Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WqnkCcJVSbh_LCs8FB8lgh5UvoQ.roa
File: WqnkCcJVSbh_LCs8FB8lgh5UvoQ.roa (raw, json)
Hash identifier: 60Dd6emHTfnpm+lEaPn0Hr3TOpf5/RT79IySHOKZO0s=
Subject key identifier: 5A:A9:E4:09:C2:55:49:B8:7F:2C:2B:3C:14:1F:25:82:1E:54:BE:84
Certificate issuer: /CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Certificate serial: 01856C139360D6A692A29B569D8B576A6533
Authority key identifier: 58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WqnkCcJVSbh_LCs8FB8lgh5UvoQ.roa
Signing time: Sun 01 Jan 2023 06:45:00 +0000
ROA not before: Sun 01 Jan 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51456
IP address blocks: 212.107.248.0/21 maxlen: 21
212.107.248.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:13:93:60:d6:a6:92:a2:9b:56:9d:8b:57:6a:65:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5853e65a3087b4ca85c8802b60ff0f02b4106d97
Validity
Not Before: Jan 1 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5aa9e409c25549b87f2c2b3c141f25821e54be84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:8c:3b:c0:b6:aa:38:e3:83:a6:36:99:f5:05:
d0:16:c2:de:a4:14:be:d5:b2:4a:19:48:13:54:4a:
b4:75:19:47:bb:82:06:c2:cf:11:c3:4b:e8:43:97:
a0:ed:98:d9:c3:35:54:3f:5e:1e:96:21:39:d9:7a:
6f:7c:fc:ad:91:58:86:99:b8:1c:61:45:fe:f6:3a:
7a:0e:ae:39:a9:86:de:cb:b1:e2:9b:75:c0:da:00:
19:9f:54:c6:ce:87:a8:a4:23:70:71:2d:e0:92:d8:
be:78:78:07:6b:35:89:00:2d:f6:f2:5b:87:d9:6e:
48:42:b4:f4:e3:db:9b:95:17:fe:5e:a5:58:57:50:
b9:88:f2:7d:3d:4e:8e:20:44:7d:f0:20:77:2a:49:
ae:18:6f:75:02:48:6a:a6:73:ee:fc:4a:97:b7:a3:
ef:f4:6a:52:96:f6:a6:fc:81:c2:c6:25:ef:57:df:
d7:86:e7:7c:6e:60:79:d9:c5:51:5b:92:76:3d:ee:
4b:34:56:7d:33:c7:7f:e3:ce:16:75:10:c3:aa:8b:
50:4b:fb:54:5f:41:3b:d9:dd:34:41:d7:0d:4c:8e:
63:84:63:b1:91:60:f7:50:08:b0:81:f5:91:85:ed:
4c:2b:02:a3:39:bb:9f:f4:75:e4:7a:f8:f1:d4:a9:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:A9:E4:09:C2:55:49:B8:7F:2C:2B:3C:14:1F:25:82:1E:54:BE:84
X509v3 Authority Key Identifier:
keyid:58:53:E6:5A:30:87:B4:CA:85:C8:80:2B:60:FF:0F:02:B4:10:6D:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WFPmWjCHtMqFyIArYP8PArQQbZc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WqnkCcJVSbh_LCs8FB8lgh5UvoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/6afd1e-cb7e-4e6e-a8a4-e18602739cd5/1/WFPmWjCHtMqFyIArYP8PArQQbZc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.107.248.0/21
