Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wTTGkB1C3sba99O7Byj2hDBHoy0.roa
File: wTTGkB1C3sba99O7Byj2hDBHoy0.roa (raw, json)
Hash identifier: mwUGJCxohlAuJ+vWg8gP01my03/HPUZIJQA2DFlrS74=
Subject key identifier: C1:34:C6:90:1D:42:DE:C6:DA:F7:D3:BB:07:28:F6:84:30:47:A3:2D
Certificate issuer: /CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Certificate serial: 018B4C0BAEB32DCEA603B2DEEC7D6D25777A
Authority key identifier: 99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wTTGkB1C3sba99O7Byj2hDBHoy0.roa
Signing time: Fri 20 Oct 2023 07:45:15 +0000
ROA not before: Fri 20 Oct 2023 07:45:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 137409
IP address blocks: 185.248.0.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:0b:ae:b3:2d:ce:a6:03:b2:de:ec:7d:6d:25:77:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99dcbdf0632a101613a8f6c9449b29ed45c1a872
Validity
Not Before: Oct 20 07:45:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c134c6901d42dec6daf7d3bb0728f6843047a32d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:c4:b4:8b:4c:da:5a:5d:bb:26:54:d1:86:d6:
88:3a:b7:48:e8:1d:66:18:1e:26:95:2d:c5:5a:62:
f4:55:f6:3e:f1:a9:48:b0:45:2a:be:80:de:3a:7a:
67:c9:23:a8:5c:3b:1f:c0:4f:59:69:49:d1:d8:52:
36:c8:cc:32:c6:32:f1:cc:e7:2e:1d:76:6e:37:55:
bf:52:87:c7:86:b9:53:72:c9:6e:26:55:0f:b0:a1:
9f:ed:e9:61:68:f9:ee:a7:b1:f3:29:ca:4c:93:04:
bd:6b:a8:d2:54:58:00:70:b6:2e:c3:e7:5b:87:51:
34:e2:48:40:da:30:72:ac:cc:ae:c8:2a:b9:96:0b:
f8:2b:3c:8b:1d:c3:90:62:ad:01:51:f4:41:f2:9f:
32:8d:4d:c9:e7:ae:cc:dc:7e:3b:14:e0:0e:65:b2:
0a:91:c5:6a:7d:ca:f8:03:99:72:ac:93:c0:22:c8:
a6:db:a5:a1:66:c1:53:d5:2a:04:b6:f4:06:c7:84:
cf:3b:44:4b:47:e4:60:5c:f1:69:5a:36:97:77:23:
51:e0:63:fe:7f:bb:3b:5b:55:bc:eb:8d:38:9f:56:
29:d7:7a:2b:77:ef:35:0c:5a:eb:e6:61:14:4d:76:
c0:c5:57:05:4e:ca:e9:9b:29:a7:08:04:be:0e:ba:
ff:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:34:C6:90:1D:42:DE:C6:DA:F7:D3:BB:07:28:F6:84:30:47:A3:2D
X509v3 Authority Key Identifier:
keyid:99:DC:BD:F0:63:2A:10:16:13:A8:F6:C9:44:9B:29:ED:45:C1:A8:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdy98GMqEBYTqPbJRJsp7UXBqHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/wTTGkB1C3sba99O7Byj2hDBHoy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/4f3d1b-8361-411e-a148-8858a559f251/1/mdy98GMqEBYTqPbJRJsp7UXBqHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.0.0/23
