Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/Wn3newh5xo6Nwyjy-Pd6wSrnQUU.roa
File: Wn3newh5xo6Nwyjy-Pd6wSrnQUU.roa (raw, json)
Hash identifier: EG5bGS/FadOxCli8eAzh1z8DYmJpVSNdJOMIGRajS3Q=
Subject key identifier: 5A:7D:E7:7B:08:79:C6:8E:8D:C3:28:F2:F8:F7:7A:C1:2A:E7:41:45
Certificate issuer: /CN=729b33de6051d04d75f6bb1f7e53b1efd6646211
Certificate serial: 343E5383
Authority key identifier: 72:9B:33:DE:60:51:D0:4D:75:F6:BB:1F:7E:53:B1:EF:D6:64:62:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cpsz3mBR0E119rsfflOx79ZkYhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/Wn3newh5xo6Nwyjy-Pd6wSrnQUU.roa
Signing time: Sat 01 Jan 2022 05:59:40 +0000
ROA not before: Sat 01 Jan 2022 05:59:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2872
IP address blocks: 185.152.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 876499843 (0x343e5383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=729b33de6051d04d75f6bb1f7e53b1efd6646211
Validity
Not Before: Jan 1 05:59:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a7de77b0879c68e8dc328f2f8f77ac12ae74145
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:45:df:6e:72:e0:0f:1b:d6:d3:62:df:24:3b:
93:6a:c0:93:86:18:9a:2f:81:61:fe:5f:20:7e:4b:
1e:03:68:a8:0e:3f:29:cc:6e:da:6a:dd:a0:75:b1:
75:af:a7:28:f4:78:98:06:70:c0:51:f1:86:07:ac:
4d:03:e6:21:61:a1:ec:81:48:69:27:79:68:2e:bd:
e9:5c:ea:0b:b3:c6:92:57:1a:ed:3d:99:d3:b0:b1:
62:f1:f9:fc:de:b4:b1:bc:9e:50:f7:58:8f:1b:58:
fe:c4:3d:b6:5b:c1:b0:d3:9f:bb:ba:91:dc:fd:52:
c5:e4:df:bf:c5:16:9a:8d:a8:f1:0f:1e:e1:b0:b2:
06:b4:c0:eb:ae:68:15:40:8e:c8:3a:01:7f:6e:02:
d0:a7:19:a0:f0:02:02:0b:c7:0e:fa:12:e0:86:4b:
04:47:c9:2c:95:02:52:3b:c3:a7:5f:2b:03:4c:5e:
fa:fa:a4:4d:a6:4f:6c:e6:d7:c6:59:b7:84:eb:25:
fb:c6:13:8a:dc:7f:d4:f9:3b:b0:44:59:cf:52:44:
49:86:b1:fa:1b:0a:11:c4:04:17:96:58:3b:2e:0e:
e6:51:c8:bf:40:15:3a:08:85:e7:e7:0a:55:3c:45:
cf:1c:0b:44:56:24:a2:62:a7:25:ef:be:dc:6a:8e:
f8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:7D:E7:7B:08:79:C6:8E:8D:C3:28:F2:F8:F7:7A:C1:2A:E7:41:45
X509v3 Authority Key Identifier:
keyid:72:9B:33:DE:60:51:D0:4D:75:F6:BB:1F:7E:53:B1:EF:D6:64:62:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cpsz3mBR0E119rsfflOx79ZkYhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/Wn3newh5xo6Nwyjy-Pd6wSrnQUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/2d9541-eb7e-4a1a-b84b-6ea279a2e6cb/1/cpsz3mBR0E119rsfflOx79ZkYhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.90.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:38:c4:8f:9e:27:f1:bf:f2:ad:77:fc:31:4b:03:9c:24:f1:
