Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa
File: W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa (raw, json)
Hash identifier: T5c+yGdTG+Z+fmVGm2a910eUXwC/Po+pzWoluM+gBhw=
Subject key identifier: 5B:A2:72:C8:B7:34:AA:24:20:D6:2D:42:CE:47:94:11:B3:21:FE:C9
Certificate issuer: /CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Certificate serial: 01856F0B5D697A27C7F6076C0D71D1689358
Authority key identifier: 89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa
Signing time: Sun 01 Jan 2023 20:34:53 +0000
ROA not before: Sun 01 Jan 2023 20:34:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62451
IP address blocks: 185.35.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:5d:69:7a:27:c7:f6:07:6c:0d:71:d1:68:93:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89b5fad18dd9110413a31b4d8e18765a27d4c3f1
Validity
Not Before: Jan 1 20:34:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ba272c8b734aa2420d62d42ce479411b321fec9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:08:94:8c:35:c6:39:cc:8d:50:76:db:fc:45:
52:1c:ce:34:25:79:06:d4:82:2b:5e:bc:3e:58:4e:
23:7e:d5:f4:ba:d4:5f:2e:3f:0b:77:1c:6e:cd:d2:
c0:67:53:9b:35:99:eb:90:0c:d0:5b:3f:90:d9:81:
3e:c0:23:56:cb:6c:5e:bb:cd:1e:92:4b:13:22:cd:
3b:ac:91:e3:fe:08:73:df:66:30:3e:ba:33:bc:13:
52:56:4a:fd:8e:fc:46:49:59:97:aa:50:fc:2c:39:
63:29:59:aa:5c:88:58:32:d8:16:63:fc:53:c6:14:
a0:b0:c7:93:98:d6:27:b8:89:42:e1:20:63:bf:32:
fe:65:cb:66:4e:5c:da:7c:2c:34:4f:e9:b2:8a:25:
7d:1c:d4:95:34:16:98:bb:fc:ef:d5:1a:03:67:db:
c5:5f:43:73:f7:e2:1d:58:8b:1e:92:a2:57:0b:a4:
ff:25:ef:8f:ce:5e:ea:0e:e3:82:9a:41:c2:18:79:
e7:3c:72:66:af:e1:8b:6e:a4:fa:a4:54:7b:47:f4:
d0:aa:bc:d9:72:3b:e6:e7:24:a9:db:6a:d7:37:41:
31:0b:f0:61:98:1b:6f:3f:a6:a1:13:45:d5:c7:a7:
13:d8:71:fe:cc:e5:51:09:63:9e:31:99:f5:14:a9:
15:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:A2:72:C8:B7:34:AA:24:20:D6:2D:42:CE:47:94:11:B3:21:FE:C9
X509v3 Authority Key Identifier:
keyid:89:B5:FA:D1:8D:D9:11:04:13:A3:1B:4D:8E:18:76:5A:27:D4:C3:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ibX60Y3ZEQQToxtNjhh2WifUw_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/W6JyyLc0qiQg1i1CzkeUEbMh_sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/901ad2-6c6c-43c6-a280-4250ce5517d9/1/ibX60Y3ZEQQToxtNjhh2WifUw_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:4a:e1:5f:94:f7:f2:16:02:fe:e0:65:d0:a4:19:c8:c7:06:
0f:6f:71:2c:2d:df:a1:df:d4:b4:ed:cf:42:be:ad:25:b6:b3:
2d:4b:54:0e:b9:f1:19:97:4e:0d:c3:bf:d8:df:ed:28:ea:2d:
43:9d:b3:f2:9c:a1:f4:d6:1e:f0:7a:3b:16:0b:b5:db:9e:72:
ab:91:7c:65:46:d6:28:5a:06:27:31:f5:c3:42:bc:a7:75:ce:
ec:e0:98:51:04:e4:26:27:5c:aa:53:ed:2b:8f:06:47:6b:97:
cc:ca:8c:fa:9c:d5:6e:9f:29:ad:59:b1:c7:8a:73:db:cf:2e:
54:ac:da:70:c9:4e:ff:25:a2:ee:f7:6a:15:44:34:9f:31:59:
cb:10:b2:2d:74:e9:f1:94:79:a8:bf:02:8c:67:57:c4:75:48:
63:eb:d3:80:96:30:ea:17:85:b5:d3:43:a3:fc:57:65:83:b7:
8a:bb:98:d1:e1:fa:74:c5:6b:03:f4:4e:b4:22:4d:fa:ea:eb:
bd:c7:df:fd:75:9e:a7:0c:eb:0b:b0:fa:82:57:a8:6f:ff:dd:
ca:70:3c:04:ca:06:f0:50:fa:48:3a:45:63:40:5d:8b:9c:09:
c4:96:82:dd:2d:d2:d6:0c:5f:aa:db:10:aa:6c:5c:48:6a:bb:
f6:ad:aa:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC11peifH9gdsDXHRaJNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YjVmYWQxOGRkOTExMDQxM2EzMWI0ZDhlMTg3NjVhMjdk
NGMzZjEwHhcNMjMwMTAxMjAzNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmEyNzJjOGI3MzRhYTI0MjBkNjJkNDJjZTQ3OTQxMWIzMjFmZWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQiUjDXGOcyNUHbb/EVSHM40JXkG
1IIrXrw+WE4jftX0utRfLj8LdxxuzdLAZ1ObNZnrkAzQWz+Q2YE+wCNWy2xeu80e
kksTIs07rJHj/ghz32YwProzvBNSVkr9jvxGSVmXqlD8LDljKVmqXIhYMtgWY/xT
xhSgsMeTmNYnuIlC4SBjvzL+ZctmTlzafCw0T+myiiV9HNSVNBaYu/zv1RoDZ9vF
X0Nz9+IdWIsekqJXC6T/Je+Pzl7qDuOCmkHCGHnnPHJmr+GLbqT6pFR7R/TQqrzZ
cjvm5ySp22rXN0ExC/BhmBtvP6ahE0XVx6cT2HH+zOVRCWOeMZn1FKkVjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFuicsi3NKokINYtQs5HlBGzIf7JMB8GA1UdIwQY
MBaAFIm1+tGN2REEE6MbTY4Ydlon1MPxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAt
NDI1MGNlNTUxN2Q5LzEvVzZKeXlMYzBxaVFnMWkxQ3prZVVFYk1oX3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS85MDFhZDItNmM2Yy00M2M2LWEyODAtNDI1MGNlNTUxN2Q5
LzEvaWJYNjBZM1pFUVFUb3h0TmpoaDJXaWZVd19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSOYMA0G
CSqGSIb3DQEBCwUAA4IBAQBrSuFflPfyFgL+4GXQpBnIxwYPb3EsLd+h39S07c9C
vq0ltrMtS1QOufEZl04Nw7/Y3+0o6i1DnbPynKH01h7wejsWC7XbnnKrkXxlRtYo
WgYnMfXDQryndc7s4JhRBOQmJ1yqU+0rjwZHa5fMyoz6nNVunymtWbHHinPbzy5U
rNpwyU7/JaLu92oVRDSfMVnLELItdOnxlHmovwKMZ1fEdUhj69OAljDqF4W100Oj
/Fdlg7eKu5jR4fp0xWsD9E60Ik366uu9x9/9dZ6nDOsLsPqCV6hv/93KcDwEygbw
UPpIOkVjQF2LnAnEloLdLdLWDF+q2xCqbFxIarv2rao2
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:09:59 2025 by rpki-client