Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/qJjC08wvNFJbRG6pgBdiNcs_Wws.roa
File: qJjC08wvNFJbRG6pgBdiNcs_Wws.roa (raw, json)
Hash identifier: EQXxc0rPfjVEsPmmrpgKTS/U7nUqCsE2ZXiG7ZduGtM=
Subject key identifier: A8:98:C2:D3:CC:2F:34:52:5B:44:6E:A9:80:17:62:35:CB:3F:5B:0B
Certificate issuer: /CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Certificate serial: 01856C2EC59507ABE7CF400DC217EB47C83D
Authority key identifier: 5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/qJjC08wvNFJbRG6pgBdiNcs_Wws.roa
Signing time: Sun 01 Jan 2023 07:14:42 +0000
ROA not before: Sun 01 Jan 2023 07:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43623
IP address blocks: 194.156.7.0/24 maxlen: 24
185.17.246.0/24 maxlen: 24
185.17.244.0/22 maxlen: 22
194.113.143.0/24 maxlen: 24
185.17.247.0/24 maxlen: 24
91.195.78.0/23 maxlen: 23
2a04:880:affe::/48 maxlen: 48
2a04:880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:c5:95:07:ab:e7:cf:40:0d:c2:17:eb:47:c8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b9a40fc3f350abda59dbfc01ca37a46d8d74764
Validity
Not Before: Jan 1 07:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a898c2d3cc2f34525b446ea980176235cb3f5b0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:97:7a:0b:bc:d9:da:29:45:a0:0b:74:ea:be:
a4:bc:c9:65:c1:d1:de:0c:3c:bf:61:e0:20:95:10:
04:70:c2:82:23:7c:ad:a1:4c:b1:8b:b0:15:56:5c:
32:e6:a6:3d:e6:be:44:11:78:f8:77:a1:0b:52:62:
7f:fa:73:62:09:e0:b7:ad:39:41:95:1f:a8:6b:06:
cb:b7:8c:14:d7:8d:63:e7:c9:78:b0:c0:35:98:55:
98:47:77:22:59:0d:66:24:a1:89:84:ec:96:a7:4c:
a0:30:0b:3e:5d:66:1e:92:96:15:39:e5:1f:bb:c5:
d6:af:e7:5a:c5:72:8c:54:81:bc:85:7e:d5:4d:c6:
22:ad:4e:57:12:fc:6c:03:3c:da:bf:d7:31:1a:a2:
45:d3:ea:ed:06:df:12:9c:f2:6a:e3:5b:81:96:5e:
59:10:5c:80:2a:80:bd:94:6e:45:88:25:a3:a5:ab:
41:2d:1d:dd:85:64:75:37:76:b4:fa:a8:b7:7d:6e:
6d:41:2f:37:76:14:52:01:e3:3b:7e:a3:ad:08:6a:
5a:82:3d:a4:4a:3a:b0:6b:2a:b8:2a:4c:53:05:bf:
5a:90:c7:44:72:62:d0:2d:56:63:8c:84:84:8a:e5:
93:84:8d:3d:ce:f7:2d:e9:75:72:cb:0e:28:b4:41:
c3:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:98:C2:D3:CC:2F:34:52:5B:44:6E:A9:80:17:62:35:CB:3F:5B:0B
X509v3 Authority Key Identifier:
keyid:5B:9A:40:FC:3F:35:0A:BD:A5:9D:BF:C0:1C:A3:7A:46:D8:D7:47:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/qJjC08wvNFJbRG6pgBdiNcs_Wws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2eede6-fc20-4f8a-ae29-72537526aee2/1/W5pA_D81Cr2lnb_AHKN6RtjXR2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.78.0/23
185.17.244.0/22
194.113.143.0/24
194.156.7.0/24
IPv6:
2a04:880::/29