Signature Algorithm: sha256WithRSAEncryption
8e:03:e0:83:2c:f3:17:99:53:0d:a6:94:b2:38:15:bf:aa:30:
2a:57:ee:ac:a0:26:db:cd:ec:7b:87:be:5c:a2:37:5f:3e:68:
8e:dc:25:be:5a:14:80:c1:a0:b2:d9:f4:db:50:f0:e0:d5:45:
66:04:97:92:9b:d5:05:c4:8d:77:ce:7c:bf:1d:7a:dd:ef:1b:
39:3c:9a:de:60:d0:24:94:67:cc:a0:18:ad:e5:98:96:7c:01:
02:00:d9:42:1d:fe:ab:cd:1b:54:e3:a4:da:07:a9:12:b5:93:
4d:4e:ce:6e:50:ae:f5:a2:62:a5:21:f9:da:f0:10:e4:89:72:
af:89:f0:6a:c8:5e:25:3a:3b:f4:67:c3:fd:cb:35:fa:15:40:
0d:11:54:ed:17:8c:31:15:35:09:c7:75:01:17:cd:69:33:de:
ef:40:6c:68:d8:f8:0b:2e:02:84:43:b2:c7:2d:7e:d8:59:f5:
34:65:3d:c4:ae:4d:79:1e:0c:3c:c7:3a:6a:c0:bc:9d:5c:f1:
c9:f3:91:4e:33:79:78:b7:17:91:5f:c0:1c:91:9b:90:db:dd:
94:bf:54:0f:05:c8:dc:4e:ff:fd:fd:5a:35:27:5c:25:71:9d:
0b:09:6c:f0:2f:d0:ef:3c:59:82:bb:bf:4c:8b:9d:cc:bb:b8:
0f:f5:63:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsE5Ng1qaSoptWnYtXamUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NTNlNjVhMzA4N2I0Y2E4NWM4ODAyYjYwZmYwZjAyYjQx
MDZkOTcwHhcNMjMwMTAxMDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWE5ZTQwOWMyNTU0OWI4N2YyYzJiM2MxNDFmMjU4MjFlNTRiZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Iw7wLaqOOODpjaZ9QXQFsLepBS+
1bJKGUgTVEq0dRlHu4IGws8Rw0voQ5eg7ZjZwzVUP14eliE52XpvfPytkViGmbgc
YUX+9jp6Dq45qYbey7Him3XA2gAZn1TGzoeopCNwcS3gkti+eHgHazWJAC328luH
2W5IQrT049ublRf+XqVYV1C5iPJ9PU6OIER98CB3KkmuGG91AkhqpnPu/EqXt6Pv
9GpSlvam/IHCxiXvV9/Xhud8bmB52cVRW5J2Pe5LNFZ9M8d/484WdRDDqotQS/tU
X0E72d00QdcNTI5jhGOxkWD3UAiwgfWRhe1MKwKjObuf9HXkevjx1Kk7VQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFqp5AnCVUm4fywrPBQfJYIeVL6EMB8GA1UdIwQY
MBaAFFhT5lowh7TKhciAK2D/DwK0EG2XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQt
ZTE4NjAyNzM5Y2Q1LzEvV3Fua0NjSlZTYmhfTENzOEZCOGxnaDVVdm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82YWZkMWUtY2I3ZS00ZTZlLWE4YTQtZTE4NjAyNzM5Y2Q1
LzEvV0ZQbVdqQ0h0TXFGeUlBcllQOFBBclFRYlpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQD1Gv4MA0G
CSqGSIb3DQEBCwUAA4IBAQCOA+CDLPMXmVMNppSyOBW/qjAqV+6soCbbzex7h75c
ojdfPmiO3CW+WhSAwaCy2fTbUPDg1UVmBJeSm9UFxI13zny/HXrd7xs5PJreYNAk
lGfMoBit5ZiWfAECANlCHf6rzRtU46TaB6kStZNNTs5uUK71omKlIfna8BDkiXKv
ifBqyF4lOjv0Z8P9yzX6FUANEVTtF4wxFTUJx3UBF81pM97vQGxo2PgLLgKEQ7LH
LX7YWfU0ZT3Erk15Hgw8xzpqwLydXPHJ85FOM3l4txeRX8AckZuQ292Uv1QPBcjc
Tv/9/Vo1J1wlcZ0LCWzwL9DvPFmCu79Mi53Mu7gP9WM0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:27 2025 by rpki-client