Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/wXpy-3oWCCkT00LWOenwKIHf5ic.roa
File: wXpy-3oWCCkT00LWOenwKIHf5ic.roa (raw, json)
Hash identifier: TO3EMIsA5XnX2/wVN1R/Y1arlGI5wu/YtrF0mdA0Gow=
Subject key identifier: C1:7A:72:FB:7A:16:08:29:13:D3:42:D6:39:E9:F0:28:81:DF:E6:27
Certificate issuer: /CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Certificate serial: 01856F024E90B921433DCB7AE554989B6218
Authority key identifier: BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/wXpy-3oWCCkT00LWOenwKIHf5ic.roa
Signing time: Sun 01 Jan 2023 20:25:00 +0000
ROA not before: Sun 01 Jan 2023 20:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57052
IP address blocks: 2a00:ad40:10::/44 maxlen: 44
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:4e:90:b9:21:43:3d:cb:7a:e5:54:98:9b:62:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcce590711ae7fcb016eeb7376b0a7fc7661cb13
Validity
Not Before: Jan 1 20:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c17a72fb7a16082913d342d639e9f02881dfe627
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ef:86:49:86:68:87:c8:62:52:af:f1:e3:b4:
e4:cb:3e:96:5a:2c:83:a6:42:65:c9:2c:af:c8:e0:
d8:95:cd:53:55:51:97:bd:35:ac:53:37:04:1a:69:
c8:2d:d6:de:8d:eb:40:93:8a:e7:25:da:d1:f4:18:
07:72:4f:e5:7c:1d:2f:52:3f:30:4e:e2:0b:d7:cc:
fd:23:c2:e9:35:8a:d2:84:3b:5d:93:fc:cc:5c:0d:
eb:cc:a4:ae:ca:3d:9a:7e:6b:a7:4e:1b:54:1b:2c:
9d:e2:21:44:51:04:81:93:3e:a2:44:68:c9:83:22:
ec:55:f1:4d:58:0e:f7:26:72:71:54:bd:47:a6:41:
14:e4:35:ba:44:00:c9:54:47:c1:d8:7c:9a:ce:d9:
df:b6:3e:20:8a:a2:2d:76:a6:d3:89:6f:0e:40:d8:
37:ae:1d:e6:94:75:2e:97:30:6a:96:8f:48:58:11:
cd:7c:53:6d:1f:7a:3d:09:14:7b:5b:84:d1:59:9a:
71:1b:40:32:a5:c6:c8:75:73:4a:50:39:2a:89:34:
c3:8a:a7:10:e2:f8:15:db:e8:0a:eb:ea:bd:0a:95:
ae:a0:63:9f:cf:b5:a0:d9:7d:ce:c7:b7:b8:26:91:
e5:79:ed:d9:bc:82:0d:1a:e7:1e:1b:a6:58:7a:41:
65:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:7A:72:FB:7A:16:08:29:13:D3:42:D6:39:E9:F0:28:81:DF:E6:27
X509v3 Authority Key Identifier:
keyid:BC:CE:59:07:11:AE:7F:CB:01:6E:EB:73:76:B0:A7:FC:76:61:CB:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vM5ZBxGuf8sBbutzdrCn_HZhyxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/wXpy-3oWCCkT00LWOenwKIHf5ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/ac6b91-edaf-4486-934e-05db497ac455/1/vM5ZBxGuf8sBbutzdrCn_HZhyxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ad40:10::/44
