Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/W91QxF7Q2N5UmxBaEMi3x7kaAqk.roa
File: W91QxF7Q2N5UmxBaEMi3x7kaAqk.roa (raw, json)
Hash identifier: +6JzYduELfezK2hpb96NY+Vth5EEb3Q+tDQP37aVM+8=
Subject key identifier: 5B:DD:50:C4:5E:D0:D8:DE:54:9B:10:5A:10:C8:B7:C7:B9:1A:02:A9
Certificate issuer: /CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Certificate serial: 071976E7
Authority key identifier: 98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/W91QxF7Q2N5UmxBaEMi3x7kaAqk.roa
Signing time: Sat 01 Jan 2022 04:02:20 +0000
ROA not before: Sat 01 Jan 2022 04:02:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44358
IP address blocks: 185.150.42.0/24 maxlen: 24
194.0.3.0/24 maxlen: 24
194.0.20.0/24 maxlen: 24
194.0.19.0/24 maxlen: 24
194.0.18.0/24 maxlen: 24
2001:678:88::/48 maxlen: 48
2a07:ab42::/48 maxlen: 48
2001:678:6::/48 maxlen: 48
2001:678:19::/48 maxlen: 48
2001:678:8c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119109351 (0x71976e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Validity
Not Before: Jan 1 04:02:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5bdd50c45ed0d8de549b105a10c8b7c7b91a02a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3b:4d:e7:09:e1:c5:98:72:a4:e0:3e:29:04:
06:aa:09:41:15:82:3e:aa:a2:5e:98:7a:60:ad:0a:
10:01:bf:da:d8:e8:0a:65:41:5c:38:d9:65:d8:33:
68:b7:08:0d:01:6e:f0:90:41:93:22:61:76:34:41:
8d:78:98:d0:36:f4:89:3d:89:ec:44:71:6f:fa:0c:
7f:b8:ef:7a:e0:39:79:1b:a9:63:45:ac:82:65:78:
79:56:b6:79:30:f1:f2:27:c6:ff:f0:47:0c:ad:af:
86:47:2b:48:32:59:82:b8:f5:aa:c7:2a:59:a9:a6:
12:ef:45:45:98:10:76:c9:97:91:c5:9f:68:96:ad:
1c:84:17:50:12:cc:99:af:5c:de:79:76:5f:be:23:
ed:d5:7c:ec:d2:17:a8:1a:32:8a:d1:32:c7:c1:8a:
ba:8e:45:d6:0e:fb:05:63:a7:cc:88:0a:80:09:e2:
50:23:cb:07:35:0f:d3:68:9c:24:ec:19:7d:bc:66:
3b:79:17:fc:07:06:7d:62:f9:ba:61:97:43:0d:d7:
c5:90:3e:f4:0c:34:29:2a:60:59:64:91:74:b0:f2:
24:13:93:b9:cd:1a:8b:51:11:ae:6a:28:0a:ae:ee:
7e:65:f7:ce:14:b7:c8:24:ad:ad:fe:db:33:49:ff:
4d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:DD:50:C4:5E:D0:D8:DE:54:9B:10:5A:10:C8:B7:C7:B9:1A:02:A9
X509v3 Authority Key Identifier:
keyid:98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/W91QxF7Q2N5UmxBaEMi3x7kaAqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.42.0/24
194.0.3.0/24
194.0.18.0-194.0.20.255
IPv6:
2001:678:6::/48
2001:678:19::/48
2001:678:88::/48
2001:678:8c::/48
2a07:ab42::/48
Signature Algorithm: sha256WithRSAEncryption
99:1d:4c:71:39:e6:76:50:4f:4a:67:d3:3c:c0:49:a8:25:aa:
a5:0e:60:34:a8:a8:55:39:55:30:d7:2e:38:6c:47:fa:c3:09:
