Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/wHPJfmaPA3IOyaKAIC8XxWbFJ4Y.roa
File: wHPJfmaPA3IOyaKAIC8XxWbFJ4Y.roa (raw, json)
Hash identifier: ++WYIVGNmZqm+nsZ/PaYapq2daFTsaiz00XCpdwI7U4=
Subject key identifier: C0:73:C9:7E:66:8F:03:72:0E:C9:A2:80:20:2F:17:C5:66:C5:27:86
Certificate issuer: /CN=bbca3f25d54620b50ef8520657634d3b096bac57
Certificate serial: 0186A31C57C99A5B0425508A2FA81526303F
Authority key identifier: BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/wHPJfmaPA3IOyaKAIC8XxWbFJ4Y.roa
Signing time: Thu 02 Mar 2023 16:16:29 +0000
ROA not before: Thu 02 Mar 2023 16:16:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 193.41.237.0/24 maxlen: 24
94.143.231.0/24 maxlen: 24
193.42.11.0/24 maxlen: 24
193.42.12.0/24 maxlen: 24
176.96.136.0/22 maxlen: 24
2.59.132.0/22 maxlen: 24
193.41.226.0/24 maxlen: 24
2a0d:5940::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a3:1c:57:c9:9a:5b:04:25:50:8a:2f:a8:15:26:30:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbca3f25d54620b50ef8520657634d3b096bac57
Validity
Not Before: Mar 2 16:16:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c073c97e668f03720ec9a280202f17c566c52786
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:06:ae:df:63:d1:e2:fe:a3:2f:71:12:b8:63:
e0:f0:b0:52:db:e1:fd:dd:c6:b8:f1:f3:d5:40:c4:
ca:5e:98:cb:5a:fc:67:4a:77:fc:2b:0d:9b:b8:98:
04:cf:b2:71:dc:fd:c0:af:df:21:3f:68:3a:63:bf:
fd:51:d1:0f:bf:6c:7d:f2:cf:ff:19:55:41:b8:cf:
44:09:ab:b9:45:ec:90:43:0d:a1:37:cc:1a:6a:44:
e9:4e:74:ae:20:0e:ce:4f:27:06:21:ce:09:71:b7:
c5:0b:9b:71:81:28:5c:97:15:5b:26:6a:9d:b9:b4:
90:08:3c:0a:54:94:2f:e0:57:0c:c8:87:18:7a:83:
90:88:a7:45:29:69:5a:f7:75:7f:66:48:7a:65:d4:
04:df:13:31:89:70:1a:b7:6c:28:3f:37:61:bf:d5:
fb:c4:36:63:34:6d:b3:4f:69:aa:c6:ec:84:6d:33:
e0:00:f7:3e:d1:d7:b2:8c:b4:3e:6a:99:d4:6a:d5:
ba:95:d4:6f:70:94:24:5b:5b:fb:5e:5c:30:33:a2:
c1:d3:27:72:53:b8:83:18:85:91:77:1e:06:80:fc:
16:9a:c9:c0:77:be:ea:4d:80:ad:c7:ec:a4:31:99:
55:be:8e:43:2a:93:b4:e2:24:4e:7e:eb:84:7e:73:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:73:C9:7E:66:8F:03:72:0E:C9:A2:80:20:2F:17:C5:66:C5:27:86
X509v3 Authority Key Identifier:
keyid:BB:CA:3F:25:D5:46:20:B5:0E:F8:52:06:57:63:4D:3B:09:6B:AC:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u8o_JdVGILUO-FIGV2NNOwlrrFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/wHPJfmaPA3IOyaKAIC8XxWbFJ4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/561d24-e921-4ec8-a611-4dc20c5b6268/1/u8o_JdVGILUO-FIGV2NNOwlrrFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.132.0/22
94.143.231.0/24
176.96.136.0/22