Signature Algorithm: sha256WithRSAEncryption
22:7a:17:25:e6:2b:de:50:aa:5b:fa:46:95:8f:0c:8a:c9:20:
92:d8:6e:0b:14:2a:31:03:6d:a9:df:71:fd:89:a0:6e:b2:bd:
87:7d:9a:d2:d6:b8:8b:c8:9d:bf:eb:72:9c:b7:d1:7f:af:e6:
22:99:06:8e:5d:d4:8d:81:1e:99:da:16:33:80:f9:58:c5:5c:
81:a9:1f:bc:ed:a4:1c:c1:9a:77:97:9a:f1:9c:44:1a:2c:ae:
b6:97:ec:14:d3:94:83:12:e2:bb:48:ee:b3:86:68:02:e2:29:
96:c6:0e:e9:5b:11:73:81:e1:67:66:5e:a8:5f:b1:4e:91:6e:
c8:5a:0c:3c:17:32:08:12:c3:67:17:04:7f:bb:47:f1:f5:16:
8c:56:66:fa:87:4c:65:40:ab:c6:e6:ff:95:d0:52:cd:ed:18:
ac:35:2f:33:47:d3:54:3b:9a:40:9d:3a:e1:d2:6f:9b:b8:c9:
eb:a4:af:e6:a5:5d:ba:2a:53:1a:ff:33:dc:0a:f1:d6:73:31:
ca:90:8f:79:58:88:b3:c9:98:6c:85:f3:27:8e:fb:cc:e3:b1:
43:86:e3:c4:47:3f:8a:f3:c5:c0:21:51:9a:00:d4:63:89:fe:
b2:0b:6c:43:12:64:9f:7d:37:a8:0a:2a:e8:95:99:20:c1:cb:
ed:d2:60:ca
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYVvAk6QuSFDPct65VSYm2IYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjY2U1OTA3MTFhZTdmY2IwMTZlZWI3Mzc2YjBhN2ZjNzY2
MWNiMTMwHhcNMjMwMTAxMjAyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTdhNzJmYjdhMTYwODI5MTNkMzQyZDYzOWU5ZjAyODgxZGZlNjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqe+GSYZoh8hiUq/x47Tkyz6WWiyD
pkJlySyvyODYlc1TVVGXvTWsUzcEGmnILdbejetAk4rnJdrR9BgHck/lfB0vUj8w
TuIL18z9I8LpNYrShDtdk/zMXA3rzKSuyj2afmunThtUGyyd4iFEUQSBkz6iRGjJ
gyLsVfFNWA73JnJxVL1HpkEU5DW6RADJVEfB2Hyaztnftj4giqItdqbTiW8OQNg3
rh3mlHUulzBqlo9IWBHNfFNtH3o9CRR7W4TRWZpxG0AypcbIdXNKUDkqiTTDiqcQ
4vgV2+gK6+q9CpWuoGOfz7Wg2X3Ox7e4JpHlee3ZvIINGuceG6ZYekFlCwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFMF6cvt6FggpE9NC1jnp8CiB3+YnMB8GA1UdIwQY
MBaAFLzOWQcRrn/LAW7rc3awp/x2YcsTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUt
MDVkYjQ5N2FjNDU1LzEvd1hweS0zb1dDQ2tUMDBMV09lbndLSUhmNWljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9hYzZiOTEtZWRhZi00NDg2LTkzNGUtMDVkYjQ5N2FjNDU1
LzEvdk01WkJ4R3VmOHNCYnV0emRyQ25fSFpoeXhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgCtQAAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAiehcl5iveUKpb+kaVjwyKySCS2G4LFCoxA22p
33H9iaBusr2HfZrS1riLyJ2/63Kct9F/r+YimQaOXdSNgR6Z2hYzgPlYxVyBqR+8
7aQcwZp3l5rxnEQaLK62l+wU05SDEuK7SO6zhmgC4imWxg7pWxFzgeFnZl6oX7FO
kW7IWgw8FzIIEsNnFwR/u0fx9RaMVmb6h0xlQKvG5v+V0FLN7RisNS8zR9NUO5pA
nTrh0m+buMnrpK/mpV26KlMa/zPcCvHWczHKkI95WIizyZhshfMnjvvM47FDhuPE
Rz+K88XAIVGaANRjif6yC2xDEmSffTeoCirolZkgwcvt0mDK
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:12:40 2025 by rpki-client