Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WVx30sDErnx99ql0zQ_H80pi0qo.roa
File: WVx30sDErnx99ql0zQ_H80pi0qo.roa (raw, json)
Hash identifier: PMCqjJi5Zm6Oz+VPUCBuemWVZIoeQoUjOw9ApRdb/Vg=
Subject key identifier: 59:5C:77:D2:C0:C4:AE:7C:7D:F6:A9:74:CD:0F:C7:F3:4A:62:D2:AA
Certificate issuer: /CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Certificate serial: 01847ABFDBCA1E6CD4997D70DE824D059AAD
Authority key identifier: 35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WVx30sDErnx99ql0zQ_H80pi0qo.roa
Signing time: Tue 15 Nov 2022 10:05:04 +0000
ROA not before: Tue 15 Nov 2022 10:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200848
IP address blocks: 185.94.4.0/22 maxlen: 22
213.109.172.0/22 maxlen: 22
2a09:fc00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:bf:db:ca:1e:6c:d4:99:7d:70:de:82:4d:05:9a:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359f0f5ff620e0db5311f64736909973ac60f6f3
Validity
Not Before: Nov 15 10:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=595c77d2c0c4ae7c7df6a974cd0fc7f34a62d2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c0:a7:13:a5:6b:97:9d:7a:98:7c:66:6a:7f:
b7:e2:70:2e:cd:87:c5:27:66:fb:a5:ed:3c:ea:6c:
08:62:dc:3e:e2:d5:ae:13:0d:6d:f5:eb:22:c5:6f:
75:a5:45:87:ce:a2:21:37:42:ac:f4:e3:77:7a:87:
8a:29:79:bd:fe:60:7d:fc:59:50:19:20:f3:19:1c:
0a:fb:b6:b0:37:8e:d4:be:95:09:58:d2:0e:02:dd:
3f:27:98:94:8f:a6:ff:60:c6:79:49:05:4b:96:df:
83:71:27:3b:a5:f8:12:00:7a:f7:89:fe:f1:5e:34:
90:fb:99:64:62:b8:a2:fe:95:a3:4a:9a:05:b0:33:
cb:a1:ea:8c:e0:53:dc:2d:c2:f1:92:9e:08:c2:ee:
02:bd:95:61:fd:fa:37:29:ff:ba:71:2a:b7:67:f2:
18:f7:e7:c7:bf:1a:87:81:e2:f0:f2:39:81:13:cd:
32:d2:71:11:c0:1b:34:de:65:27:33:e1:d1:1f:58:
4f:b6:7c:75:7d:e1:6d:b6:e2:f2:0f:df:a7:06:64:
ff:16:e7:b7:2d:ad:e2:3f:11:49:9e:b6:ad:93:73:
51:11:17:b9:87:ae:40:ca:b7:71:c1:f1:a5:ae:b0:
8d:f4:fa:4d:e0:cf:58:5a:1d:ce:fc:d4:f5:02:9b:
be:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:5C:77:D2:C0:C4:AE:7C:7D:F6:A9:74:CD:0F:C7:F3:4A:62:D2:AA
X509v3 Authority Key Identifier:
keyid:35:9F:0F:5F:F6:20:E0:DB:53:11:F6:47:36:90:99:73:AC:60:F6:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/WVx30sDErnx99ql0zQ_H80pi0qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/40d9a5-2566-49e1-a57b-d1abf4ee32cb/1/NZ8PX_Yg4NtTEfZHNpCZc6xg9vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.4.0/22
213.109.172.0/22
IPv6:
2a09:fc00::/29
Signature Algorithm: sha256WithRSAEncryption
