Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/WxjeFz0z8qCizvF44X3ePzN07DE.roa
File: WxjeFz0z8qCizvF44X3ePzN07DE.roa (raw, json)
Hash identifier: qUxeksF9HWqWocNTKDhhjKqPOJyFMSHOEJ7XYkBIk/c=
Subject key identifier: 5B:18:DE:17:3D:33:F2:A0:A2:CE:F1:78:E1:7D:DE:3F:33:74:EC:31
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018CAB45EF78ED7E9BC75FC5BD255BF9B234
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/WxjeFz0z8qCizvF44X3ePzN07DE.roa
Signing time: Wed 27 Dec 2023 12:35:36 +0000
ROA not before: Wed 27 Dec 2023 12:35:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210818
IP address blocks: 37.32.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:45:ef:78:ed:7e:9b:c7:5f:c5:bd:25:5b:f9:b2:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 27 12:35:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5b18de173d33f2a0a2cef178e17dde3f3374ec31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:dc:af:74:ec:a1:96:d6:c5:6a:f7:ba:8c:1c:
03:73:18:a5:de:12:0a:28:f5:28:ee:b5:4e:8a:5e:
8b:3d:27:28:ff:08:6b:b3:72:b6:8c:5f:e8:e3:34:
bb:53:e6:d6:b8:60:1e:ec:73:46:31:41:05:9a:9b:
26:81:a5:89:8f:a2:61:da:22:d8:85:1b:2c:5e:a7:
ed:40:7f:16:52:ca:d5:18:1d:aa:0c:ff:ad:21:ad:
80:d8:44:69:74:62:1e:da:6f:45:6c:ef:3a:7f:b7:
3b:2d:38:45:ed:ca:45:c2:e2:a8:92:22:72:40:56:
36:64:54:10:c0:28:f4:f9:28:c7:e9:f6:26:dc:73:
cd:c1:84:cc:80:e8:1d:7a:bc:c5:8f:05:be:4b:80:
d6:1a:18:33:db:f3:49:c0:7c:89:6a:14:e3:1a:ee:
49:a8:b6:be:d1:37:9f:7c:5d:c5:c7:55:4a:52:b5:
c1:e4:39:af:dd:23:82:10:67:27:8f:d2:01:60:a0:
d9:a8:41:e2:65:e2:b8:b2:7f:11:bd:58:29:10:30:
ca:4d:8a:f5:98:fd:ce:55:2c:8f:cd:70:83:f6:ff:
2c:75:5e:e9:74:26:cb:89:07:d5:cd:d9:87:0a:0a:
00:c7:86:65:4a:93:b3:18:00:73:87:ed:e9:98:12:
40:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:18:DE:17:3D:33:F2:A0:A2:CE:F1:78:E1:7D:DE:3F:33:74:EC:31
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/WxjeFz0z8qCizvF44X3ePzN07DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.46.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:0c:a9:a6:9a:2a:a3:92:98:28:70:1e:8f:e9:d9:e9:df:8a:
06:41:ed:9e:58:a0:5a:d1:5d:92:f1:bb:4b:c6:dd:58:b8:ac:
7d:5e:5a:a6:a2:69:86:d3:93:79:7f:14:5b:70:77:7f:0a:b0:
f0:2c:91:f7:e1:d1:48:8b:28:c4:17:35:09:f0:0d:2f:39:e5:
2f:50:1f:ab:f6:5e:cc:04:fc:dd:bc:c1:94:10:1f:13:aa:9e:
c2:68:b4:b0:49:12:63:5e:11:b2:c9:96:39:57:f4:90:66:32:
48:f0:de:25:fd:ce:37:3b:1f:4e:7f:f8:ec:17:d3:9f:b3:35:
c7:09:75:b2:cf:2d:50:2e:ad:f4:71:28:69:94:40:e3:21:f8:
c4:ce:4c:5f:0b:d3:46:a3:86:ca:ae:28:47:9d:8a:59:77:7b:
a9:44:fa:a4:f8:20:1f:c0:da:6d:04:b8:7b:8e:b1:5b:06:dd:
4e:c3:b4:14:44:89:ed:2c:0a:ea:1d:1f:db:9b:eb:ce:27:14:
b1:37:0d:f9:bc:4e:25:2e:89:9e:c0:fb:2b:db:7a:41:6b:6b:
24:82:58:ba:b9:08:9e:d1:48:96:e5:3b:97:64:03:5e:56:ed:
b8:45:8a:07:9b:83:c1:79:cb:79:a3:e0:6f:6d:44:3f:bf:82:
3e:b5:dc:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrRe947X6bx1/FvSVb+bI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMjI3MTIzNTM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YjE4ZGUxNzNkMzNmMmEwYTJjZWYxNzhlMTdkZGUzZjMzNzRlYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dyvdOyhltbFave6jBwDcxil3hIK
KPUo7rVOil6LPSco/whrs3K2jF/o4zS7U+bWuGAe7HNGMUEFmpsmgaWJj6Jh2iLY
hRssXqftQH8WUsrVGB2qDP+tIa2A2ERpdGIe2m9FbO86f7c7LThF7cpFwuKokiJy
QFY2ZFQQwCj0+SjH6fYm3HPNwYTMgOgderzFjwW+S4DWGhgz2/NJwHyJahTjGu5J
qLa+0TeffF3Fx1VKUrXB5Dmv3SOCEGcnj9IBYKDZqEHiZeK4sn8RvVgpEDDKTYr1
mP3OVSyPzXCD9v8sdV7pdCbLiQfVzdmHCgoAx4ZlSpOzGABzh+3pmBJAOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFsY3hc9M/Kgos7xeOF93j8zdOwxMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvV3hqZUZ6MHo4cUNpenZGNDRYM2VQek4wN0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJSAuMA0G
CSqGSIb3DQEBCwUAA4IBAQBPDKmmmiqjkpgocB6P6dnp34oGQe2eWKBa0V2S8btL
xt1YuKx9XlqmommG05N5fxRbcHd/CrDwLJH34dFIiyjEFzUJ8A0vOeUvUB+r9l7M
BPzdvMGUEB8Tqp7CaLSwSRJjXhGyyZY5V/SQZjJI8N4l/c43Ox9Of/jsF9OfszXH
CXWyzy1QLq30cShplEDjIfjEzkxfC9NGo4bKrihHnYpZd3upRPqk+CAfwNptBLh7
jrFbBt1Ow7QURIntLArqHR/bm+vOJxSxNw35vE4lLomewPsr23pBa2skgli6uQie
0UiW5TuXZANeVu24RYoHm4PBect5o+BvbUQ/v4I+tdwj
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:09 2025 by rpki-client