2Ik0Xcv1Y09yGg
vJx0EL2mx5AfJX4CXKbExSQds2lt1Qs9z7sn5ynhDdglwoAvOIRdlrgaV68La5mC
z5oSwZC5G/hJfoLG2itYR1LAy1Ms3Afaz343u5ordpZpI9ku3GR6pHO9uGOsFZBM
w3ANhHMUI41TAXATiS619d+/SK+Ud3++VvT32jVa2cmooPfMO4eCTr3clrm16SyH
mOyTeLBM4AE0SuNsBodiKPJKRaDYi/FoSYxC4TJxGNh3YIBr2vAYcFjmOes6rXm1
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:17 2025 by rpki-client