Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/Wfd4nQKr8CQikkeZ65TQBd0QogE.roa
File: Wfd4nQKr8CQikkeZ65TQBd0QogE.roa (raw, json)
Hash identifier: zXhsnff7uux/kyHIcElvmqbJYyYDL1HUUDSSGHiatzA=
Subject key identifier: 59:F7:78:9D:02:AB:F0:24:22:92:47:99:EB:94:D0:05:DD:10:A2:01
Certificate issuer: /CN=4e04e0a718a6139a9c65f0d4886bb82714da6682
Certificate serial: 01857042A2BD68AF141DE293386E94FD63AA
Authority key identifier: 4E:04:E0:A7:18:A6:13:9A:9C:65:F0:D4:88:6B:B8:27:14:DA:66:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TgTgpximE5qcZfDUiGu4JxTaZoI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/Wfd4nQKr8CQikkeZ65TQBd0QogE.roa
Signing time: Mon 02 Jan 2023 02:14:53 +0000
ROA not before: Mon 02 Jan 2023 02:14:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24867
IP address blocks: 82.211.64.0/18 maxlen: 24
85.133.0.0/17 maxlen: 24
62.140.192.0/19 maxlen: 24
2a01:398::/32 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:42:a2:bd:68:af:14:1d:e2:93:38:6e:94:fd:63:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e04e0a718a6139a9c65f0d4886bb82714da6682
Validity
Not Before: Jan 2 02:14:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=59f7789d02abf02422924799eb94d005dd10a201
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c7:73:87:75:4e:f4:aa:7e:0c:78:8e:a0:24:
3d:9f:bc:27:da:4c:cf:43:3e:bb:99:a1:a2:1f:4b:
37:99:fd:23:89:aa:4b:fa:f1:d0:87:cb:79:fe:48:
bb:39:5e:c0:b4:51:6f:c3:43:62:0f:25:72:26:18:
f5:e3:e4:41:22:46:37:1b:75:32:a8:c0:1e:0a:7d:
af:40:42:ac:0b:74:8d:4a:a0:30:de:13:27:29:77:
51:58:55:2a:80:a9:c0:25:8e:5a:c9:3a:f9:66:fc:
ad:65:9f:c7:fc:19:b9:20:9d:5d:54:c6:4e:3f:42:
96:cb:b4:cd:4e:3c:2a:0c:39:7e:01:9a:fc:f2:6f:
a3:1f:bb:3e:2d:b0:26:2c:2c:e9:55:86:46:90:c7:
83:95:b5:4f:f2:ed:82:4e:0c:2d:5d:fd:9a:51:c0:
e4:d4:b8:f0:5c:0d:42:04:29:86:3c:3a:d7:da:05:
12:ab:81:3f:cb:81:36:64:a5:3c:46:8d:14:58:05:
e5:36:4b:c9:91:99:d8:5b:32:56:0e:9e:ce:f6:76:
dd:0b:63:a8:93:1b:f7:61:a7:fa:86:4e:b5:b5:27:
c8:df:dc:cd:52:39:04:81:0d:98:53:01:fe:b4:72:
28:65:7e:91:31:28:79:6a:9c:d1:70:b8:3a:98:05:
85:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:F7:78:9D:02:AB:F0:24:22:92:47:99:EB:94:D0:05:DD:10:A2:01
X509v3 Authority Key Identifier:
keyid:4E:04:E0:A7:18:A6:13:9A:9C:65:F0:D4:88:6B:B8:27:14:DA:66:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TgTgpximE5qcZfDUiGu4JxTaZoI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/Wfd4nQKr8CQikkeZ65TQBd0QogE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/4afeab-02b9-4ebd-bfa2-8e80b496a03e/1/TgTgpximE5qcZfDUiGu4JxTaZoI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.140.192.0/19
