Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WHcpMS_2E3CpHGRZDzF-LdJK72E.roa
File: WHcpMS_2E3CpHGRZDzF-LdJK72E.roa (raw, json)
Hash identifier: +xL6WHnRw2//ge4rY4Z5Si43jx/P9CxHG/VqR1d2sw0=
Subject key identifier: 58:77:29:31:2F:F6:13:70:A9:1C:64:59:0F:31:7E:2D:D2:4A:EF:61
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01856FD518A13066F69C52BF6BFE10AB39F8
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WHcpMS_2E3CpHGRZDzF-LdJK72E.roa
Signing time: Mon 02 Jan 2023 00:15:14 +0000
ROA not before: Mon 02 Jan 2023 00:15:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35268
IP address blocks: 85.204.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:18:a1:30:66:f6:9c:52:bf:6b:fe:10:ab:39:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:15:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=587729312ff61370a91c64590f317e2dd24aef61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:7b:db:80:6c:5e:60:68:da:00:9b:4e:03:5d:
c3:41:0c:b0:ba:ea:4c:31:fc:d2:89:a0:e8:18:19:
b9:8e:fc:01:73:66:17:b5:a1:a7:bf:2f:60:74:af:
ab:4f:48:af:b0:e5:f1:67:8f:ca:ef:1f:dd:1c:d2:
b0:6c:e4:47:4c:be:4a:4e:a8:a9:d3:8f:0a:09:7f:
8f:26:44:1f:9e:14:e9:31:6d:a6:94:74:ae:9c:ba:
7c:ef:41:61:e8:1b:27:3b:68:9e:f2:45:00:ac:12:
07:b8:99:4c:49:e0:2d:98:07:89:9a:b1:a1:db:2a:
c7:82:de:e4:0a:d5:b4:d7:a9:e2:86:23:7b:e4:2c:
17:c5:3f:5a:87:bc:9c:11:7a:32:af:7d:5b:3a:94:
8d:43:26:c4:a4:29:83:9a:f4:5c:12:d4:80:af:22:
ef:bf:b9:32:8f:04:bb:c9:f3:46:7f:d6:91:24:5c:
37:55:01:be:91:d1:05:7b:4b:56:67:23:08:ca:e6:
52:16:23:1f:36:f3:cd:1e:77:25:ca:47:fd:07:c5:
ed:d0:90:26:e9:ab:67:b1:31:e9:8d:65:ce:dd:04:
59:36:24:2a:d4:41:25:74:d3:d0:ef:87:e0:12:c4:
6a:06:60:fd:7a:d3:0e:9d:64:1b:38:6b:0f:3c:d3:
95:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:77:29:31:2F:F6:13:70:A9:1C:64:59:0F:31:7E:2D:D2:4A:EF:61
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/WHcpMS_2E3CpHGRZDzF-LdJK72E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.134.0/24
Signature Algorithm: sha256WithRSAEncryption
62:07:02:fa:9a:ed:0d:41:20:8c:28:5c:b4:5f:f3:30:f3:3b:
09:e1:19:9d:b2:48:f8:f6:d5:97:f0:6d:02:c9:a7:d8:b4:ea:
69:ae:84:08:2c:5b:f8:18:1d:44:f0:c1:c4:95:05:b2:45:eb:
2f:81:cd:de:25:a4:8a:c2:77:c2:63:e4:4f:f9:97:94:05:0c:
63:35:8d:a7:e4:c5:88:41:90:7b:dc:b9:80:d0:70:7d:7c:97:
63:02:74:bd:8a:a2:29:f7:ac:c8:d7:bb:0e:84:a1:63:ff:3d:
46:d8:27:2b:12:18:76:8e:e8:dd:51:eb:29:db:4d:c1:94:21:
cd:1c:e2:3b:29:23:e6:00:2b:f5:0a:b8:ca:2e:ed:32:54:c3:
e7:a4:a8:c5:f9:30:ee:31:8d:6a:c9:d6:a6:c9:fd:17:fc:67:
96:e7:75:3e:6b:29:07:3c:34:32:ec:e9:0c:b1:39:e4:c2:eb:
63:57:a2:4e:eb:6d:ad:f1:7b:82:84:7e:24:72:cb:b2:21:0a:
93:9a:bc:03:1e:72:cd:44:2b:20:17:8b:6f:87:2c:da:f5:60:
8d:16:42:44:66:79:1e:5e:5c:f5:a3:58:d8:3c:83:5d:85:26:
8d:8d:8a:56:ea:8e:3b:21:f5:e7:53:57:a3:d2:e6:03:25:d9:
96:ca:3c:0e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVv1RihMGb2nFK/a/4Qqzn4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjMwMTAyMDAxNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODc3MjkzMTJmZjYxMzcwYTkxYzY0NTkwZjMxN2UyZGQyNGFlZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynvbgGxeYGjaAJtOA13DQQywuupM
MfzSiaDoGBm5jvwBc2YXtaGnvy9gdK+rT0ivsOXxZ4/K7x/dHNKwbORHTL5KTqip
048KCX+PJkQfnhTpMW2mlHSunLp870Fh6BsnO2ie8kUArBIHuJlMSeAtmAeJmrGh
2yrHgt7kCtW016nihiN75CwXxT9ah7ycEXoyr31bOpSNQybEpCmDmvRcEtSAryLv
v7kyjwS7yfNGf9aRJFw3VQG+kdEFe0tWZyMIyuZSFiMfNvPNHnclykf9B8Xt0JAm
6atnsTHpjWXO3QRZNiQq1EEldNPQ74fgEsRqBmD9etMOnWQbOGsPPNOVJQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFh3KTEv9hNwqRxkWQ8xfi3SSu9hMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1dIY3BNU18yRTNDcEhHUlpEekYtTGRKSzcyRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABVzIYw
DQYJKoZIhvcNAQELBQADggEBAGIHAvqa7Q1BIIwoXLRf8zDzOwnhGZ2ySPj21Zfw
bQLJp9i06mmuhAgsW/gYHUTwwcSVBbJF6y+Bzd4lpIrCd8Jj5E/5l5QFDGM1jafk
xYhBkHvcuYDQcH18l2MCdL2Koin3rMjXuw6EoWP/PUbYJysSGHaO6N1R6ynbTcGU
Ic0c4jspI+YAK/UKuMou7TJUw+ekqMX5MO4xjWrJ1qbJ/Rf8Z5bndT5rKQc8NDLs
6QyxOeTC62NXok7rba3xe4KEfiRyy7IhCpOavAMecs1EKyAXi2+HLNr1YI0WQkRm
eR5eXPWjWNg8g12FJo2Nilbqjjsh9edTV6PS5gMl2ZbKPA4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:36 2025 by rpki-client