Signature Algorithm: sha256WithRSAEncryption
78:42:fd:7b:71:38:6d:3e:34:f6:26:bc:dc:d8:52:bb:02:33:
19:9d:bd:f7:cc:e4:59:88:0e:ac:de:67:35:f5:b5:32:94:8c:
ef:e1:b9:af:98:3d:11:41:a2:46:e0:f6:84:ce:8f:ab:e5:05:
bd:0e:fa:48:be:63:c9:bf:54:9b:14:bb:70:7d:37:49:ab:01:
9f:2b:45:98:30:be:30:97:e2:c7:95:2f:05:d2:2a:5d:85:88:
d3:ab:3f:ee:d2:5d:8c:19:b1:e3:a0:14:43:ae:e1:54:0a:2b:
b3:80:6e:c8:d2:12:32:e6:b1:59:c8:a3:6c:09:c2:a6:bd:bf:
f6:0f:04:ed:aa:32:56:cc:ad:05:cb:2b:ca:bf:66:66:04:6f:
8f:52:d8:b4:b9:3c:b0:40:1a:71:4d:81:e6:2b:18:db:79:64:
e1:b1:57:b3:3e:e0:40:03:73:a8:3f:71:be:6f:6a:63:81:97:
99:c3:f7:22:0f:21:43:5f:65:d1:0a:2a:37:e2:b5:89:03:c8:
10:01:26:db:a2:6f:29:52:46:dc:d7:1b:bc:34:fe:1c:e8:f0:
4c:b3:5e:55:de:fe:72:7d:4a:e3:c7:24:70:d9:ff:a9:f4:3f:
be:21:3b:b7:45:09:74:2c:c7:0c:05:cf:67:2e:35:9f:d3:5b:
41:ba:97:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYtMC66zLc6mA7Le7H1tJXd6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZGNiZGYwNjMyYTEwMTYxM2E4ZjZjOTQ0OWIyOWVkNDVj
MWE4NzIwHhcNMjMxMDIwMDc0NTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM0YzY5MDFkNDJkZWM2ZGFmN2QzYmIwNzI4ZjY4NDMwNDdhMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0MS0i0zaWl27JlTRhtaIOrdI6B1m
GB4mlS3FWmL0VfY+8alIsEUqvoDeOnpnySOoXDsfwE9ZaUnR2FI2yMwyxjLxzOcu
HXZuN1W/UofHhrlTcsluJlUPsKGf7elhaPnup7HzKcpMkwS9a6jSVFgAcLYuw+db
h1E04khA2jByrMyuyCq5lgv4KzyLHcOQYq0BUfRB8p8yjU3J567M3H47FOAOZbIK
kcVqfcr4A5lyrJPAIsim26WhZsFT1SoEtvQGx4TPO0RLR+RgXPFpWjaXdyNR4GP+
f7s7W1W86404n1Yp13ord+81DFrr5mEUTXbAxVcFTsrpmymnCAS+Drr/DQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFME0xpAdQt7G2vfTuwco9oQwR6MtMB8GA1UdIwQY
MBaAFJncvfBjKhAWE6j2yUSbKe1FwahyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgt
ODg1OGE1NTlmMjUxLzEvd1RUR2tCMUMzc2JhOTlPN0J5ajJoREJIb3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My80ZjNkMWItODM2MS00MTFlLWExNDgtODg1OGE1NTlmMjUx
LzEvbWR5OThHTXFFQllUcVBiSlJKc3A3VVhCcUhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufgAMA0G
CSqGSIb3DQEBCwUAA4IBAQB4Qv17cThtPjT2Jrzc2FK7AjMZnb33zORZiA6s3mc1
9bUylIzv4bmvmD0RQaJG4PaEzo+r5QW9DvpIvmPJv1SbFLtwfTdJqwGfK0WYML4w
l+LHlS8F0ipdhYjTqz/u0l2MGbHjoBRDruFUCiuzgG7I0hIy5rFZyKNsCcKmvb/2
DwTtqjJWzK0FyyvKv2ZmBG+PUti0uTywQBpxTYHmKxjbeWThsVezPuBAA3OoP3G+
b2pjgZeZw/ciDyFDX2XRCio34rWJA8gQASbbom8pUkbc1xu8NP4c6PBMs15V3v5y
fUrjxyRw2f+p9D++ITu3RQl0LMcMBc9nLjWf01tBupfC
-----END CERTIFICATE-----
Generated at Tue Apr 8 06:15:26 2025 by rpki-client