82.211.64.0/18
85.133.0.0/17
IPv6:
2a01:398::/32
Signature Algorithm: sha256WithRSAEncryption
26:98:f0:19:dd:4e:9f:45:43:b3:64:61:e4:7c:f5:36:ca:a7:
28:74:c3:82:5f:71:4f:1c:e7:be:26:35:74:7f:e0:cb:ea:e9:
b5:a9:f6:63:5c:f7:b7:22:1e:2f:dc:09:66:62:7d:7c:7f:37:
2d:7e:d0:85:97:94:04:ad:32:ae:a4:6e:e0:75:99:46:b7:32:
94:b2:be:18:0d:c6:32:9e:dd:f9:08:5e:99:d7:5a:5f:78:a0:
13:10:63:b4:c2:85:36:26:9e:70:00:eb:01:29:8e:20:a5:2f:
09:4b:29:76:30:da:11:a3:9d:e4:ad:7d:14:c7:64:c8:3c:f6:
7e:71:b9:61:8c:f3:bc:a9:cb:6b:79:59:f2:68:29:81:22:19:
12:03:e7:6f:43:08:2a:12:95:4c:b9:4a:f5:5f:05:51:8a:70:
21:17:c3:fe:0e:0d:8d:82:32:f5:1c:6b:c1:bc:be:f4:9e:cb:
bb:41:0d:29:56:c8:5b:36:d0:cd:29:67:7f:54:57:1f:4e:5c:
e2:5b:57:cf:db:ad:80:61:e7:7e:32:a3:18:27:c8:fd:28:54:
19:37:3a:22:f9:4b:ab:d3:d5:16:db:0f:51:7d:34:98:f6:eb:
0e:2d:6f:3c:21:7f:cb:cf:17:5c:ea:c7:58:38:cd:93:42:f6:
88:aa:e9:52
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwQqK9aK8UHeKTOG6U/WOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMDRlMGE3MThhNjEzOWE5YzY1ZjBkNDg4NmJiODI3MTRk
YTY2ODIwHhcNMjMwMTAyMDIxNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWY3Nzg5ZDAyYWJmMDI0MjI5MjQ3OTllYjk0ZDAwNWRkMTBhMjAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMdzh3VO9Kp+DHiOoCQ9n7wn2kzP
Qz67maGiH0s3mf0jiapL+vHQh8t5/ki7OV7AtFFvw0NiDyVyJhj14+RBIkY3G3Uy
qMAeCn2vQEKsC3SNSqAw3hMnKXdRWFUqgKnAJY5ayTr5ZvytZZ/H/Bm5IJ1dVMZO
P0KWy7TNTjwqDDl+AZr88m+jH7s+LbAmLCzpVYZGkMeDlbVP8u2CTgwtXf2aUcDk
1LjwXA1CBCmGPDrX2gUSq4E/y4E2ZKU8Ro0UWAXlNkvJkZnYWzJWDp7O9nbdC2Oo
kxv3Yaf6hk61tSfI39zNUjkEgQ2YUwH+tHIoZX6RMSh5apzRcLg6mAWFmQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFFn3eJ0Cq/AkIpJHmeuU0AXdEKIBMB8GA1UdIwQY
MBaAFE4E4KcYphOanGXw1IhruCcU2maCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGdUZ3B4aW1FNXFjWmZEVWlHdTRKeFRhWm9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC80YWZlYWItMDJiOS00ZWJkLWJmYTIt
OGU4MGI0OTZhMDNlLzEvV2ZkNG5RS3I4Q1Fpa2tlWjY1VFFCZDBRb2dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC80YWZlYWItMDJiOS00ZWJkLWJmYTItOGU4MGI0OTZhMDNl
LzEvVGdUZ3B4aW1FNXFjWmZEVWlHdTRKeFRhWm9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPozAAwQG
UtNAAwQHVYUAMA0EAgACMAcDBQAqAQOYMA0GCSqGSIb3DQEBCwUAA4IBAQAmmPAZ
3U6fRUOzZGHkfPU2yqcodMOCX3FPHOe+JjV0f+DL6um1qfZjXPe3Ih4v3AlmYn18
fzctftCFl5QErTKupG7gdZlGtzKUsr4YDcYynt35CF6Z11pfeKATEGO0woU2Jp5w
AOsBKY4gpS8JSyl2MNoRo53krX0Ux2TIPPZ+cblhjPO8qctreVnyaCmBIhkSA+dv
QwgqEpVMuUr1XwVRinAhF8P+Dg2NgjL1HGvBvL70nsu7QQ0pVshbNtDNKWd/VFcf
TlziW1fP262AYed+MqMYJ8j9KFQZNzoi+Uur09UW2w9RfTSY9usOLW88IX/Lzxdc
6sdYOM2TQvaIqulS
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:58:08 2025 by rpki-client