Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/WYHyUQIC-veC6nIfi2mu5rdsIyc.roa
File: WYHyUQIC-veC6nIfi2mu5rdsIyc.roa (raw, json)
Hash identifier: gT2pTYrwE34uWOBrkMrelT5kl21CwUWL4PMQ6rojt44=
Subject key identifier: 59:81:F2:51:02:02:FA:F7:82:EA:72:1F:8B:69:AE:E6:B7:6C:23:27
Certificate issuer: /CN=509f391f29d92078ba6e2c76faa2f8ae947343e6
Certificate serial: 018B13F87A012C48054A97D5F22ADE696F12
Authority key identifier: 50:9F:39:1F:29:D9:20:78:BA:6E:2C:76:FA:A2:F8:AE:94:73:43:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJ85HynZIHi6bix2-qL4rpRzQ-Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/WYHyUQIC-veC6nIfi2mu5rdsIyc.roa
Signing time: Mon 09 Oct 2023 10:25:33 +0000
ROA not before: Mon 09 Oct 2023 10:25:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203568
IP address blocks: 92.243.76.0/22 maxlen: 22
185.130.156.0/24 maxlen: 24
185.130.156.0/22 maxlen: 22
185.214.220.0/22 maxlen: 22
185.214.220.0/24 maxlen: 24
2a07:6a80::/29 maxlen: 29
2a07:6a86::/32 maxlen: 32
2a07:6a82::/31 maxlen: 31
2a0d:d5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:f8:7a:01:2c:48:05:4a:97:d5:f2:2a:de:69:6f:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=509f391f29d92078ba6e2c76faa2f8ae947343e6
Validity
Not Before: Oct 9 10:25:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5981f2510202faf782ea721f8b69aee6b76c2327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:47:2e:33:04:5e:90:70:ec:2b:1d:c8:e3:d6:
bc:08:e2:c5:4f:16:55:e9:e5:8f:84:18:9b:26:05:
2d:3e:08:7d:7e:d0:ed:f2:aa:d3:5f:70:07:b4:07:
d3:82:aa:f5:8b:e4:8c:6f:02:94:2d:e2:b4:1d:59:
83:86:e7:2c:69:20:1b:9e:4d:b5:c5:72:b0:8f:66:
5e:f2:34:27:be:0b:d3:6b:b2:c5:d3:39:43:42:8e:
b5:ba:c2:12:12:06:c5:c3:d6:77:0a:41:85:82:dd:
73:1f:e9:79:0e:a8:6d:06:72:81:6b:bf:2d:7b:1d:
45:32:33:d2:cf:e5:33:38:11:d7:7f:9a:cc:a4:3d:
a5:3b:90:0a:18:e4:dd:90:71:e7:ba:7b:e0:5c:6a:
05:f7:ce:ae:99:a6:29:17:8b:93:f0:75:de:2a:03:
fb:3c:41:5f:58:d8:8d:d1:7c:b9:7d:c1:2e:71:c4:
74:cb:a9:f6:a0:82:9f:1c:1a:ae:a1:2a:20:00:3c:
11:f0:df:86:9e:8b:f9:15:8e:c4:42:d1:db:3a:29:
7a:48:67:5d:fa:c9:a4:85:3c:c9:aa:0f:fe:3f:68:
fb:3a:ac:bc:4a:10:13:b6:6c:e2:df:63:fd:8f:aa:
0a:9d:7f:04:50:da:f5:65:7b:b5:55:09:14:62:2c:
78:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:81:F2:51:02:02:FA:F7:82:EA:72:1F:8B:69:AE:E6:B7:6C:23:27
X509v3 Authority Key Identifier:
keyid:50:9F:39:1F:29:D9:20:78:BA:6E:2C:76:FA:A2:F8:AE:94:73:43:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJ85HynZIHi6bix2-qL4rpRzQ-Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/WYHyUQIC-veC6nIfi2mu5rdsIyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/d5dd1a-7b59-4435-abdf-28d0f202e36d/1/UJ85HynZIHi6bix2-qL4rpRzQ-Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.76.0/22
