Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/w8NgdudpbG9SUUp3j3hzJ8CXn9E.roa
File: w8NgdudpbG9SUUp3j3hzJ8CXn9E.roa (raw, json)
Hash identifier: jYTUIZRkXeSlbXzuRZ3PjTdEtwM9J6VQcaO74EJou8U=
Subject key identifier: C3:C3:60:76:E7:69:6C:6F:52:51:4A:77:8F:78:73:27:C0:97:9F:D1
Certificate issuer: /CN=053e94501f0fd2cdea3c2e7b46318e6e7f515f73
Certificate serial: 01856FA6FE54C91E0104EA330CAA33F61555
Authority key identifier: 05:3E:94:50:1F:0F:D2:CD:EA:3C:2E:7B:46:31:8E:6E:7F:51:5F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT6UUB8P0s3qPC57RjGObn9RX3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/w8NgdudpbG9SUUp3j3hzJ8CXn9E.roa
Signing time: Sun 01 Jan 2023 23:24:53 +0000
ROA not before: Sun 01 Jan 2023 23:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13101
IP address blocks: 82.97.128.0/18 maxlen: 24
176.119.214.0/24 maxlen: 24
86.103.0.0/16 maxlen: 24
217.70.192.0/20 maxlen: 24
213.158.96.0/19 maxlen: 24
213.178.64.0/19 maxlen: 24
185.118.20.0/22 maxlen: 24
2a00:12d0::/29 maxlen: 29
2a03:c140::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a6:fe:54:c9:1e:01:04:ea:33:0c:aa:33:f6:15:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053e94501f0fd2cdea3c2e7b46318e6e7f515f73
Validity
Not Before: Jan 1 23:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3c36076e7696c6f52514a778f787327c0979fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:09:89:d2:04:16:53:f6:9d:24:e6:7c:66:a7:
9c:ea:41:af:81:2a:b7:0e:1c:2d:d0:ed:5e:b0:24:
cb:ad:3b:51:52:ea:38:d9:46:8b:a8:7c:2f:63:42:
50:ad:f4:db:1e:30:db:29:db:cd:21:61:39:23:1f:
6d:5c:13:c7:2b:92:57:b2:ad:7e:44:3b:06:2c:ef:
63:64:6a:32:8d:0a:d8:47:d6:d7:cb:1a:de:39:f6:
26:f3:87:0b:17:92:93:a9:15:8e:80:ab:f8:68:5a:
97:9c:ac:a5:9d:88:f3:9a:9a:76:79:d7:64:e8:53:
aa:10:ad:48:71:c8:75:8f:a5:f8:e6:62:2d:c1:d4:
07:87:c9:b8:f5:e7:c3:40:e0:04:87:fa:f2:54:e8:
b8:43:6d:7b:e9:2a:5e:a9:5c:19:4f:8c:69:6e:c5:
5e:34:88:e0:27:83:34:67:73:8e:cf:a9:62:73:f6:
9c:fe:5e:70:58:e3:93:2c:5d:17:81:92:49:86:e1:
26:93:fe:7d:3c:21:df:bb:8c:13:52:35:62:2e:db:
76:f3:b5:55:32:7f:ca:d3:6f:92:ca:7b:51:f9:a4:
8d:a5:60:e1:da:91:1e:77:36:16:78:ad:a4:4b:f2:
5c:07:6c:17:dc:0a:67:11:e5:48:8e:b6:cb:b7:02:
7f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:C3:60:76:E7:69:6C:6F:52:51:4A:77:8F:78:73:27:C0:97:9F:D1
X509v3 Authority Key Identifier:
keyid:05:3E:94:50:1F:0F:D2:CD:EA:3C:2E:7B:46:31:8E:6E:7F:51:5F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT6UUB8P0s3qPC57RjGObn9RX3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/w8NgdudpbG9SUUp3j3hzJ8CXn9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/56452b-4b93-41e5-a8a2-61b52637921b/1/BT6UUB8P0s3qPC57RjGObn9RX3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.128.0/18
86.103.0.0/16
