Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/WrwaOjbHuOjmVQsPxK-kollP71M.roa
File: WrwaOjbHuOjmVQsPxK-kollP71M.roa (raw, json)
Hash identifier: x86q64HS0Im61YZVtEiMk8RXUeo5TGYC2IJXP2I+y/Y=
Subject key identifier: 5A:BC:1A:3A:36:C7:B8:E8:E6:55:0B:0F:C4:AF:A4:A2:59:4F:EF:53
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0184C78B86AD1A46C09C30C86A65934103A8
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/WrwaOjbHuOjmVQsPxK-kollP71M.roa
Signing time: Wed 30 Nov 2022 07:58:40 +0000
ROA not before: Wed 30 Nov 2022 07:58:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.85.0/24 maxlen: 24
95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
93.179.121.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
95.181.212.0/23 maxlen: 23
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:8b:86:ad:1a:46:c0:9c:30:c8:6a:65:93:41:03:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Nov 30 07:58:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5abc1a3a36c7b8e8e6550b0fc4afa4a2594fef53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:91:c1:b3:54:24:0f:c7:b5:03:00:5f:f1:69:
24:74:25:b4:57:04:f5:88:2d:4c:07:73:b3:60:18:
4b:01:0e:04:03:61:2b:62:b2:5b:36:a7:3a:53:f9:
31:d4:3b:59:22:bd:e6:6d:67:c8:cf:7b:ec:f2:e1:
c0:f8:32:f2:b3:ed:4e:32:b4:76:81:0d:05:76:b8:
bc:dc:a7:a8:46:cd:4f:22:7b:9a:0e:dd:1b:4d:c4:
d6:c3:f2:8f:29:82:b5:7c:08:9b:8a:8c:ad:35:88:
a9:81:fd:ac:00:c5:a1:03:f6:42:f0:ea:ed:96:21:
3e:7d:17:a5:2e:25:28:b1:9a:a6:48:1f:62:eb:5e:
51:8e:92:64:3a:ff:78:40:f7:2a:f4:6e:ba:ef:b8:
77:8f:0f:00:48:cb:4b:27:17:8f:b0:09:c9:d3:77:
bf:80:bd:c7:8a:29:ed:c4:00:b7:0d:a8:0d:42:11:
37:dc:ce:99:18:c0:cd:b7:0a:78:d7:ae:85:c5:63:
27:92:58:45:6c:a7:47:24:7e:e3:65:15:57:bc:b8:
b7:5c:e5:9b:58:eb:92:61:df:1b:36:7e:c6:7e:9c:
9c:a3:86:fc:0a:9c:9a:08:c5:73:5a:20:c5:89:f9:
95:97:04:39:6a:2a:11:8a:fd:3e:6f:f0:51:74:84:
68:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:BC:1A:3A:36:C7:B8:E8:E6:55:0B:0F:C4:AF:A4:A2:59:4F:EF:53
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/WrwaOjbHuOjmVQsPxK-kollP71M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.69.0/24
93.179.121.0/24
95.85.83.0/24
95.85.85.0/24
95.181.212.0/23
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
30:eb:1c:c4:ca:51:94:62:12:c3:15:e6:90:24:ab:e8:b2:a2:
e1:f2:d1:71:58:c9:b4:27:63:28:e2:e0:97:cd:88:ad:2a:59:
36:9d:f6:f5:82:5e:d4:80:1d:e9:dd:c1:12:5a:f0:10:e0:cf:
f5:0d:47:4a:43:43:50:75:11:67:9c:92:0a:aa:1e:0d:b3:1d:
96:cd:d7:14:53:17:5a:9b:ee:5c:d0:32:d3:99:e3:91:0b:1d:
2d:ae:56:9c:7a:e3:60:c1:b4:6f:76:33:ce:f1:99:b0:f0:53:
2e:3a:c4:64:63:ed:85:c7:2b:0b:13:74:5b:9b:0c:e0:fe:54:
ab:a8:ce:a6:52:3e:af:55:b8:d4:ab:dc:51:c4:3a:37:b6:93:
b3:a3:70:0e:59:f3:9c:54:c2:7c:71:2e:1b:95:da:fe:89:12:
95:19:a6:25:5f:ce:89:e3:e1:31:a3:a8:05:5f:81:a6:94:86:
8a:c5:bf:a8:ff:a8:57:0b:9d:05:c0:15:26:e2:6f:44:44:c6:
d5:45:32:04:6c:37:b8:3d:0a:f4:b2:37:e8:ed:94:6f:39:3a:
fd:8a:09:96:5d:14:45:fb:a8:60:51:4a:96:56:68:dd:b6:ce:
5f:c7:fc:26:7b:4e:b6:68:fc:b7:cf:af:fe:39:2a:90:fe:bc:
2f:81:03:58
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAYTHi4atGkbAnDDIamWTQQOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIxMTMwMDc1ODQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWJjMWEzYTM2YzdiOGU4ZTY1NTBiMGZjNGFmYTRhMjU5NGZlZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5HBs1QkD8e1AwBf8WkkdCW0VwT1
iC1MB3OzYBhLAQ4EA2ErYrJbNqc6U/kx1DtZIr3mbWfIz3vs8uHA+DLys+1OMrR2
gQ0Fdri83KeoRs1PInuaDt0bTcTWw/KPKYK1fAibioytNYipgf2sAMWhA/ZC8Ort
liE+fRelLiUosZqmSB9i615RjpJkOv94QPcq9G6677h3jw8ASMtLJxePsAnJ03e/
gL3HiintxAC3DagNQhE33M6ZGMDNtwp4166FxWMnklhFbKdHJH7jZRVXvLi3XOWb
WOuSYd8bNn7Gfpyco4b8CpyaCMVzWiDFifmVlwQ5aioRiv0+b/BRdIRoTQIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFFq8Gjo2x7jo5lULD8SvpKJZT+9TMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvV3J3YU9qYkh1T2ptVlFzUHhLLWtvbGxQNzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQCW8SIAwQA
XbNCAwQAXbNFAwQAXbN5AwQAX1VTAwQAX1VVAwQBX7XUAwQAbcSFAwQAw7YIMBQE
AgACMA4DBQAqBIaAAwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAMOscxMpRlGIS
wxXmkCSr6LKi4fLRcVjJtCdjKOLgl82IrSpZNp329YJe1IAd6d3BElrwEODP9Q1H
SkNDUHURZ5ySCqoeDbMdls3XFFMXWpvuXNAy05njkQsdLa5WnHrjYMG0b3YzzvGZ
sPBTLjrEZGPthccrCxN0W5sM4P5Uq6jOplI+r1W41KvcUcQ6N7aTs6NwDlnznFTC
fHEuG5Xa/okSlRmmJV/OiePhMaOoBV+BppSGisW/qP+oVwudBcAVJuJvRETG1UUy
BGw3uD0K9LI36O2Ubzk6/YoJll0URfuoYFFKllZo3bbOX8f8JntOtmj8t8+v/jkq
kP68L4EDWA==
-----END CERTIFICATE-----
Generated at Sat Apr 19 01:22:37 2025 by rpki-client