Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/wvO1by-MSuG9BuoECDvNdi1BkzM.roa
File: wvO1by-MSuG9BuoECDvNdi1BkzM.roa (raw, json)
Hash identifier: riCDsMTQ77oKWVx7ADIJv2Jkjuq9qUmnJHBuLERvGH0=
Subject key identifier: C2:F3:B5:6F:2F:8C:4A:E1:BD:06:EA:04:08:3B:CD:76:2D:41:93:33
Certificate issuer: /CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Certificate serial: 01856EB90990AA66D79FAF94DC505384CE84
Authority key identifier: 73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/wvO1by-MSuG9BuoECDvNdi1BkzM.roa
Signing time: Sun 01 Jan 2023 19:04:58 +0000
ROA not before: Sun 01 Jan 2023 19:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 178.21.145.0/24 maxlen: 24
178.21.144.0/24 maxlen: 24
178.21.147.0/24 maxlen: 24
178.21.146.0/24 maxlen: 24
2a02:2c0:3::/48 maxlen: 48
2a02:2c0:1::/48 maxlen: 48
2a02:2c0:2::/48 maxlen: 48
2a02:2c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b9:09:90:aa:66:d7:9f:af:94:dc:50:53:84:ce:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73e157b2918cadca8a5a9fbc66e977608a6df5e1
Validity
Not Before: Jan 1 19:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f3b56f2f8c4ae1bd06ea04083bcd762d419333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:67:68:f2:22:fb:a2:75:08:0d:d1:b0:46:d5:
bb:4b:09:8a:8f:00:1b:a4:5b:14:74:7d:8c:56:d6:
13:68:e8:1c:40:f2:26:06:02:35:15:e6:06:83:d5:
69:e7:5f:04:7c:74:f4:65:c2:4a:2c:92:1a:16:d7:
b8:32:38:7d:81:15:cd:2e:4a:7f:d0:77:4d:0d:3b:
cc:7c:d9:5a:88:f0:d3:32:a6:05:16:73:de:8a:55:
3a:4f:9c:80:ff:ab:eb:d1:dc:51:47:35:35:4b:c3:
62:5f:9a:1d:5c:4c:30:38:a7:47:df:fb:3d:52:97:
4f:8f:50:bf:c5:4e:8e:86:d1:08:84:d8:a0:fd:ba:
74:c6:09:33:47:26:20:9b:e9:41:2c:54:3f:33:cc:
18:da:56:d3:f0:31:8a:2f:cd:4b:d6:7f:36:13:64:
f7:6f:4d:2c:31:73:23:20:00:1e:2c:8f:fd:1d:84:
8d:1b:01:be:5c:7b:c6:06:4d:3f:d6:73:a5:da:21:
47:71:3c:5d:72:83:f1:b6:49:ad:bf:e0:9b:4a:8f:
ed:f6:b1:8e:a2:da:8f:d9:36:57:96:4c:05:07:f9:
f7:96:a8:a9:b8:a0:44:ee:3d:40:f8:05:01:d1:25:
84:7e:1e:6b:69:2d:b8:46:8e:98:f2:a9:cf:ae:5e:
67:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F3:B5:6F:2F:8C:4A:E1:BD:06:EA:04:08:3B:CD:76:2D:41:93:33
X509v3 Authority Key Identifier:
keyid:73:E1:57:B2:91:8C:AD:CA:8A:5A:9F:BC:66:E9:77:60:8A:6D:F5:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c-FXspGMrcqKWp-8Zul3YIpt9eE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/wvO1by-MSuG9BuoECDvNdi1BkzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/bbcd53-c4f8-4245-bb90-00a154b8ecb1/1/c-FXspGMrcqKWp-8Zul3YIpt9eE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.144.0/22
