Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/WzU-urbCNN3wwUBjfb3JDALU-Ig.roa
File: WzU-urbCNN3wwUBjfb3JDALU-Ig.roa (raw, json)
Hash identifier: JDp9aFARWSQkscCx9bCUXb09FStsJYjxcDST5uMaeYA=
Subject key identifier: 5B:35:3E:BA:B6:C2:34:DD:F0:C1:40:63:7D:BD:C9:0C:02:D4:F8:88
Certificate issuer: /CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Certificate serial: 01857371908B6AE1830AB479D20FF11109CD
Authority key identifier: AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/WzU-urbCNN3wwUBjfb3JDALU-Ig.roa
Signing time: Mon 02 Jan 2023 17:05:00 +0000
ROA not before: Mon 02 Jan 2023 17:05:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206348
IP address blocks: 185.159.248.0/22 maxlen: 24
185.159.250.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:90:8b:6a:e1:83:0a:b4:79:d2:0f:f1:11:09:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa88fae35b66b4de2e41ca5ee077b5ef0b4ab649
Validity
Not Before: Jan 2 17:05:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b353ebab6c234ddf0c140637dbdc90c02d4f888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:fe:7d:52:98:7d:99:20:e5:20:4e:4d:6a:1e:
52:59:ee:8c:27:df:9f:9b:1b:00:e0:b1:62:8a:ac:
a6:df:90:20:06:71:f0:44:87:aa:d6:d2:a7:5a:76:
f3:d4:e5:00:c1:15:83:1e:b8:38:a5:e9:18:b2:af:
a1:85:60:f1:b8:2f:ea:6c:05:62:9c:c1:d7:48:8b:
af:ba:03:43:e6:f7:a7:aa:ca:9a:e2:bb:16:91:9f:
f2:f4:54:01:a5:21:5d:6f:33:1f:1d:09:c0:c0:9c:
76:29:78:6d:54:70:b3:6c:4d:b9:f4:5b:e0:a8:b4:
e3:b0:12:ac:2d:85:ff:f2:3a:cb:22:32:e8:c7:aa:
9c:14:49:84:71:82:43:e1:c8:26:42:23:50:c8:79:
cb:89:f8:30:aa:71:e0:24:00:b6:fe:a0:bb:69:07:
a4:ae:e2:ee:5c:a4:1f:e2:f9:8f:37:24:13:19:95:
fd:23:c5:2d:97:01:58:e4:9f:c3:36:05:f8:41:62:
e5:71:a5:64:06:d3:9d:5b:2e:53:70:ba:3f:2d:b2:
be:22:e7:ec:04:55:50:8d:39:8d:a9:29:7f:3c:71:
74:a1:ec:95:ba:7a:b1:99:63:54:2c:48:62:89:0c:
db:e6:52:68:1b:8e:8c:b1:0a:55:50:81:5c:18:d7:
49:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:35:3E:BA:B6:C2:34:DD:F0:C1:40:63:7D:BD:C9:0C:02:D4:F8:88
X509v3 Authority Key Identifier:
keyid:AA:88:FA:E3:5B:66:B4:DE:2E:41:CA:5E:E0:77:B5:EF:0B:4A:B6:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qoj641tmtN4uQcpe4He17wtKtkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/WzU-urbCNN3wwUBjfb3JDALU-Ig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/6efd1b-3e10-4446-92c7-b92cb6113035/1/qoj641tmtN4uQcpe4He17wtKtkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.248.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:31:dc:c4:d8:fc:7b:c1:c8:39:27:38:9f:d1:b7:b8:8f:c8:
