Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/WhsZZw2xWrn_nfL3rI2RXgnLE1o.roa
File: WhsZZw2xWrn_nfL3rI2RXgnLE1o.roa (raw, json)
Hash identifier: PfKKrmqtGgV/j2g6swC56odlye7vrwCNEIqBARzisaw=
Subject key identifier: 5A:1B:19:67:0D:B1:5A:B9:FF:9D:F2:F7:AC:8D:91:5E:09:CB:13:5A
Certificate issuer: /CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Certificate serial: 018388758CD9C1BCE21C712BCF6542ABFD79
Authority key identifier: 48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/WhsZZw2xWrn_nfL3rI2RXgnLE1o.roa
Signing time: Thu 29 Sep 2022 08:55:48 +0000
ROA not before: Thu 29 Sep 2022 08:55:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48635
IP address blocks: 91.238.176.0/23 maxlen: 24
194.247.30.0/23 maxlen: 24
176.117.58.0/23 maxlen: 24
195.20.8.0/22 maxlen: 24
77.94.248.0/21 maxlen: 24
193.23.143.0/24 maxlen: 24
185.28.56.0/22 maxlen: 24
91.198.106.0/24 maxlen: 24
193.164.192.0/23 maxlen: 24
185.232.248.0/22 maxlen: 24
2a00:9b60::/40 maxlen: 48
2001:67c:28fc::/48 maxlen: 48
2a00:f60::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:75:8c:d9:c1:bc:e2:1c:71:2b:cf:65:42:ab:fd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=488c65dc359b58ca6ba5d3daeb874f058684e8c6
Validity
Not Before: Sep 29 08:55:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a1b19670db15ab9ff9df2f7ac8d915e09cb135a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:1a:02:ed:16:d5:91:de:fd:4e:02:5b:2c:
ec:8a:a2:59:34:f2:dc:a5:6b:67:60:aa:b2:df:f5:
66:b4:13:b7:55:3b:ac:94:f4:4b:d1:77:59:ec:d0:
78:82:52:58:9a:ee:ac:b7:82:36:fb:1f:14:14:fe:
32:2d:3e:a0:13:b4:60:98:c0:df:1b:07:db:35:9a:
a9:ce:3a:4f:56:59:49:8d:4d:c1:20:1c:af:ad:c5:
b1:e9:77:5a:1b:b0:d0:91:40:f4:ce:89:67:f9:10:
66:22:29:5f:4d:f9:f9:cc:ce:ac:ee:f8:e9:a2:31:
01:b0:de:fb:e4:6e:50:dc:54:5f:6b:a2:99:51:10:
84:d1:db:60:85:8d:63:44:54:88:fb:81:22:df:2c:
c5:e3:31:30:e1:da:de:ed:ec:92:5e:2e:77:52:75:
92:ca:4e:0c:9c:4e:8f:1f:11:11:52:28:ba:ad:86:
ab:5d:3d:fc:9d:5c:f2:c8:b7:ef:aa:4d:6f:07:b8:
2a:b8:55:79:20:d6:db:30:74:aa:53:e2:41:c8:2a:
73:59:2f:df:30:c4:76:17:9a:80:9f:41:ae:d8:db:
a3:4f:a2:87:3b:bb:3d:03:6f:2f:c2:1d:08:0d:84:
1f:29:8e:41:e3:7a:db:32:cc:33:44:a8:27:0f:0f:
d2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:1B:19:67:0D:B1:5A:B9:FF:9D:F2:F7:AC:8D:91:5E:09:CB:13:5A
X509v3 Authority Key Identifier:
keyid:48:8C:65:DC:35:9B:58:CA:6B:A5:D3:DA:EB:87:4F:05:86:84:E8:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SIxl3DWbWMprpdPa64dPBYaE6MY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/WhsZZw2xWrn_nfL3rI2RXgnLE1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c48271-dee5-4841-a7dd-b0d72e910efe/1/SIxl3DWbWMprpdPa64dPBYaE6MY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.94.248.0/21
91.198.106.0/24