176.119.214.0/24
185.118.20.0/22
213.158.96.0/19
213.178.64.0/19
217.70.192.0/20
IPv6:
2a00:12d0::/29
2a03:c140::/29
Signature Algorithm: sha256WithRSAEncryption
51:23:ae:c3:1a:ea:a3:4d:91:e5:95:67:13:4e:4e:d0:09:54:
01:83:f5:25:fc:00:e9:01:76:c8:4d:d1:df:24:24:aa:5e:73:
67:80:23:37:50:c2:36:b6:53:7d:a2:b6:e5:f2:ff:69:31:00:
03:03:9a:a9:92:87:9e:60:cb:ae:a3:20:d9:1e:f8:49:f9:0d:
5b:c8:c2:02:9e:52:f2:07:47:ef:7c:8b:22:45:df:ac:ed:d1:
c6:50:b5:de:2d:f1:d2:03:7f:1e:9f:9c:30:9d:d5:8c:c1:75:
79:af:88:2b:5b:eb:24:64:9e:bb:52:de:ed:2b:d8:2a:27:ba:
ff:f4:65:be:b7:5b:ed:91:8b:2f:32:ce:f2:50:04:b7:99:dc:
8d:a8:0d:1d:16:82:f4:9f:02:f4:6e:55:a4:5d:17:89:9a:9b:
4c:65:56:5a:63:13:65:4e:fb:6b:d0:65:89:ff:7e:ce:de:8e:
62:16:05:5d:28:8c:e0:27:ec:af:a4:7c:42:51:27:44:4f:13:
b9:8f:eb:9a:96:5f:c2:c2:72:bc:ab:d4:a2:87:18:86:85:df:
28:96:38:28:ad:13:5b:9e:86:d2:c1:58:5e:62:d5:56:35:24:
d7:6b:44:0f:a6:28:3d:e3:d5:47:f8:e0:55:09:b4:65:54:17:
c2:c2:5d:75
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVvpv5UyR4BBOozDKoz9hVVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2U5NDUwMWYwZmQyY2RlYTNjMmU3YjQ2MzE4ZTZlN2Y1
MTVmNzMwHhcNMjMwMTAxMjMyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2MzNjA3NmU3Njk2YzZmNTI1MTRhNzc4Zjc4NzMyN2MwOTc5ZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AmJ0gQWU/adJOZ8Zqec6kGvgSq3
Dhwt0O1esCTLrTtRUuo42UaLqHwvY0JQrfTbHjDbKdvNIWE5Ix9tXBPHK5JXsq1+
RDsGLO9jZGoyjQrYR9bXyxreOfYm84cLF5KTqRWOgKv4aFqXnKylnYjzmpp2eddk
6FOqEK1Icch1j6X45mItwdQHh8m49efDQOAEh/ryVOi4Q2176SpeqVwZT4xpbsVe
NIjgJ4M0Z3OOz6lic/ac/l5wWOOTLF0XgZJJhuEmk/59PCHfu4wTUjViLtt287VV
Mn/K02+SyntR+aSNpWDh2pEedzYWeK2kS/JcB2wX3ApnEeVIjrbLtwJ/QQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFMPDYHbnaWxvUlFKd494cyfAl5/RMB8GA1UdIwQY
MBaAFAU+lFAfD9LN6jwue0Yxjm5/UV9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQ2VVVCOFAwczNxUEM1N1JqR09ibjlSWDNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi81NjQ1MmItNGI5My00MWU1LWE4YTIt
NjFiNTI2Mzc5MjFiLzEvdzhOZ2R1ZHBiRzlTVVVwM2ozaHpKOENYbjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi81NjQ1MmItNGI5My00MWU1LWE4YTItNjFiNTI2Mzc5MjFi
LzEvQlQ2VVVCOFAwczNxUEM1N1JqR09ibjlSWDNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQGUmGAAwMA
VmcDBACwd9YDBAK5dhQDBAXVnmADBAXVskADBATZRsAwFAQCAAIwDgMFAyoAEtAD
BQMqA8FAMA0GCSqGSIb3DQEBCwUAA4IBAQBRI67DGuqjTZHllWcTTk7QCVQBg/Ul
/ADpAXbITdHfJCSqXnNngCM3UMI2tlN9orbl8v9pMQADA5qpkoeeYMuuoyDZHvhJ
+Q1byMICnlLyB0fvfIsiRd+s7dHGULXeLfHSA38en5wwndWMwXV5r4grW+skZJ67
Ut7tK9gqJ7r/9GW+t1vtkYsvMs7yUAS3mdyNqA0dFoL0nwL0blWkXReJmptMZVZa
YxNlTvtr0GWJ/37O3o5iFgVdKIzgJ+yvpHxCUSdETxO5j+uall/CwnK8q9SihxiG
hd8oljgorRNbnobSwVheYtVWNSTXa0QPpig949VH+OBVCbRlVBfCwl11
-----END CERTIFICATE-----
Generated at Mon Apr 14 17:12:16 2025 by rpki-client