9e:d3:fe:5d:c4:91:15:8a:cd:fd:e1:ea:56:73:45:dc:09:54:
a3:e6:cf:3e:c7:81:bb:b2:7c:04:81:d7:08:77:e9:e6:80:7a:
c7:f4:b5:b6:38:6e:b6:fa:7f:a4:b3:ee:84:5a:ad:6d:80:d3:
db:8c:fb:d5:b9:41:85:92:d5:f3:98:a8:3b:f0:0b:3b:58:88:
41:65:5b:55:48:19:3e:2f:b7:ed:ee:46:29:71:4e:29:2d:a6:
5d:9d:0d:02:fa:51:d7:df:65:bc:03:06:4b:59:9e:ff:a9:20:
92:4c:02:32:26:e3:00:34:fc:5c:8e:a4:45:dc:85:82:ff:49:
69:de:12:d6:53:cd:47:d8:9d:1a:de:37:43:84:98:81:0d:7d:
aa:ff:a3:6e:80:b3:bb:76:56:ca:68:4c:a8:d9:8b:b1:f5:84:
cb:cb:60:0f:dc:dc:60:71:18:ca:b8:ee:a8:09:2b:2a:8a:75:
b2:5e:9f:b1:ed:64:95:b2:31:9d:90:5e:a3:2d:b9:f7:a2:07:
47:2a:ec:4e:7c:95:84:da:b0:20:a9:33:cc:dc:d6:4d:d5:8c:
14:a0:48:28:a8:5b:45:5f:62:ae:7b:8b:a2:8b:9c:c9:fb:16:
5f:aa:2e:c8:70:74:56:ad:20:e6:22:09:94:ab:b0:10:0f:2b:
46:21:7a:ce
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYR6v9vKHmzUmX1w3oJNBZqtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWYwZjVmZjYyMGUwZGI1MzExZjY0NzM2OTA5OTczYWM2
MGY2ZjMwHhcNMjIxMTE1MTAwNTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTVjNzdkMmMwYzRhZTdjN2RmNmE5NzRjZDBmYzdmMzRhNjJkMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMCnE6Vrl516mHxman+34nAuzYfF
J2b7pe086mwIYtw+4tWuEw1t9esixW91pUWHzqIhN0Ks9ON3eoeKKXm9/mB9/FlQ
GSDzGRwK+7awN47UvpUJWNIOAt0/J5iUj6b/YMZ5SQVLlt+DcSc7pfgSAHr3if7x
XjSQ+5lkYrii/pWjSpoFsDPLoeqM4FPcLcLxkp4Iwu4CvZVh/fo3Kf+6cSq3Z/IY
9+fHvxqHgeLw8jmBE80y0nERwBs03mUnM+HRH1hPtnx1feFttuLyD9+nBmT/Fue3
La3iPxFJnratk3NRERe5h65AyrdxwfGlrrCN9PpN4M9YWh3O/NT1Apu+gQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFFlcd9LAxK58ffapdM0Px/NKYtKqMB8GA1UdIwQY
MBaAFDWfD1/2IODbUxH2RzaQmXOsYPbzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2It
ZDFhYmY0ZWUzMmNiLzEvV1Z4MzBzREVybng5OXFsMHpRX0g4MHBpMHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS80MGQ5YTUtMjU2Ni00OWUxLWE1N2ItZDFhYmY0ZWUzMmNi
LzEvTlo4UFhfWWc0TnRURWZaSE5wQ1pjNnhnOXZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV4EAwQC
1W2sMA0EAgACMAcDBQMqCfwAMA0GCSqGSIb3DQEBCwUAA4IBAQCe0/5dxJEVis39
4epWc0XcCVSj5s8+x4G7snwEgdcId+nmgHrH9LW2OG62+n+ks+6EWq1tgNPbjPvV
uUGFktXzmKg78As7WIhBZVtVSBk+L7ft7kYpcU4pLaZdnQ0C+lHX32W8AwZLWZ7/
qSCSTAIyJuMANPxcjqRF3IWC/0lp3hLWU81H2J0a3jdDhJiBDX2q/6NugLO7dlbK
aEyo2Yux9YTLy2AP3NxgcRjKuO6oCSsqinWyXp+x7WSVsjGdkF6jLbn3ogdHKuxO
fJWE2rAgqTPM3NZN1YwUoEgoqFtFX2Kue4uii5zJ+xZfqi7IcHRWrSDmIgmUq7AQ
DytGIXrO
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:04:33 2025 by rpki-client