Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/wfOUhdtH3-on95ArOUkyls1zd9w.roa
File: wfOUhdtH3-on95ArOUkyls1zd9w.roa (raw, json)
Hash identifier: tA5hib5gpMs8O+NZe8IcSTZyJDkyC8lGbxFRaDv3vA4=
Subject key identifier: C1:F3:94:85:DB:47:DF:EA:27:F7:90:2B:39:49:32:96:CD:73:77:DC
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 018BB41D3FCDA21ED61E3993D17211D6EF76
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/wfOUhdtH3-on95ArOUkyls1zd9w.roa
Signing time: Thu 09 Nov 2023 12:44:57 +0000
ROA not before: Thu 09 Nov 2023 12:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31376
IP address blocks: 217.119.16.0/20 maxlen: 28
195.93.206.0/23 maxlen: 23
213.108.32.0/21 maxlen: 21
91.215.252.0/23 maxlen: 23
94.125.8.0/21 maxlen: 21
91.190.80.0/21 maxlen: 21
93.92.192.0/21 maxlen: 28
109.71.176.0/21 maxlen: 28
185.42.60.0/22 maxlen: 28
91.219.180.0/22 maxlen: 22
80.79.240.0/21 maxlen: 21
80.79.248.0/22 maxlen: 22
80.79.252.0/23 maxlen: 23
91.215.254.0/24 maxlen: 24
195.191.146.0/23 maxlen: 23
80.249.176.0/20 maxlen: 28
185.155.112.0/22 maxlen: 22
80.73.192.0/20 maxlen: 20
188.93.240.0/21 maxlen: 28
93.190.224.0/21 maxlen: 28
193.110.237.0/24 maxlen: 24
193.110.236.0/22 maxlen: 22
2a02:16e8::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:b4:1d:3f:cd:a2:1e:d6:1e:39:93:d1:72:11:d6:ef:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Nov 9 12:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1f39485db47dfea27f7902b39493296cd7377dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:07:55:6e:a6:0c:73:96:df:7b:04:3f:7a:5d:
90:77:eb:f7:c1:19:b4:ca:ca:df:f5:11:86:52:72:
80:7e:19:fc:b3:ed:5c:71:59:60:54:7e:5c:36:25:
56:2a:3f:e4:d8:29:65:f6:89:04:16:32:56:ec:92:
2b:82:2c:bf:fd:e9:25:f9:29:b8:4f:1e:5d:9a:ca:
5c:b4:6e:a2:6c:ea:62:cc:bc:df:71:7d:69:5a:2a:
40:9b:6f:45:70:00:1d:6b:70:ea:c2:c0:92:81:0c:
51:de:3e:81:74:bf:2f:aa:0a:95:e7:48:46:b2:bb:
5f:e8:dc:7a:c3:65:3e:12:a2:18:63:54:79:68:74:
43:07:87:1e:48:c6:26:f6:93:b6:dd:42:28:04:ff:
14:b3:05:18:ce:ad:2c:36:db:c6:cc:cd:7d:45:38:
86:a4:10:ef:1b:1b:10:0c:e6:33:e4:d3:17:a4:2d:
b3:a1:8f:25:98:fa:0e:96:33:a7:b5:cd:ff:90:d2:
82:9b:a7:0f:ba:9d:c3:ca:6d:84:a2:15:d7:c4:6e:
38:2a:61:43:41:ef:91:09:4c:09:9a:f7:19:53:83:
84:99:a2:90:2e:c5:2b:6e:10:d5:42:4f:26:35:3c:
c9:ae:14:f0:ce:f4:18:6b:da:b2:b4:bd:d7:58:1f:
09:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:F3:94:85:DB:47:DF:EA:27:F7:90:2B:39:49:32:96:CD:73:77:DC
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/wfOUhdtH3-on95ArOUkyls1zd9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.192.0/20
80.79.240.0-80.79.253.255
80.249.176.0/20
91.190.80.0/21
91.215.252.0-91.215.254.255
91.219.180.0/22
93.92.192.0/21
93.190.224.0/21
94.125.8.0/21
109.71.176.0/21
185.42.60.0/22