193.41.226.0/24
193.41.237.0/24
193.42.11.0-193.42.12.255
IPv6:
2a0d:5940::/29
Signature Algorithm: sha256WithRSAEncryption
04:ea:a8:de:2d:64:14:4e:11:67:d0:45:88:a3:c3:a6:e8:a3:
c7:05:97:de:9f:4c:c1:b6:0d:f6:fe:67:5d:f7:da:db:cf:e6:
d9:c2:d2:59:95:29:28:9b:0e:cc:11:6f:a0:79:24:99:69:dc:
19:52:39:7c:68:6a:6d:06:3e:4d:57:bd:69:6b:bd:4f:f1:c0:
d2:28:47:98:d8:3f:28:4e:14:09:4e:96:06:6e:77:e9:e3:94:
ab:7e:1f:bb:fa:fa:68:dc:6c:1c:d4:cc:66:01:89:42:ae:fa:
66:79:f6:b0:c5:2e:16:43:e1:52:4c:49:0c:08:8d:a2:cc:f8:
02:c1:cf:21:31:d0:d6:78:37:66:ed:2b:be:da:99:a2:9f:9c:
47:14:79:cb:a7:57:b2:e6:8f:66:a8:22:b8:f2:0d:ef:ed:e2:
e8:f6:9d:d6:37:b4:78:bb:1e:e5:de:95:b7:7e:d0:97:28:03:
c0:b3:c6:65:77:2f:58:89:b7:bf:e2:d0:cb:f9:fa:a6:f0:8f:
07:68:30:4f:e2:9f:be:cc:be:b1:3a:a0:75:9d:95:b9:d2:41:
7b:94:54:89:31:b5:67:11:b0:8a:b6:d0:f5:0f:72:8d:aa:6e:
13:db:66:61:ae:42:07:8f:2d:33:cc:7b:1c:26:8e:a9:75:d5:
c0:8a:db:40
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYajHFfJmlsEJVCKL6gVJjA/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiY2EzZjI1ZDU0NjIwYjUwZWY4NTIwNjU3NjM0ZDNiMDk2
YmFjNTcwHhcNMjMwMzAyMTYxNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDczYzk3ZTY2OGYwMzcyMGVjOWEyODAyMDJmMTdjNTY2YzUyNzg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwau32PR4v6jL3ESuGPg8LBS2+H9
3ca48fPVQMTKXpjLWvxnSnf8Kw2buJgEz7Jx3P3Ar98hP2g6Y7/9UdEPv2x98s//
GVVBuM9ECau5ReyQQw2hN8waakTpTnSuIA7OTycGIc4JcbfFC5txgShclxVbJmqd
ubSQCDwKVJQv4FcMyIcYeoOQiKdFKWla93V/Zkh6ZdQE3xMxiXAat2woPzdhv9X7
xDZjNG2zT2mqxuyEbTPgAPc+0deyjLQ+apnUatW6ldRvcJQkW1v7XlwwM6LB0ydy
U7iDGIWRdx4GgPwWmsnAd77qTYCtx+ykMZlVvo5DKpO04iROfuuEfnNYpwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFMBzyX5mjwNyDsmigCAvF8VmxSeGMB8GA1UdIwQY
MBaAFLvKPyXVRiC1DvhSBldjTTsJa6xXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEt
NGRjMjBjNWI2MjY4LzEvd0hQSmZtYVBBM0lPeWFLQUlDOFh4V2JGSjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81NjFkMjQtZTkyMS00ZWM4LWE2MTEtNGRjMjBjNWI2MjY4
LzEvdThvX0pkVkdJTFVPLUZJR1YyTk5Pd2xyckZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQCAjuEAwQA
Xo/nAwQCsGCIAwQAwSniAwQAwSntMAwDBADBKgsDBADBKgwwDQQCAAIwBwMFAyoN
WUAwDQYJKoZIhvcNAQELBQADggEBAATqqN4tZBROEWfQRYijw6boo8cFl96fTMG2
Dfb+Z1332tvP5tnC0lmVKSibDswRb6B5JJlp3BlSOXxoam0GPk1XvWlrvU/xwNIo
R5jYPyhOFAlOlgZud+njlKt+H7v6+mjcbBzUzGYBiUKu+mZ59rDFLhZD4VJMSQwI
jaLM+ALBzyEx0NZ4N2btK77amaKfnEcUecunV7Lmj2aoIrjyDe/t4uj2ndY3tHi7
HuXelbd+0JcoA8CzxmV3L1iJt7/i0Mv5+qbwjwdoME/in77MvrE6oHWdlbnSQXuU
VIkxtWcRsIq20PUPco2qbhPbZmGuQgePLTPMexwmjql11cCK20A=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:41 2025 by rpki-client