Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/0bea33-bb40-4bd1-9724-f64c70f4d445/1/wAVHsdxqjq6nBoUTi_LBq1NCXjQ.roa
File: wAVHsdxqjq6nBoUTi_LBq1NCXjQ.roa (raw, json)
Hash identifier: LbBteUgNoDnf9nPBCBdvZNSit583+NmUBEHLjzt2e6Y=
Subject key identifier: C0:05:47:B1:DC:6A:8E:AE:A7:06:85:13:8B:F2:C1:AB:53:42:5E:34
Certificate issuer: /CN=665c39bfbc52e9693a4ddf2d56e1ca99f4537e45
Certificate serial: 01856C25B33C53365536A680D38DD74E8040
Authority key identifier: 66:5C:39:BF:BC:52:E9:69:3A:4D:DF:2D:56:E1:CA:99:F4:53:7E:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zlw5v7xS6Wk6Td8tVuHKmfRTfkU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/0bea33-bb40-4bd1-9724-f64c70f4d445/1/wAVHsdxqjq6nBoUTi_LBq1NCXjQ.roa
Signing time: Sun 01 Jan 2023 07:04:48 +0000
ROA not before: Sun 01 Jan 2023 07:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211651
IP address blocks: 185.251.69.0/24 maxlen: 24
2a13:1700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:25:b3:3c:53:36:55:36:a6:80:d3:8d:d7:4e:80:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=665c39bfbc52e9693a4ddf2d56e1ca99f4537e45
Validity
Not Before: Jan 1 07:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c00547b1dc6a8eaea70685138bf2c1ab53425e34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b1:90:e7:03:2a:0f:8c:7d:f5:e0:c9:08:7c:
55:90:42:1d:72:f8:15:ad:89:5d:80:70:6a:90:22:
e0:27:ae:a0:96:43:1a:56:7e:05:29:2a:f9:99:63:
a0:84:4c:61:d7:79:cf:31:65:51:e2:87:a0:39:14:
e9:8c:8f:41:54:32:0b:8a:ba:cf:91:fe:55:4b:09:
7d:ee:8b:e4:17:f8:a6:d7:e8:37:85:77:e2:dd:95:
71:5b:90:8b:63:6a:be:c4:99:30:da:0c:ea:a2:4f:
0d:28:0e:73:36:8d:a8:91:1d:54:0c:a6:d7:b2:84:
ca:bd:18:59:1a:52:86:cc:dd:cd:31:87:bd:a4:ac:
6c:7a:fc:84:1a:f9:2f:1e:ad:ef:bb:c9:83:9b:0a:
8b:ee:95:7e:14:06:69:93:d9:9a:f0:12:09:e3:01:
48:2f:15:1b:e8:f2:d2:3a:3f:c1:f8:92:67:5a:5d:
15:29:d6:0a:06:c5:9d:42:d6:cd:b8:cc:23:d9:82:
de:e9:bb:2e:2c:f2:14:03:59:fc:72:17:48:68:05:
ac:c4:39:27:53:d9:eb:46:0e:ce:61:bb:89:35:0c:
68:25:a0:e7:9c:9a:cd:01:d2:9d:a8:1e:d9:24:dd:
ad:87:4c:b2:27:5f:c6:92:b4:cd:67:39:13:e5:65:
90:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:05:47:B1:DC:6A:8E:AE:A7:06:85:13:8B:F2:C1:AB:53:42:5E:34
X509v3 Authority Key Identifier:
keyid:66:5C:39:BF:BC:52:E9:69:3A:4D:DF:2D:56:E1:CA:99:F4:53:7E:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zlw5v7xS6Wk6Td8tVuHKmfRTfkU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0bea33-bb40-4bd1-9724-f64c70f4d445/1/wAVHsdxqjq6nBoUTi_LBq1NCXjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/0bea33-bb40-4bd1-9724-f64c70f4d445/1/Zlw5v7xS6Wk6Td8tVuHKmfRTfkU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.251.69.0/24