185.130.156.0/22
185.214.220.0/22
IPv6:
2a07:6a80::/29
2a0d:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
9f:9f:05:d3:51:47:94:0a:2e:ff:b0:91:4e:47:53:08:84:be:
e6:91:59:dd:e6:6c:9f:df:62:c9:f6:b9:1a:e2:43:ea:49:55:
53:4a:3b:27:23:1d:fb:7b:15:d1:29:47:b7:d7:ba:60:b9:75:
23:63:12:73:17:c8:41:75:66:57:88:ce:86:3c:bd:61:1b:be:
d5:a0:27:de:ed:72:6b:a5:e9:ba:25:7e:33:62:e9:21:8d:04:
d3:47:e6:6a:69:5b:91:f0:a3:59:47:d4:bd:ad:66:8a:ec:1c:
3f:c2:5e:08:fa:c6:4c:13:cc:0a:c8:93:d8:3e:f3:fb:04:a1:
2d:5d:51:bc:5f:90:b5:ea:e3:d0:44:2c:a4:33:4b:4e:d8:c9:
af:ac:f7:30:ab:c4:50:6f:23:47:85:e6:44:c2:20:3e:ff:c9:
fa:b7:f0:92:a8:bb:ff:2f:19:c6:ca:64:da:b8:da:22:f5:58:
60:2a:1f:77:c0:3b:16:4b:80:3e:73:f8:8a:25:a6:6c:a2:6a:
b4:29:11:03:e9:f0:55:4a:96:22:2b:81:bd:f0:16:95:28:f0:
36:06:42:96:c2:b8:d6:9c:cf:9b:8d:32:cf:d7:b4:a3:b5:34:
6f:c9:60:b5:1b:ed:8a:00:d4:aa:dc:5c:88:eb:81:20:00:7d:
40:e7:3e:b0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYsT+HoBLEgFSpfV8ireaW8SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOWYzOTFmMjlkOTIwNzhiYTZlMmM3NmZhYTJmOGFlOTQ3
MzQzZTYwHhcNMjMxMDA5MTAyNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTgxZjI1MTAyMDJmYWY3ODJlYTcyMWY4YjY5YWVlNmI3NmMyMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUcuMwRekHDsKx3I49a8COLFTxZV
6eWPhBibJgUtPgh9ftDt8qrTX3AHtAfTgqr1i+SMbwKULeK0HVmDhucsaSAbnk21
xXKwj2Ze8jQnvgvTa7LF0zlDQo61usISEgbFw9Z3CkGFgt1zH+l5DqhtBnKBa78t
ex1FMjPSz+UzOBHXf5rMpD2lO5AKGOTdkHHnunvgXGoF986umaYpF4uT8HXeKgP7
PEFfWNiN0Xy5fcEuccR0y6n2oIKfHBquoSogADwR8N+Gnov5FY7EQtHbOil6SGdd
+smkhTzJqg/+P2j7Oqy8ShATtmzi32P9j6oKnX8EUNr1ZXu1VQkUYix46wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFFmB8lECAvr3gupyH4tprua3bCMnMB8GA1UdIwQY
MBaAFFCfOR8p2SB4um4sdvqi+K6Uc0PmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUo4NUh5blpJSGk2Yml4Mi1xTDRycFJ6US1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9kNWRkMWEtN2I1OS00NDM1LWFiZGYt
MjhkMGYyMDJlMzZkLzEvV1lIeVVRSUMtdmVDNm5JZmkybXU1cmRzSXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9kNWRkMWEtN2I1OS00NDM1LWFiZGYtMjhkMGYyMDJlMzZk
LzEvVUo4NUh5blpJSGk2Yml4Mi1xTDRycFJ6US1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCXPNMAwQC
uYKcAwQCudbcMBQEAgACMA4DBQMqB2qAAwUDKg3VwDANBgkqhkiG9w0BAQsFAAOC
AQEAn58F01FHlAou/7CRTkdTCIS+5pFZ3eZsn99iyfa5GuJD6klVU0o7JyMd+3sV
0SlHt9e6YLl1I2MScxfIQXVmV4jOhjy9YRu+1aAn3u1ya6XpuiV+M2LpIY0E00fm
amlbkfCjWUfUva1miuwcP8JeCPrGTBPMCsiT2D7z+wShLV1RvF+Qterj0EQspDNL
TtjJr6z3MKvEUG8jR4XmRMIgPv/J+rfwkqi7/y8Zxspk2rjaIvVYYCofd8A7FkuA
PnP4iiWmbKJqtCkRA+nwVUqWIiuBvfAWlSjwNgZClsK41pzPm40yz9e0o7U0b8lg
tRvtigDUqtxciOuBIAB9QOc+sA==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:55 2025 by rpki-client