IPv6:
2a02:2c0::/46
Signature Algorithm: sha256WithRSAEncryption
0c:98:e3:66:31:a8:2e:ac:e9:49:68:97:91:a2:48:78:f6:ac:
23:01:c6:87:8f:7b:8d:62:76:7b:bb:39:03:bd:95:25:02:55:
5a:34:46:03:30:cc:ad:4a:31:90:5e:c1:d9:ad:14:3b:08:56:
47:1a:2a:80:33:44:58:d4:9a:49:84:88:0e:f9:1c:7c:2f:2b:
68:3e:46:a3:e4:a5:b4:17:8b:28:b8:fe:ac:5f:84:6c:66:ed:
2f:e5:9b:2e:3e:7b:50:01:ff:27:af:17:0e:37:71:02:fe:47:
1e:a3:2b:fb:ac:aa:67:ac:7c:8c:bb:d1:90:1b:11:52:78:e8:
26:cc:1e:fe:e8:ef:08:6c:dc:39:91:1b:1a:bf:d3:a4:04:08:
70:57:69:3d:e3:64:d6:5d:2b:36:42:a0:2e:eb:6e:9b:e2:a5:
a5:b3:33:b2:04:38:51:6d:6f:b0:f8:f8:2e:cd:6d:50:14:0e:
4d:45:2e:29:cc:6a:6e:ef:d1:db:32:d5:8c:65:df:21:97:2d:
00:b5:1d:c6:bc:bf:48:28:e2:af:8a:cd:11:11:d4:43:fc:48:
e1:b5:bd:6f:fe:e8:ca:be:2b:45:67:93:a3:08:25:e6:a1:31:
c5:1e:ec:70:af:30:d4:38:c6:36:bd:e7:4c:0b:e2:af:f8:6d:
29:cb:fa:7c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVuuQmQqmbXn6+U3FBThM6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZTE1N2IyOTE4Y2FkY2E4YTVhOWZiYzY2ZTk3NzYwOGE2
ZGY1ZTEwHhcNMjMwMTAxMTkwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmYzYjU2ZjJmOGM0YWUxYmQwNmVhMDQwODNiY2Q3NjJkNDE5MzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWdo8iL7onUIDdGwRtW7SwmKjwAb
pFsUdH2MVtYTaOgcQPImBgI1FeYGg9Vp518EfHT0ZcJKLJIaFte4Mjh9gRXNLkp/
0HdNDTvMfNlaiPDTMqYFFnPeilU6T5yA/6vr0dxRRzU1S8NiX5odXEwwOKdH3/s9
UpdPj1C/xU6OhtEIhNig/bp0xgkzRyYgm+lBLFQ/M8wY2lbT8DGKL81L1n82E2T3
b00sMXMjIAAeLI/9HYSNGwG+XHvGBk0/1nOl2iFHcTxdcoPxtkmtv+CbSo/t9rGO
otqP2TZXlkwFB/n3lqipuKBE7j1A+AUB0SWEfh5raS24Ro6Y8qnPrl5nWwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMLztW8vjErhvQbqBAg7zXYtQZMzMB8GA1UdIwQY
MBaAFHPhV7KRjK3KilqfvGbpd2CKbfXhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAt
MDBhMTU0YjhlY2IxLzEvd3ZPMWJ5LU1TdUc5QnVvRUNEdk5kaTFCa3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9iYmNkNTMtYzRmOC00MjQ1LWJiOTAtMDBhMTU0YjhlY2Ix
LzEvYy1GWHNwR01yY3FLV3AtOFp1bDNZSXB0OWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCshWQMA8E
AgACMAkDBwIqAgLAAAAwDQYJKoZIhvcNAQELBQADggEBAAyY42YxqC6s6Ulol5Gi
SHj2rCMBxoePe41idnu7OQO9lSUCVVo0RgMwzK1KMZBewdmtFDsIVkcaKoAzRFjU
mkmEiA75HHwvK2g+RqPkpbQXiyi4/qxfhGxm7S/lmy4+e1AB/yevFw43cQL+Rx6j
K/usqmesfIy70ZAbEVJ46CbMHv7o7whs3DmRGxq/06QECHBXaT3jZNZdKzZCoC7r
bpvipaWzM7IEOFFtb7D4+C7NbVAUDk1FLinMam7v0dsy1Yxl3yGXLQC1Hca8v0go
4q+KzRER1EP8SOG1vW/+6Mq+K0Vnk6MIJeahMcUe7HCvMNQ4xja950wL4q/4bSnL
+nw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:37 2025 by rpki-client