Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/WkytA9omau5ci8X_bNsLQ10Vw40.roa
File: WkytA9omau5ci8X_bNsLQ10Vw40.roa (raw, json)
Hash identifier: zAgARFhT6b55oHzApx3ZN4rWFp9V81ImQ1UaVavsA4Y=
Subject key identifier: 5A:4C:AD:03:DA:26:6A:EE:5C:8B:C5:FF:6C:DB:0B:43:5D:15:C3:8D
Certificate issuer: /CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Certificate serial: 01856F8B8F714A5B6E4D1AE4013EA7E08A11
Authority key identifier: 6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/WkytA9omau5ci8X_bNsLQ10Vw40.roa
Signing time: Sun 01 Jan 2023 22:54:55 +0000
ROA not before: Sun 01 Jan 2023 22:54:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205957
IP address blocks: 185.190.148.0/23 maxlen: 23
194.28.102.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:8f:71:4a:5b:6e:4d:1a:e4:01:3e:a7:e0:8a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce97cf4d8d0bc17b3af1d62c4d71488661bd212
Validity
Not Before: Jan 1 22:54:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a4cad03da266aee5c8bc5ff6cdb0b435d15c38d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0c:2a:47:72:f2:c0:23:87:93:63:0f:60:1e:
94:57:89:85:63:7b:92:c4:16:6a:b0:91:fb:64:c4:
d9:04:9b:73:3e:5c:81:0c:47:a5:cd:34:f9:34:b6:
e2:ef:c1:9a:43:0f:1c:de:1a:d0:8c:c4:d8:c2:9c:
7b:93:e9:58:b0:06:96:4b:e8:2a:42:c1:ea:37:2f:
39:e0:62:08:64:87:fd:87:cf:df:d0:86:20:fe:8a:
1b:17:71:93:40:23:07:cb:f0:1a:85:91:f5:a5:9e:
cd:89:6a:65:4c:74:4e:8a:7c:a7:39:84:a0:74:9c:
23:1b:cc:19:b5:bf:28:06:c9:2e:f6:b8:f8:fd:64:
e6:88:c8:ea:d5:9f:ba:8f:4c:5f:b0:65:39:b9:b2:
ff:4c:96:de:b1:ab:ad:96:c1:b5:90:50:73:92:06:
a8:c2:c5:73:f1:65:1b:9f:1b:0f:a2:60:05:64:d8:
b8:d2:77:c2:c3:13:bf:02:d6:c3:5b:0d:1d:ff:82:
4e:19:ed:c4:26:4a:03:d3:2c:c2:57:43:d0:87:02:
3c:eb:80:0a:25:17:45:95:b0:d1:5a:e5:6d:53:72:
b0:e6:41:fd:c7:04:df:17:61:2d:a3:d1:42:27:4b:
56:7c:36:b8:cb:0c:1e:21:08:8d:96:b1:9d:79:a8:
1d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4C:AD:03:DA:26:6A:EE:5C:8B:C5:FF:6C:DB:0B:43:5D:15:C3:8D
X509v3 Authority Key Identifier:
keyid:6C:E9:7C:F4:D8:D0:BC:17:B3:AF:1D:62:C4:D7:14:88:66:1B:D2:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOl89NjQvBezrx1ixNcUiGYb0hI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/WkytA9omau5ci8X_bNsLQ10Vw40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e4ccb1-ca25-4099-8273-3993aa324e1f/1/bOl89NjQvBezrx1ixNcUiGYb0hI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.148.0/23