IPv6:
2a13:1700::/29
Signature Algorithm: sha256WithRSAEncryption
6f:ad:66:2c:f3:ad:88:74:79:f2:35:b4:59:17:bf:a0:3a:0b:
cd:75:39:19:20:51:32:05:42:c7:af:c6:e4:2b:8e:40:82:0c:
68:32:a6:99:01:70:e3:44:02:e4:ec:91:53:ef:80:75:38:e4:
61:45:69:58:6f:af:ef:98:c8:28:8b:d7:f0:e3:b5:53:ae:0b:
bf:3e:85:d7:f1:d1:e7:52:58:3c:af:bc:00:4d:f1:6d:0b:95:
1e:6c:ff:c9:ef:8d:4e:d1:b2:b8:b0:02:7b:2e:84:5d:1e:9c:
32:d3:4d:46:35:43:6f:11:8c:c0:5f:1b:c3:29:77:d3:80:65:
6b:d3:c4:42:11:53:39:5e:64:3e:e4:0b:cc:1e:55:f2:90:1b:
43:57:4d:3d:ba:bc:05:f5:59:57:f7:bf:aa:e0:31:49:07:6b:
0a:c4:70:14:f9:27:77:36:ba:60:6a:17:5c:87:88:f5:42:6a:
0c:47:97:06:b8:c8:a0:22:10:42:a2:e0:ab:1c:66:ca:3b:c8:
d0:b0:94:4b:c3:27:1a:fd:66:10:e8:41:d1:6d:cd:69:74:2f:
43:34:66:60:b5:f1:64:54:b1:b8:37:7d:af:da:1b:be:cc:83:
f9:bd:47:75:6a:d8:3e:3d:22:16:a7:a5:e4:25:c2:10:dc:49:
ba:ac:5e:a9
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsJbM8UzZVNqaA043XToBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NWMzOWJmYmM1MmU5NjkzYTRkZGYyZDU2ZTFjYTk5ZjQ1
MzdlNDUwHhcNMjMwMTAxMDcwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDA1NDdiMWRjNmE4ZWFlYTcwNjg1MTM4YmYyYzFhYjUzNDI1ZTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7GQ5wMqD4x99eDJCHxVkEIdcvgV
rYldgHBqkCLgJ66glkMaVn4FKSr5mWOghExh13nPMWVR4oegORTpjI9BVDILirrP
kf5VSwl97ovkF/im1+g3hXfi3ZVxW5CLY2q+xJkw2gzqok8NKA5zNo2okR1UDKbX
soTKvRhZGlKGzN3NMYe9pKxsevyEGvkvHq3vu8mDmwqL7pV+FAZpk9ma8BIJ4wFI
LxUb6PLSOj/B+JJnWl0VKdYKBsWdQtbNuMwj2YLe6bsuLPIUA1n8chdIaAWsxDkn
U9nrRg7OYbuJNQxoJaDnnJrNAdKdqB7ZJN2th0yyJ1/GkrTNZzkT5WWQPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMAFR7Hcao6upwaFE4vywatTQl40MB8GA1UdIwQY
MBaAFGZcOb+8UulpOk3fLVbhypn0U35FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmx3NXY3eFM2V2s2VGQ4dFZ1SEttZlJUZmtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wYmVhMzMtYmI0MC00YmQxLTk3MjQt
ZjY0YzcwZjRkNDQ1LzEvd0FWSHNkeHFqcTZuQm9VVGlfTEJxMU5DWGpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wYmVhMzMtYmI0MC00YmQxLTk3MjQtZjY0YzcwZjRkNDQ1
LzEvWmx3NXY3eFM2V2s2VGQ4dFZ1SEttZlJUZmtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuftFMA0E
AgACMAcDBQMqExcAMA0GCSqGSIb3DQEBCwUAA4IBAQBvrWYs862IdHnyNbRZF7+g
OgvNdTkZIFEyBULHr8bkK45AggxoMqaZAXDjRALk7JFT74B1OORhRWlYb6/vmMgo
i9fw47VTrgu/PoXX8dHnUlg8r7wATfFtC5UebP/J741O0bK4sAJ7LoRdHpwy001G
NUNvEYzAXxvDKXfTgGVr08RCEVM5XmQ+5AvMHlXykBtDV009urwF9VlX97+q4DFJ
B2sKxHAU+Sd3Nrpgahdch4j1QmoMR5cGuMigIhBCouCrHGbKO8jQsJRLwyca/WYQ
6EHRbc1pdC9DNGZgtfFkVLG4N32v2hu+zIP5vUd1atg+PSIWp6XkJcIQ3Em6rF6p
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:29:17 2025 by rpki-client