Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/WNoPKEpr-p6FQxu3HOB79Ot-U6I.roa
File: WNoPKEpr-p6FQxu3HOB79Ot-U6I.roa (raw, json)
Hash identifier: 8U3kud+skFpq/nB2Yuae7oHuKlAyLIkfZCAS50lfGUo=
Subject key identifier: 58:DA:0F:28:4A:6B:FA:9E:85:43:1B:B7:1C:E0:7B:F4:EB:7E:53:A2
Certificate issuer: /CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Certificate serial: 1972F529
Authority key identifier: E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/WNoPKEpr-p6FQxu3HOB79Ot-U6I.roa
Signing time: Sat 01 Jan 2022 01:56:28 +0000
ROA not before: Sat 01 Jan 2022 01:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3292
IP address blocks: 185.143.148.0/22 maxlen: 22
91.142.112.0/20 maxlen: 20
2a00:17b0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 426964265 (0x1972f529)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Validity
Not Before: Jan 1 01:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58da0f284a6bfa9e85431bb71ce07bf4eb7e53a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:14:fe:c9:96:0f:86:64:e5:54:7c:50:72:eb:
52:0c:e8:61:e8:21:3e:d8:b4:a6:de:fd:0e:85:40:
59:b2:b4:e8:10:89:ba:ba:71:c7:29:61:22:fd:18:
27:d7:e7:bc:18:4c:3f:95:a1:02:8d:6d:1e:57:6e:
d0:20:15:4d:fa:01:b8:94:cf:44:11:e3:28:b0:cf:
8c:58:70:5c:05:d1:67:0f:a0:8d:40:31:6d:a3:15:
b7:d5:af:b7:6d:06:76:92:ba:e9:9b:dd:59:0e:6c:
b6:4d:2a:af:61:24:80:a8:fa:33:9c:c0:f9:56:9c:
c3:e8:d2:45:4c:16:25:75:31:1a:6e:17:33:16:71:
41:09:bb:9e:0c:5a:d7:c5:b6:1f:8e:59:21:8b:2c:
5e:66:74:19:41:11:fd:3b:0f:75:ff:df:2b:a8:6b:
e4:a8:83:62:0a:fd:09:68:7b:2f:f5:cc:0a:b1:bd:
1c:48:06:36:d5:b0:e7:2e:c7:cd:5c:da:fd:ab:ca:
72:1d:18:32:8a:79:16:5c:95:b5:44:d1:f2:f8:05:
d2:8b:58:9c:22:48:c4:6c:8a:02:8a:7b:36:9e:e1:
ff:c4:6b:b7:06:97:42:d0:58:f0:55:ce:b3:1e:3b:
e2:c3:43:06:ae:61:93:80:c1:c3:4a:9f:4f:c5:9d:
37:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:DA:0F:28:4A:6B:FA:9E:85:43:1B:B7:1C:E0:7B:F4:EB:7E:53:A2
X509v3 Authority Key Identifier:
keyid:E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/WNoPKEpr-p6FQxu3HOB79Ot-U6I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.112.0/20
185.143.148.0/22
IPv6:
2a00:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
65:0c:d2:7d:94:0b:c5:d3:1e:1e:6b:60:5c:45:25:72:bf:1f:
40:2d:cc:6d:e6:16:60:68:d8:1b:00:a5:4c:6d:3a:4c:0c:a0:
53:ae:4a:93:cd:e8:0c:37:d8:8e:e4:92:83:25:51:a7:fa:bb:
ab:e7:ab:60:75:26:58:44:ca:ad:28:8d:b4:4e:f0:00:9b:49:
02:ad:1b:89:c3:7e:08:f0:30:80:f8:38:bf:30:85:87:8d:71:
85:4d:5f:7c:b1:13:b3:6b:96:f1:5c:c1:b0:27:dc:05:ff:e5:
dd:72:0e:1a:6a:f6:9e:f6:d9:65:21:1c:2e:e3:40:b1:df:7d:
6c:04:24:00:51:11:e7:6d:86:87:32:a1:c9:65:aa:0f:a7:f8:
29:65:f6:47:4f:0c:d5:95:a8:af:e1:14:4a:e2:71:ee:73:55:
26:22:68:46:23:88:eb:d2:52:83:93:c8:da:e8:62:4e:61:2d:
a3:b9:47:35:8a:12:91:3e:83:fb:26:12:d7:ac:49:5b:37:53:
b8:00:f8:60:16:4f:f6:f1:42:b8:73:d5:50:53:13:1a:18:7d:
ab:a8:05:9a:48:c3:7d:25:6e:98:b5:0d:2e:ff:4f:7e:15:4f:
b9:49:a2:c5:57:92:73:d3:36:10:9d:19:85:8e:ee:f5:3c:c6:
fc:93:0c:d1
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGXL1KTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGEzMmU4YTZhYzZmNmVjMzc4NjBlZTdjMDdlYjhkZjkzMTQ3Nzc5MB4XDTIyMDEw
MTAxNTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNThkYTBmMjg0YTZi
ZmE5ZTg1NDMxYmI3MWNlMDdiZjRlYjdlNTNhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKAU/smWD4Zk5VR8UHLrUgzoYeghPti0pt79DoVAWbK06BCJ
urpxxylhIv0YJ9fnvBhMP5WhAo1tHldu0CAVTfoBuJTPRBHjKLDPjFhwXAXRZw+g
jUAxbaMVt9Wvt20GdpK66ZvdWQ5stk0qr2EkgKj6M5zA+Vacw+jSRUwWJXUxGm4X
MxZxQQm7ngxa18W2H45ZIYssXmZ0GUER/TsPdf/fK6hr5KiDYgr9CWh7L/XMCrG9
HEgGNtWw5y7HzVza/avKch0YMop5FlyVtUTR8vgF0otYnCJIxGyKAop7Np7h/8Rr
twaXQtBY8FXOsx474sNDBq5hk4DBw0qfT8WdN6MCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRY2g8oSmv6noVDG7cc4Hv0635TojAfBgNVHSMEGDAWgBTooy6Kasb27DeG
DufAfrjfkxR3eTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZLTXVpbXJHOXV3M2hnN253SDY0MzVNVWQzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTMvYzRiZmQ0LWEwYTEtNDMzNC04NjBhLTRmYTUzN2RiZTJlOS8x
L1dOb1BLRXByLXA2RlF4dTNIT0I3OU90LVU2SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTMv
YzRiZmQ0LWEwYTEtNDMzNC04NjBhLTRmYTUzN2RiZTJlOS8xLzZLTXVpbXJHOXV3
M2hnN253SDY0MzVNVWQzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBFuOcAMEArmPlDANBAIAAjAHAwUA
KgAXsDANBgkqhkiG9w0BAQsFAAOCAQEAZQzSfZQLxdMeHmtgXEUlcr8fQC3MbeYW
YGjYGwClTG06TAygU65Kk83oDDfYjuSSgyVRp/q7q+erYHUmWETKrSiNtE7wAJtJ
Aq0bicN+CPAwgPg4vzCFh41xhU1ffLETs2uW8VzBsCfcBf/l3XIOGmr2nvbZZSEc
LuNAsd99bAQkAFER522GhzKhyWWqD6f4KWX2R08M1ZWor+EUSuJx7nNVJiJoRiOI
69JSg5PI2uhiTmEto7lHNYoSkT6D+yYS16xJWzdTuAD4YBZP9vFCuHPVUFMTGhh9
q6gFmkjDfSVumLUNLv9PfhVPuUmixVeSc9M2EJ0ZhY7u9TzG/JMM0Q==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:01 2025 by rpki-client