Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/wGXaCvZgCDBzNYc3fetp_KENgxc.roa
File: wGXaCvZgCDBzNYc3fetp_KENgxc.roa (raw, json)
Hash identifier: yzSFV2/EsdisENznQ2bSa67FMMIe66q3b4O5cBqh1Co=
Subject key identifier: C0:65:DA:0A:F6:60:08:30:73:35:87:37:7D:EB:69:FC:A1:0D:83:17
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018C4EA5D7EFBEFE558849F48E91468D91BA
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/wGXaCvZgCDBzNYc3fetp_KENgxc.roa
Signing time: Sat 09 Dec 2023 12:55:40 +0000
ROA not before: Sat 09 Dec 2023 12:55:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.243.50.0/23 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
185.212.50.0/23 maxlen: 24
178.239.148.0/23 maxlen: 24
178.239.154.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:a5:d7:ef:be:fe:55:88:49:f4:8e:91:46:8d:91:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 9 12:55:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c065da0af6600830733587377deb69fca10d8317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:f2:25:79:e6:4e:8d:4a:bc:6d:37:1e:0a:f1:
9f:78:76:84:96:cd:29:df:6e:a8:d8:dd:17:e7:7f:
f1:b8:0c:a6:f4:df:3d:cf:82:35:38:eb:9c:4e:7f:
95:f3:32:24:cd:53:5a:60:c1:f0:a0:dd:d8:06:a6:
29:1d:96:c3:e9:08:60:d8:08:2c:ff:30:26:7c:17:
ac:b5:ff:3e:b5:0a:9d:d7:1e:56:72:6f:6b:21:51:
db:5a:ce:6e:af:45:6a:e8:54:de:98:c7:f4:46:19:
2a:f6:d6:69:c8:62:9f:94:33:51:c4:ce:62:b9:03:
02:03:19:f1:7e:4f:cb:22:cb:6c:d1:89:7c:a2:43:
47:b0:6d:e4:cd:0e:c8:35:59:9c:b0:95:95:ba:df:
82:43:95:a8:f6:9f:72:84:77:4f:4a:62:b9:cb:a9:
fc:4f:30:2f:4e:72:c6:2a:8b:cd:23:d6:7d:51:71:
fe:de:df:e4:64:86:bf:bc:50:ec:59:c2:8d:fa:73:
06:4a:74:ec:a7:3f:8d:43:34:40:25:27:60:96:e9:
92:4e:69:2a:62:40:31:21:f9:48:8f:8a:00:78:f5:
3f:b1:38:ef:32:3f:4b:e6:6a:a6:52:71:d4:0f:d0:
7a:ea:ff:d3:5f:55:aa:49:d1:ca:a9:a0:0f:a7:13:
93:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:65:DA:0A:F6:60:08:30:73:35:87:37:7D:EB:69:FC:A1:0D:83:17
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/wGXaCvZgCDBzNYc3fetp_KENgxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0-178.239.149.255
178.239.154.0/24
185.212.50.0/23
185.215.228.0/23
185.243.50.0/23
Signature Algorithm: sha256WithRSAEncryption
9a:5e:8b:a9:eb:8f:d0:05:9c:a8:fd:7f:ef:6f:f9:c5:8d:fe:
43:ba:00:ca:ed:a6:c5:b0:28:e2:fa:0f:a5:ca:6d:a9:77:7a:
94:08:f9:b4:ee:f4:7a:7b:b9:dc:e3:00:e8:cb:66:1d:63:c7:
be:56:0e:b7:39:e4:6f:0d:e5:66:43:bb:78:d6:2e:7f:76:4b:
77:82:7d:cc:86:3a:3d:eb:6a:fc:34:5e:51:82:d9:c3:d1:e3:
bb:b8:20:54:25:87:ad:c0:b6:a7:4c:49:af:d2:98:58:98:18:
16:ba:de:49:60:41:51:bd:7b:c3:29:15:e0:4b:05:ab:e6:50:
24:1f:32:76:93:d2:5b:c0:c6:40:8d:3a:8e:49:77:c1:6c:36:
80:a1:01:78:7c:9b:0e:0c:26:c5:9f:d0:6f:fb:ad:fb:17:36:
29:ee:a8:50:56:bd:f1:1f:44:b9:56:32:cc:fe:9e:27:da:66:
0f:70:0b:a7:75:a8:c9:95:2a:dd:05:0c:a9:be:a5:05:8e:fa:
6d:13:42:2b:9a:e9:f1:e8:3c:26:1b:8d:2b:cd:e3:1f:bb:b1:
a2:af:95:ec:9b:aa:47:85:44:48:ad:c9:cc:e7:2a:28:c1:4c:
6f:05:16:99:80:e5:0b:e4:6b:21:26:85:59:de:0c:1a:62:30:
06:1f:e1:0f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYxOpdfvvv5ViEn0jpFGjZG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMjA5MTI1NTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDY1ZGEwYWY2NjAwODMwNzMzNTg3Mzc3ZGViNjlmY2ExMGQ4MzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu/IleeZOjUq8bTceCvGfeHaEls0p
326o2N0X53/xuAym9N89z4I1OOucTn+V8zIkzVNaYMHwoN3YBqYpHZbD6Qhg2Ags
/zAmfBestf8+tQqd1x5Wcm9rIVHbWs5ur0Vq6FTemMf0Rhkq9tZpyGKflDNRxM5i
uQMCAxnxfk/LIsts0Yl8okNHsG3kzQ7INVmcsJWVut+CQ5Wo9p9yhHdPSmK5y6n8
TzAvTnLGKovNI9Z9UXH+3t/kZIa/vFDsWcKN+nMGSnTspz+NQzRAJSdglumSTmkq
YkAxIflIj4oAePU/sTjvMj9L5mqmUnHUD9B66v/TX1WqSdHKqaAPpxOTkwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMBl2gr2YAgwczWHN33rafyhDYMXMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvd0dYYUN2WmdDREJ6TlljM2ZldHBfS0VOZ3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBASy75AD
BAGy75QDBACy75oDBAG51DIDBAG51+QDBAG58zIwDQYJKoZIhvcNAQELBQADggEB
AJpei6nrj9AFnKj9f+9v+cWN/kO6AMrtpsWwKOL6D6XKbal3epQI+bTu9Hp7udzj
AOjLZh1jx75WDrc55G8N5WZDu3jWLn92S3eCfcyGOj3ravw0XlGC2cPR47u4IFQl
h63AtqdMSa/SmFiYGBa63klgQVG9e8MpFeBLBavmUCQfMnaT0lvAxkCNOo5Jd8Fs
NoChAXh8mw4MJsWf0G/7rfsXNinuqFBWvfEfRLlWMsz+nifaZg9wC6d1qMmVKt0F
DKm+pQWO+m0TQiua6fHoPCYbjSvN4x+7saKvleybqkeFREitycznKijBTG8FFpmA
5QvkayEmhVneDBpiMAYf4Q8=
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:50:59 2025 by rpki-client