89:3f:58:3b:8a:d6:07:bb:0e:4a:3e:82:38:25:f4:8f:51:a3:
ca:27:73:ae:3f:a9:d8:c1:10:36:68:3f:61:38:a8:92:22:d8:
3d:a2:3f:ea:fd:62:e3:4a:cd:6e:d3:da:14:8e:df:12:96:dc:
5c:8c:40:58:a0:04:fc:00:c4:1a:ad:4c:48:2f:28:03:8f:f3:
83:a8:8b:74:9e:99:29:75:ca:e2:67:2c:2a:de:b3:58:e5:39:
b3:84:40:68:b9:16:b4:ee:c9:e1:21:01:37:b9:56:00:bf:ce:
49:72:ba:9d:10:5d:99:0d:6a:4b:50:5c:d4:c5:0b:fd:a0:e5:
0d:62:38:9b:58:27:cc:96:cd:d6:aa:53:b4:c6:1e:87:e5:91:
24:af:3d:15:92:79:3a:7d:2b:6e:7b:85:bb:94:11:47:81:44:
90:80:dc:a9:28:da:22:bd:97:0d:aa:3d:ad:71:3f:4e:10:eb:
87:92:dc:cd:54:fd:45:48:d6:cc:ef:5d:51:16:97:59:14:eb:
c3:97:dd:89:0e:59:28:75:90:6e:68:b2:67:81:0b:4b:e1:60:
ff:f2:1e:ec
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEBxl25zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODAzYzQwZjc3YmM4OGZhZjIwOWYzMWQzNjFlYmJhYjVjYWVhYzRhMB4XDTIyMDEw
MTA0MDIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWJkZDUwYzQ1ZWQw
ZDhkZTU0OWIxMDVhMTBjOGI3YzdiOTFhMDJhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKs7TecJ4cWYcqTgPikEBqoJQRWCPqqiXph6YK0KEAG/2tjo
CmVBXDjZZdgzaLcIDQFu8JBBkyJhdjRBjXiY0Db0iT2J7ERxb/oMf7jveuA5eRup
Y0WsgmV4eVa2eTDx8ifG//BHDK2vhkcrSDJZgrj1qscqWammEu9FRZgQdsmXkcWf
aJatHIQXUBLMma9c3nl2X74j7dV87NIXqBoyitEyx8GKuo5F1g77BWOnzIgKgAni
UCPLBzUP02icJOwZfbxmO3kX/AcGfWL5umGXQw3XxZA+9Aw0KSpgWWSRdLDyJBOT
uc0ai1ERrmooCq7ufmX3zhS3yCStrf7bM0n/Te8CAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBRb3VDEXtDY3lSbEFoQyLfHuRoCqTAfBgNVHSMEGDAWgBSYA8QPd7yI+vIJ
8x02HrurXK6sSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21BUEVEM2U4aVByeUNmTWROaDY3cTF5dXJFby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2EvYmFkNGEwLTNlOWItNDc2NC04YTI0LWYzYTI2ZjA1NWY0ZS8x
L1c5MVF4RjdRMk41VW14QmFFTWkzeDdrYUFxay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Ev
YmFkNGEwLTNlOWItNDc2NC04YTI0LWYzYTI2ZjA1NWY0ZS8xL21BUEVEM2U4aVBy
eUNmTWROaDY3cTF5dXJFby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBo
BggrBgEFBQcBBwEB/wRZMFcwIAQCAAEwGgMEALmWKgMEAMIAAzAMAwQBwgASAwQA
wgAUMDMEAgACMC0DBwAgAQZ4AAYDBwAgAQZ4ABkDBwAgAQZ4AIgDBwAgAQZ4AIwD
BwAqB6tCAAAwDQYJKoZIhvcNAQELBQADggEBAJkdTHE55nZQT0pn0zzASaglqqUO
YDSoqFU5VTDXLjhsR/rDCYk/WDuK1ge7Dko+gjgl9I9Ro8onc64/qdjBEDZoP2E4
qJIi2D2iP+r9YuNKzW7T2hSO3xKW3FyMQFigBPwAxBqtTEgvKAOP84Ooi3SemSl1
yuJnLCres1jlObOEQGi5FrTuyeEhATe5VgC/zklyup0QXZkNaktQXNTFC/2g5Q1i
OJtYJ8yWzdaqU7TGHoflkSSvPRWSeTp9K257hbuUEUeBRJCA3Kko2iK9lw2qPa1x
P04Q64eS3M1U/UVI1szvXVEWl1kU68OX3YkOWSh1kG5osmeBC0vhYP/yHuw=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:08:37 2025 by rpki-client