91.238.176.0/23
176.117.58.0/23
185.28.56.0/22
185.232.248.0/22
193.23.143.0/24
193.164.192.0/23
194.247.30.0/23
195.20.8.0/22
IPv6:
2001:67c:28fc::/48
2a00:f60::/32
2a00:9b60::/40
Signature Algorithm: sha256WithRSAEncryption
85:5b:41:2b:9d:03:93:94:64:18:56:6e:9c:19:34:d5:75:0f:
69:4f:b0:82:6c:bb:40:7c:8f:85:66:2a:53:d7:f3:8c:d0:0a:
f1:31:ac:00:90:78:42:cf:f3:fb:7d:51:a2:fe:ad:05:50:3f:
d0:f2:c7:b6:fb:50:1e:73:00:8f:06:6d:67:99:7f:20:be:6d:
e0:ec:9d:31:f2:e3:ab:83:dc:7a:5d:a9:26:14:2e:61:60:5c:
d2:fb:a8:65:92:6d:e1:8f:d1:40:df:86:ca:0e:c9:35:4d:d2:
26:a2:a0:0c:96:90:ea:ac:0f:30:24:66:ef:9f:a8:67:2d:52:
1c:c4:4b:0f:09:ba:80:95:a4:be:aa:6f:60:39:2f:f7:b0:af:
63:cd:76:5c:2e:d3:86:3f:3a:42:4e:bc:cc:00:da:8c:ce:79:
14:6c:de:95:8e:bd:9a:80:9b:75:ea:15:c4:14:0d:af:44:8f:
7b:8d:31:3e:04:92:a8:6a:c8:2e:1e:d8:41:8c:ce:bc:f7:9c:
7d:d9:9f:2e:4b:6e:cb:c5:d0:2a:46:1b:a1:c1:31:16:c4:ac:
45:f7:91:75:f4:e6:43:9a:b4:97:6b:08:e8:55:9e:cd:5f:f6:
d0:c0:94:01:83:6c:ce:61:83:eb:ab:9f:f8:ad:37:5c:b7:11:
72:2d:35:fb
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYOIdYzZwbziHHErz2VCq/15MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4OGM2NWRjMzU5YjU4Y2E2YmE1ZDNkYWViODc0ZjA1ODY4
NGU4YzYwHhcNMjIwOTI5MDg1NTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTFiMTk2NzBkYjE1YWI5ZmY5ZGYyZjdhYzhkOTE1ZTA5Y2IxMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9MaAu0W1ZHe/U4CWyzsiqJZNPLc
pWtnYKqy3/VmtBO3VTuslPRL0XdZ7NB4glJYmu6st4I2+x8UFP4yLT6gE7RgmMDf
GwfbNZqpzjpPVllJjU3BIByvrcWx6XdaG7DQkUD0zoln+RBmIilfTfn5zM6s7vjp
ojEBsN775G5Q3FRfa6KZURCE0dtghY1jRFSI+4Ei3yzF4zEw4dre7eySXi53UnWS
yk4MnE6PHxERUii6rYarXT38nVzyyLfvqk1vB7gquFV5INbbMHSqU+JByCpzWS/f
MMR2F5qAn0Gu2NujT6KHO7s9A28vwh0IDYQfKY5B43rbMswzRKgnDw/SrwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFFobGWcNsVq5/53y96yNkV4JyxNaMB8GA1UdIwQY
MBaAFEiMZdw1m1jKa6XT2uuHTwWGhOjGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQt
YjBkNzJlOTEwZWZlLzEvV2hzWlp3MnhXcm5fbmZMM3JJMlJYZ25MRTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNDgyNzEtZGVlNS00ODQxLWE3ZGQtYjBkNzJlOTEwZWZl
LzEvU0l4bDNEV2JXTXBycGRQYTY0ZFBCWWFFNk1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBCBAIAATA8AwQDTV74AwQA
W8ZqAwQBW+6wAwQBsHU6AwQCuRw4AwQCuej4AwQAwRePAwQBwaTAAwQBwvceAwQC
wxQIMB4EAgACMBgDBwAgAQZ8KPwDBQAqAA9gAwYAKgCbYAAwDQYJKoZIhvcNAQEL
BQADggEBAIVbQSudA5OUZBhWbpwZNNV1D2lPsIJsu0B8j4VmKlPX84zQCvExrACQ
eELP8/t9UaL+rQVQP9Dyx7b7UB5zAI8GbWeZfyC+beDsnTHy46uD3HpdqSYULmFg
XNL7qGWSbeGP0UDfhsoOyTVN0iaioAyWkOqsDzAkZu+fqGctUhzESw8JuoCVpL6q
b2A5L/ewr2PNdlwu04Y/OkJOvMwA2ozOeRRs3pWOvZqAm3XqFcQUDa9Ej3uNMT4E
kqhqyC4e2EGMzrz3nH3Zny5LbsvF0CpGG6HBMRbErEX3kXX05kOatJdrCOhVns1f
9tDAlAGDbM5hg+urn/itN1y3EXItNfs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:33:34 2025 by rpki-client