Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa
File: wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa (raw, json)
Hash identifier: oTRb80uKjB1q9YPHrL190yy+e7XQrBTZAAG7b3XDANg=
Subject key identifier: C2:04:03:67:48:4C:5F:98:0A:5E:73:39:77:2A:AB:1B:97:54:60:74
Certificate issuer: /CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Certificate serial: 01835563D98E95B16C78BABCB283329B96A5
Authority key identifier: A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa
Signing time: Mon 19 Sep 2022 10:55:50 +0000
ROA not before: Mon 19 Sep 2022 10:55:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42675
IP address blocks: 194.32.147.0/24 maxlen: 24
194.32.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:55:63:d9:8e:95:b1:6c:78:ba:bc:b2:83:32:9b:96:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7fd3f89335dcf828666b28fad8ae993bd448878
Validity
Not Before: Sep 19 10:55:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c2040367484c5f980a5e7339772aab1b97546074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3f:2d:ca:25:56:2c:c4:d2:b3:2f:58:8e:73:
2d:d5:b3:63:34:52:da:3e:30:87:5c:53:0f:45:13:
31:37:2a:b4:ef:e3:0f:a3:c0:e5:9e:62:62:e7:61:
c7:2a:52:71:ad:17:6e:a5:0a:a3:79:16:ea:c0:64:
28:43:0e:45:1c:ab:2c:41:c2:1a:8a:ad:7d:82:83:
b1:48:2b:ad:4b:df:9d:f9:c0:fc:4e:64:a9:1f:5e:
d9:23:44:d0:ce:54:d4:8b:a8:55:a2:28:84:46:9e:
90:9f:c8:76:a8:d2:5f:9a:eb:7d:3b:d3:3a:21:d4:
df:10:27:54:d7:ae:84:3f:cd:25:4c:4f:1f:ed:d5:
04:c4:99:d6:8f:d5:7d:fd:da:20:a9:34:85:30:b5:
74:7a:15:6b:d3:1b:7e:dc:db:81:42:c7:51:f2:95:
87:78:14:0c:9a:f7:84:e4:a3:91:e9:2c:6a:79:f0:
ef:d2:c8:15:b1:78:98:0b:44:0b:2a:92:a4:41:e1:
6c:69:60:b2:72:0f:dd:5e:d2:b0:a6:32:13:65:bf:
16:19:8f:bc:92:28:37:1a:fd:17:36:a1:af:fb:3b:
37:bf:08:39:73:84:8e:e4:7c:d5:d2:25:8e:07:f5:
5c:48:34:ef:52:35:a2:2a:b6:6c:38:6e:81:fb:ed:
ff:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:04:03:67:48:4C:5F:98:0A:5E:73:39:77:2A:AB:1B:97:54:60:74
X509v3 Authority Key Identifier:
keyid:A7:FD:3F:89:33:5D:CF:82:86:66:B2:8F:AD:8A:E9:93:BD:44:88:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_0_iTNdz4KGZrKPrYrpk71EiHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/wgQDZ0hMX5gKXnM5dyqrG5dUYHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/388fd8-c81f-4e71-af52-c0b1ad435b95/1/p_0_iTNdz4KGZrKPrYrpk71EiHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.32.146.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:e1:d6:3b:14:b1:c2:2b:6a:1a:d9:fc:b3:89:2e:bb:d0:77:
78:d8:00:69:06:5b:ef:96:a2:d6:f7:a9:1d:4f:d2:47:b0:1a:
cf:ef:75:ed:a4:32:38:63:6d:7b:4b:c4:52:e6:3d:1f:34:e0:
69:3b:fe:d5:06:20:34:43:14:8e:6e:52:e7:9e:38:ba:9f:b1:
c6:6c:4c:12:9f:6f:83:86:18:09:37:f8:f9:e1:46:7b:e0:5c:
cf:b5:9e:4b:a8:fe:50:cd:cf:fc:79:73:27:d8:5d:b6:fc:54:
b3:a8:c2:ad:c9:12:89:ea:25:1f:23:40:6b:23:10:5f:55:70:
c2:a5:59:09:cd:90:7b:9f:22:60:22:f5:ce:7b:ee:97:94:fa:
6a:6c:2d:c3:c9:7e:95:7a:a2:45:be:7d:cd:f7:2f:bf:14:41:
52:fc:dd:4e:b2:8a:97:0d:6c:78:f4:3a:43:44:80:84:a4:fb:
15:74:58:4d:4f:b0:c6:96:02:b2:24:c6:fb:f2:a0:99:d8:71:
e0:e3:9e:01:fc:ba:f5:50:9b:f2:75:7c:38:16:10:a1:7d:62:
6d:19:cb:d8:3b:49:00:c3:03:c9:67:ed:85:5e:21:aa:85:b7:
a8:bc:eb:f5:f7:63:91:d7:fd:e5:0e:72:cb:7e:17:d8:60:73:
17:ba:fb:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYNVY9mOlbFseLq8soMym5alMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZmQzZjg5MzM1ZGNmODI4NjY2YjI4ZmFkOGFlOTkzYmQ0
NDg4NzgwHhcNMjIwOTE5MTA1NTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjA0MDM2NzQ4NGM1Zjk4MGE1ZTczMzk3NzJhYWIxYjk3NTQ2MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj8tyiVWLMTSsy9YjnMt1bNjNFLa
PjCHXFMPRRMxNyq07+MPo8DlnmJi52HHKlJxrRdupQqjeRbqwGQoQw5FHKssQcIa
iq19goOxSCutS9+d+cD8TmSpH17ZI0TQzlTUi6hVoiiERp6Qn8h2qNJfmut9O9M6
IdTfECdU166EP80lTE8f7dUExJnWj9V9/dogqTSFMLV0ehVr0xt+3NuBQsdR8pWH
eBQMmveE5KOR6SxqefDv0sgVsXiYC0QLKpKkQeFsaWCycg/dXtKwpjITZb8WGY+8
kig3Gv0XNqGv+zs3vwg5c4SO5HzV0iWOB/VcSDTvUjWiKrZsOG6B++3/FwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMIEA2dITF+YCl5zOXcqqxuXVGB0MB8GA1UdIwQY
MBaAFKf9P4kzXc+Chmayj62K6ZO9RIh4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTIt
YzBiMWFkNDM1Yjk1LzEvd2dRRFowaE1YNWdLWG5NNWR5cXJHNWRVWUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zODhmZDgtYzgxZi00ZTcxLWFmNTItYzBiMWFkNDM1Yjk1
LzEvcF8wX2lUTmR6NEtHWnJLUHJZcnBrNzFFaUhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwiCSMA0G
CSqGSIb3DQEBCwUAA4IBAQCN4dY7FLHCK2oa2fyziS670Hd42ABpBlvvlqLW96kd
T9JHsBrP73XtpDI4Y217S8RS5j0fNOBpO/7VBiA0QxSOblLnnji6n7HGbEwSn2+D
hhgJN/j54UZ74FzPtZ5LqP5Qzc/8eXMn2F22/FSzqMKtyRKJ6iUfI0BrIxBfVXDC
pVkJzZB7nyJgIvXOe+6XlPpqbC3DyX6VeqJFvn3N9y+/FEFS/N1OsoqXDWx49DpD
RICEpPsVdFhNT7DGlgKyJMb78qCZ2HHg454B/Lr1UJvydXw4FhChfWJtGcvYO0kA
wwPJZ+2FXiGqhbeovOv192OR1/3lDnLLfhfYYHMXuvs/
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:17:43 2025 by rpki-client