56:fe:68:27:d6:b7:6e:db:9a:5b:90:e9:d8:d9:bc:cb:47:e4:
44:02:09:c2:3e:f2:3b:83:a6:89:d0:ae:4a:e2:9d:ed:7d:30:
ce:74:22:aa:df:a8:52:62:49:8a:c3:24:fb:2f:4e:e6:70:d5:
b2:dc:b3:84:f9:ef:ab:41:9c:e3:de:d6:df:0c:5c:77:45:a9:
11:df:06:b2:58:a4:97:27:ba:54:ed:39:b6:75:d2:ef:60:2b:
49:ad:c4:73:57:cb:6a:87:76:50:90:34:23:7f:6c:87:c7:97:
c2:64:c1:db:ac:bd:71:95:93:ab:a2:9c:bb:e1:8b:e2:d2:56:
6f:dd:64:57:6c:11:db:a2:7b:03:fc:2e:d9:5a:2b:a1:1e:55:
b9:c0:39:70:30:aa:1c:5a:9c:85:17:67:8d:d1:5a:c2:b8:85:
a4:8e:f8:6f:44:b4:d6:a4:a5:e5:1c:d3:88:bb:3b:fb:ba:3e:
af:47:1e:bd:d8:5e:63:3e:52:0a:a5:76:90:34:83:72:94:8b:
b8:32:fe:f7:c9:0d:1f:3a:d9:c0:b4:b8:e6:b8:d3:36:cc:6a:
56:79:75:a7:f7:36:dd:db:3c:96:8a:c9:e8:39:1a:a6:da:2c:
61:3b:0a:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzcZCLauGDCrR50g/xEQnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhODhmYWUzNWI2NmI0ZGUyZTQxY2E1ZWUwNzdiNWVmMGI0
YWI2NDkwHhcNMjMwMTAyMTcwNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjM1M2ViYWI2YzIzNGRkZjBjMTQwNjM3ZGJkYzkwYzAyZDRmODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAov59Uph9mSDlIE5Nah5SWe6MJ9+f
mxsA4LFiiqym35AgBnHwRIeq1tKnWnbz1OUAwRWDHrg4pekYsq+hhWDxuC/qbAVi
nMHXSIuvugND5venqsqa4rsWkZ/y9FQBpSFdbzMfHQnAwJx2KXhtVHCzbE259Fvg
qLTjsBKsLYX/8jrLIjLox6qcFEmEcYJD4cgmQiNQyHnLifgwqnHgJAC2/qC7aQek
ruLuXKQf4vmPNyQTGZX9I8UtlwFY5J/DNgX4QWLlcaVkBtOdWy5TcLo/LbK+Iufs
BFVQjTmNqSl/PHF0oeyVunqxmWNULEhiiQzb5lJoG46MsQpVUIFcGNdJXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFs1Prq2wjTd8MFAY329yQwC1PiIMB8GA1UdIwQY
MBaAFKqI+uNbZrTeLkHKXuB3te8LSrZJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzct
YjkyY2I2MTEzMDM1LzEvV3pVLXVyYkNOTjN3d1VCamZiM0pEQUxVLUlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS82ZWZkMWItM2UxMC00NDQ2LTkyYzctYjkyY2I2MTEzMDM1
LzEvcW9qNjQxdG10TjR1UWNwZTRIZTE3d3RLdGtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ/4MA0G
CSqGSIb3DQEBCwUAA4IBAQBNMdzE2Px7wcg5Jzif0be4j8hW/mgn1rdu25pbkOnY
2bzLR+REAgnCPvI7g6aJ0K5K4p3tfTDOdCKq36hSYkmKwyT7L07mcNWy3LOE+e+r
QZzj3tbfDFx3RakR3wayWKSXJ7pU7Tm2ddLvYCtJrcRzV8tqh3ZQkDQjf2yHx5fC
ZMHbrL1xlZOropy74Yvi0lZv3WRXbBHbonsD/C7ZWiuhHlW5wDlwMKocWpyFF2eN
0VrCuIWkjvhvRLTWpKXlHNOIuzv7uj6vRx692F5jPlIKpXaQNINylIu4Mv73yQ0f
OtnAtLjmuNM2zGpWeXWn9zbd2zyWisnoORqm2ixhOwo+
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:26:04 2025 by rpki-client