77:a4:1b:e3:e6:a3:21:8a:6d:b3:a4:20:79:a6:70:3d:6f:d2:
89:6d:2d:10:54:a6:a2:e1:d1:98:5d:8e:bc:aa:81:78:25:a4:
c0:0c:3e:9a:e5:0d:d3:34:ac:b4:15:b8:ba:91:0c:97:12:b3:
4c:fa:9b:99:bf:90:da:60:ca:f7:7e:65:64:46:1b:8f:3d:60:
6f:bb:cc:0d:2a:63:51:86:15:14:d4:3d:50:eb:b7:1d:7d:d1:
5d:cb:14:b7:02:1c:71:21:e7:1f:ca:7a:3c:40:2a:ea:c4:23:
15:0a:eb:77:5a:10:61:7c:f0:01:a2:12:dd:c5:16:21:08:8f:
ec:d3:ac:98:e7:ad:fb:ce:c8:da:af:f3:90:35:fc:b1:27:e0:
f0:b8:b7:b3:ce:8c:ca:94:f3:13:9e:25:4b:4f:c0:fe:fe:45:
5a:ff:7a:78:65:39:bc:d6:99:ec:2e:d5:7f:ce:50:ad:ac:c6:
21:9b:c2:4a:cf:a1:28:8d:13:c7:6c:d1:72:aa:c3:25:8b:13:
3c:8c:76:10:9a:6d:51:03:5b:4b:6f:1a:33:01:ff:d0:02:58:
5b:6f:a0:f2:a9:02:16:cb:7f:c2:9a:6c:51:33:3c:4d:65:d6:
c6:4e:ed:a2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEND5TgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MjliMzNkZTYwNTFkMDRkNzVmNmJiMWY3ZTUzYjFlZmQ2NjQ2MjExMB4XDTIyMDEw
MTA1NTk0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWE3ZGU3N2IwODc5
YzY4ZThkYzMyOGYyZjhmNzdhYzEyYWU3NDE0NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJtF325y4A8b1tNi3yQ7k2rAk4YYmi+BYf5fIH5LHgNoqA4/
Kcxu2mrdoHWxda+nKPR4mAZwwFHxhgesTQPmIWGh7IFIaSd5aC696VzqC7PGklca
7T2Z07CxYvH5/N60sbyeUPdYjxtY/sQ9tlvBsNOfu7qR3P1SxeTfv8UWmo2o8Q8e
4bCyBrTA665oFUCOyDoBf24C0KcZoPACAgvHDvoS4IZLBEfJLJUCUjvDp18rA0xe
+vqkTaZPbObXxlm3hOsl+8YTitx/1Pk7sERZz1JESYax+hsKEcQEF5ZYOy4O5lHI
v0AVOgiF5+cKVTxFzxwLRFYkomKnJe++3GqO+J8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRafed7CHnGjo3DKPL493rBKudBRTAfBgNVHSMEGDAWgBRymzPeYFHQTXX2
ux9+U7Hv1mRiETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Nwc3ozbUJSMEUxMTlyc2ZmbE94Nzlaa1loRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvMmQ5NTQxLWViN2UtNGExYS1iODRiLTZlYTI3OWEyZTZjYi8x
L1duM25ld2g1eG82Tnd5anktUGQ2d1NyblFVVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
MmQ5NTQxLWViN2UtNGExYS1iODRiLTZlYTI3OWEyZTZjYi8xL2Nwc3ozbUJSMEUx
MTlyc2ZmbE94Nzlaa1loRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmYWjANBgkqhkiG9w0BAQsFAAOC
AQEAwDjEj54n8b/yrXf8MUsDnCTxd6Qb4+ajIYpts6QgeaZwPW/SiW0tEFSmouHR
mF2OvKqBeCWkwAw+muUN0zSstBW4upEMlxKzTPqbmb+Q2mDK935lZEYbjz1gb7vM
DSpjUYYVFNQ9UOu3HX3RXcsUtwIccSHnH8p6PEAq6sQjFQrrd1oQYXzwAaIS3cUW
IQiP7NOsmOet+87I2q/zkDX8sSfg8Li3s86MypTzE54lS0/A/v5FWv96eGU5vNaZ
7C7Vf85QrazGIZvCSs+hKI0Tx2zRcqrDJYsTPIx2EJptUQNbS28aMwH/0AJYW2+g
8qkCFst/wppsUTM8TWXWxk7tog==
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:20:08 2025 by rpki-client