185.155.112.0/22
188.93.240.0/21
193.110.236.0/22
195.93.206.0/23
195.191.146.0/23
213.108.32.0/21
217.119.16.0/20
IPv6:
2a02:16e8::/32
Signature Algorithm: sha256WithRSAEncryption
a1:72:12:05:e3:2d:69:c5:cd:53:42:0a:ba:4c:ab:54:77:0a:
ad:36:79:15:97:43:93:f0:f7:4d:3e:e4:69:e4:1c:7a:6d:8d:
d6:8e:d6:e2:d6:20:d3:9a:17:10:c8:d2:6b:dd:a4:3e:ba:2a:
32:18:c0:07:a1:d8:0c:ec:e7:07:31:9a:b6:99:32:30:df:72:
29:28:63:a7:07:82:f8:da:d5:67:6b:f4:17:f0:82:16:5c:03:
d6:6b:b4:0e:b9:31:70:3f:ee:87:cc:78:c8:06:97:8e:2a:c5:
ec:b9:2d:e0:a3:92:7c:c1:20:46:bc:b4:a7:48:c6:d6:e1:02:
30:3f:34:b7:17:ee:77:15:52:cb:c5:22:86:0b:b8:90:de:c5:
ab:b1:47:ff:e1:93:a5:8b:72:62:55:9e:bb:c6:5e:e6:6a:4f:
20:8c:c1:46:82:e4:35:af:45:cf:74:71:dc:da:77:a8:5a:46:
ec:3d:58:8c:f2:46:60:00:e3:a1:eb:c9:72:a1:5f:f7:67:96:
12:b9:f0:9c:72:4e:9f:a1:2f:60:67:a5:31:0c:e7:56:ed:3f:
16:c0:78:aa:9c:b6:44:97:59:50:8d:e1:d4:4f:e4:f8:6e:58:
3b:58:41:46:c6:1a:fc:50:ee:7c:76:84:27:af:a5:b7:ba:16:
85:ab:5f:16
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAYu0HT/Noh7WHjmT0XIR1u92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlYmE0OGM3ZTJjOWUwNWVkYTU0NmQ4OTkxNDZiODlmNzk5
ZGY4NWQwHhcNMjMxMTA5MTI0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWYzOTQ4NWRiNDdkZmVhMjdmNzkwMmIzOTQ5MzI5NmNkNzM3N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwdVbqYMc5bfewQ/el2Qd+v3wRm0
ysrf9RGGUnKAfhn8s+1ccVlgVH5cNiVWKj/k2Cll9okEFjJW7JIrgiy//ekl+Sm4
Tx5dmspctG6ibOpizLzfcX1pWipAm29FcAAda3DqwsCSgQxR3j6BdL8vqgqV50hG
srtf6Nx6w2U+EqIYY1R5aHRDB4ceSMYm9pO23UIoBP8UswUYzq0sNtvGzM19RTiG
pBDvGxsQDOYz5NMXpC2zoY8lmPoOljOntc3/kNKCm6cPup3Dym2EohXXxG44KmFD
Qe+RCUwJmvcZU4OEmaKQLsUrbhDVQk8mNTzJrhTwzvQYa9qytL3XWB8JFQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMHzlIXbR9/qJ/eQKzlJMpbNc3fcMB8GA1UdIwQY
MBaAFL66SMfiyeBe2lRtiZFGuJ95nfhdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYt
M2Q1MjIxODFhMmM0LzEvd2ZPVWhkdEgzLW9uOTVBck9Va3lsczF6ZDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC83Zjg4MjEtMTU2Ni00M2Y0LWFiMjYtM2Q1MjIxODFhMmM0
LzEvdnJwSXgtTEo0RjdhVkcySmtVYTRuM21kLUYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBggQCAAEwfAMEBFBJ
wDAMAwQEUE/wAwQBUE/8AwQEUPmwAwQDW75QMAwDBAJb1/wDBABb1/4DBAJb27QD
BANdXMADBANdvuADBANefQgDBANtR7ADBAK5KjwDBAK5m3ADBAO8XfADBALBbuwD
BAHDXc4DBAHDv5IDBAPVbCADBATZdxAwDQQCAAIwBwMFACoCFugwDQYJKoZIhvcN
AQELBQADggEBAKFyEgXjLWnFzVNCCrpMq1R3Cq02eRWXQ5Pw900+5GnkHHptjdaO
1uLWINOaFxDI0mvdpD66KjIYwAeh2Azs5wcxmraZMjDfcikoY6cHgvja1Wdr9Bfw
ghZcA9ZrtA65MXA/7ofMeMgGl44qxey5LeCjknzBIEa8tKdIxtbhAjA/NLcX7ncV
UsvFIoYLuJDexauxR//hk6WLcmJVnrvGXuZqTyCMwUaC5DWvRc90cdzad6haRuw9
WIzyRmAA46HryXKhX/dnlhK58JxyTp+hL2BnpTEM51btPxbAeKqctkSXWVCN4dRP
5PhuWDtYQUbGGvxQ7nx2hCevpbe6FoWrXxY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:21 2025 by rpki-client