194.28.102.0/24
Signature Algorithm: sha256WithRSAEncryption
05:69:ed:27:c3:05:7f:f7:2c:48:da:3a:a8:26:da:83:96:c4:
0e:fb:fa:40:46:b1:3c:78:ee:98:e8:8f:ff:3e:93:7c:ab:cf:
ab:d1:4b:da:38:79:ac:b3:d0:69:09:d2:98:59:46:88:32:8f:
7c:b9:de:eb:84:f0:48:cd:0c:ec:81:c1:ae:62:e2:c6:3e:1e:
ff:33:87:4a:77:dc:8c:4b:55:a1:80:32:71:22:9b:e3:ff:a7:
b4:87:8f:15:ff:9d:c1:04:e0:d2:d5:fd:fa:70:4b:87:5f:e9:
5f:78:57:d1:27:ea:0f:6b:2d:a4:f4:3a:ba:ad:da:92:61:40:
46:0d:34:c6:d3:3c:a2:46:13:17:1c:0d:17:74:a7:10:e1:c6:
4a:b4:95:b5:a4:ed:1c:aa:21:62:a8:a2:71:ba:fd:0b:4f:11:
4a:0a:54:b4:a3:90:c1:ad:44:0a:ae:55:4f:7a:97:e9:9f:c1:
65:9b:de:af:35:75:dc:f8:f3:65:bd:70:e8:ec:cb:49:0a:8d:
7d:b7:d6:78:d0:ac:b4:17:f0:23:33:ea:23:90:b8:3a:ad:bf:
89:c7:79:1c:08:36:60:34:4e:10:0f:a2:87:3b:ed:99:ca:f0:
07:c5:a7:47:f6:6d:22:c5:fd:c5:c1:b7:ba:f2:10:40:35:45:
8c:44:27:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVvi49xSltuTRrkAT6n4IoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTk3Y2Y0ZDhkMGJjMTdiM2FmMWQ2MmM0ZDcxNDg4NjYx
YmQyMTIwHhcNMjMwMTAxMjI1NDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTRjYWQwM2RhMjY2YWVlNWM4YmM1ZmY2Y2RiMGI0MzVkMTVjMzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAwqR3LywCOHk2MPYB6UV4mFY3uS
xBZqsJH7ZMTZBJtzPlyBDEelzTT5NLbi78GaQw8c3hrQjMTYwpx7k+lYsAaWS+gq
QsHqNy854GIIZIf9h8/f0IYg/oobF3GTQCMHy/AahZH1pZ7NiWplTHROinynOYSg
dJwjG8wZtb8oBsku9rj4/WTmiMjq1Z+6j0xfsGU5ubL/TJbesautlsG1kFBzkgao
wsVz8WUbnxsPomAFZNi40nfCwxO/AtbDWw0d/4JOGe3EJkoD0yzCV0PQhwI864AK
JRdFlbDRWuVtU3Kw5kH9xwTfF2Eto9FCJ0tWfDa4ywweIQiNlrGdeagd0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFpMrQPaJmruXIvF/2zbC0NdFcONMB8GA1UdIwQY
MBaAFGzpfPTY0LwXs68dYsTXFIhmG9ISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMt
Mzk5M2FhMzI0ZTFmLzEvV2t5dEE5b21hdTVjaThYX2JOc0xRMTBWdzQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9lNGNjYjEtY2EyNS00MDk5LTgyNzMtMzk5M2FhMzI0ZTFm
LzEvYk9sODlOalF2QmV6cngxaXhOY1VpR1liMGhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBub6UAwQA
whxmMA0GCSqGSIb3DQEBCwUAA4IBAQAFae0nwwV/9yxI2jqoJtqDlsQO+/pARrE8
eO6Y6I//PpN8q8+r0UvaOHmss9BpCdKYWUaIMo98ud7rhPBIzQzsgcGuYuLGPh7/
M4dKd9yMS1WhgDJxIpvj/6e0h48V/53BBODS1f36cEuHX+lfeFfRJ+oPay2k9Dq6
rdqSYUBGDTTG0zyiRhMXHA0XdKcQ4cZKtJW1pO0cqiFiqKJxuv0LTxFKClS0o5DB
rUQKrlVPepfpn8Flm96vNXXc+PNlvXDo7MtJCo19t9Z40Ky0F/AjM+ojkLg6rb+J
x3kcCDZgNE4QD6KHO+2ZyvAHxadH9m0ixf3Fwbe68hBANUWMRCcS
-----END CERTIFICATE-----
Generated at Tue Apr 22 12:36:50 2025 by rpki-client