Signature Algorithm: sha256WithRSAEncryption
5e:8e:49:ea:67:9b:19:62:0c:99:ed:61:5f:c1:63:dc:90:60:
82:78:77:e1:41:e5:f8:1d:72:87:b4:cf:8b:97:21:15:33:8a:
20:0e:d3:95:eb:11:8b:45:87:67:ad:ab:8e:e6:76:0b:67:71:
e8:e8:17:99:a0:b7:07:5c:b3:31:1d:e4:57:17:cc:67:92:d7:
18:3f:91:2a:09:c9:0a:f1:a7:f0:fe:4f:6b:cb:9c:5d:2a:19:
37:48:1f:92:bc:4f:ec:50:07:21:45:c9:50:b4:1e:8e:c4:ad:
5d:66:92:58:35:e3:ea:76:f0:ff:2f:b2:5f:00:cb:a5:08:6c:
81:22:35:91:86:67:01:f1:71:5f:1d:af:5c:06:9b:e1:9b:eb:
0c:dc:f0:25:2a:23:75:d8:bd:cf:9b:05:9e:01:f6:94:8b:f7:
12:01:e7:cf:3a:49:bd:db:b9:13:6a:0b:d3:b6:a4:0c:c2:0f:
3d:69:23:45:74:93:7b:97:e5:ed:68:3b:f9:c1:a2:ad:84:48:
c5:47:5a:d4:c4:c3:d1:70:ad:75:da:a2:8e:ee:9e:f2:20:d1:
b7:6e:e9:b4:a8:1b:6a:be:82:1b:75:4c:4a:b0:1d:ab:6b:f0:
bc:0e:09:5b:18:b0:d7:34:73:8c:8c:4d:99:8b:c2:10:d7:2b:
20:c2:56:07
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVsLsWVB6vnz0ANwhfrR8g9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViOWE0MGZjM2YzNTBhYmRhNTlkYmZjMDFjYTM3YTQ2ZDhk
NzQ3NjQwHhcNMjMwMTAxMDcxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODk4YzJkM2NjMmYzNDUyNWI0NDZlYTk4MDE3NjIzNWNiM2Y1YjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJd6C7zZ2ilFoAt06r6kvMllwdHe
DDy/YeAglRAEcMKCI3ytoUyxi7AVVlwy5qY95r5EEXj4d6ELUmJ/+nNiCeC3rTlB
lR+oawbLt4wU141j58l4sMA1mFWYR3ciWQ1mJKGJhOyWp0ygMAs+XWYekpYVOeUf
u8XWr+daxXKMVIG8hX7VTcYirU5XEvxsAzzav9cxGqJF0+rtBt8SnPJq41uBll5Z
EFyAKoC9lG5FiCWjpatBLR3dhWR1N3a0+qi3fW5tQS83dhRSAeM7fqOtCGpagj2k
Sjqwayq4KkxTBb9akMdEcmLQLVZjjISEiuWThI09zvct6XVyyw4otEHDIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKiYwtPMLzRSW0RuqYAXYjXLP1sLMB8GA1UdIwQY
MBaAFFuaQPw/NQq9pZ2/wByjekbY10dkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzVwQV9EODFDcjJsbmJfQUhLTjZSdGpYUjJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yZWVkZTYtZmMyMC00ZjhhLWFlMjkt
NzI1Mzc1MjZhZWUyLzEvcUpqQzA4d3ZORkpiUkc2cGdCZGlOY3NfV3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yZWVkZTYtZmMyMC00ZjhhLWFlMjktNzI1Mzc1MjZhZWUy
LzEvVzVwQV9EODFDcjJsbmJfQUhLTjZSdGpYUjJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW8NOAwQC
uRH0AwQAwnGPAwQAwpwHMA0EAgACMAcDBQMqBAiAMA0GCSqGSIb3DQEBCwUAA4IB
AQBejknqZ5sZYgyZ7WFfwWPckGCCeHfhQeX4HXKHtM+LlyEVM4ogDtOV6xGLRYdn
rauO5nYLZ3Ho6BeZoLcHXLMxHeRXF8xnktcYP5EqCckK8afw/k9ry5xdKhk3SB+S
vE/sUAchRclQtB6OxK1dZpJYNePqdvD/L7JfAMulCGyBIjWRhmcB8XFfHa9cBpvh
m+sM3PAlKiN12L3PmwWeAfaUi/cSAefPOkm927kTagvTtqQMwg89aSNFdJN7l+Xt
aDv5waKthEjFR1rUxMPRcK112qKO7p7yING3bum0qBtqvoIbdUxKsB2ra/C8Dglb
GLDXNHOMjE2Zi8IQ1ysgwlYH
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:40:36 2025 by rpki-client