Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/wkwa96AFtkx5MkPui9qdxpHK-G0.roa
File: wkwa96AFtkx5MkPui9qdxpHK-G0.roa (raw, json)
Hash identifier: F7F6ZJ5PldgUmaUEw4jpWp9CijWqNJUgMxYF8qIQqxo=
Subject key identifier: C2:4C:1A:F7:A0:05:B6:4C:79:32:43:EE:8B:DA:9D:C6:91:CA:F8:6D
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 0187F596FA62C348DAA2A36723CA4DFA4AF5
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/wkwa96AFtkx5MkPui9qdxpHK-G0.roa
Signing time: Sun 07 May 2023 09:42:05 +0000
ROA not before: Sun 07 May 2023 09:42:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.221.192.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.194.0/24 maxlen: 24
185.221.193.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
185.137.61.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
185.142.124.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.125.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
195.8.102.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
195.230.105.0/24 maxlen: 24
91.213.151.0/24 maxlen: 24
195.230.107.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
185.82.64.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
195.230.124.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
45.155.192.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.212.192.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:f5:96:fa:62:c3:48:da:a2:a3:67:23:ca:4d:fa:4a:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: May 7 09:42:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c24c1af7a005b64c793243ee8bda9dc691caf86d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7d:e6:61:04:8d:0e:e4:17:8f:7a:3a:bd:0b:
b6:09:9d:4e:33:2e:95:e3:1c:2e:d9:86:1b:5c:bf:
f4:f2:e2:aa:5c:62:82:e8:87:c8:38:21:62:34:6a:
46:55:05:51:36:e9:aa:7c:88:c6:a7:e1:59:b6:6b:
d9:75:3d:53:d9:be:34:34:9c:36:35:a3:51:e0:e9:
a7:9e:30:3d:ed:ea:61:c7:00:01:0a:f2:50:38:43:
86:57:91:55:d7:e3:04:30:36:d0:a7:14:d6:24:e8:
54:fc:e0:40:e4:55:62:fc:5e:6d:5c:05:70:4f:21:
3b:c0:de:85:ce:88:f4:cd:23:a4:50:16:81:00:e4:
85:0e:34:a7:89:37:1c:fd:c2:8b:a2:ee:a1:2b:75:
34:20:f6:a1:7e:ae:5c:13:f7:d0:d2:a2:c0:3e:17:
65:00:26:dd:70:7b:8c:68:3c:9c:b6:24:7d:bf:6e:
5b:5f:ef:eb:3b:aa:64:b1:45:0b:e4:49:80:e1:e5:
01:bd:36:e0:16:bd:c2:ef:bc:95:6d:be:ea:39:4e:
b1:fd:bc:36:76:16:fe:bf:ca:38:aa:58:28:2f:06:
5c:bb:8a:d4:2a:1d:2b:3d:ea:60:8b:4f:4b:27:32:
0a:4e:a4:5f:bc:e0:e4:54:df:4b:6c:df:a9:a4:2f:
9a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:4C:1A:F7:A0:05:B6:4C:79:32:43:EE:8B:DA:9D:C6:91:CA:F8:6D
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/wkwa96AFtkx5MkPui9qdxpHK-G0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.151.0/24
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.82.64.0/22
185.121.56.0/22
185.125.21.0-185.125.23.255
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/23
185.212.195.0/24
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.102.0/24
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
195.230.105.0/24
195.230.107.0/24
195.230.124.0/24
Signature Algorithm: sha256WithRSAEncryption
72:f6:76:9f:94:34:36:f5:40:7d:65:d3:de:18:1a:d5:80:0b:
6e:ea:a0:26:ef:a2:a1:09:38:b3:a5:31:25:de:75:53:10:d2:
0a:99:2b:0a:ac:a6:dd:06:0a:76:9f:5d:a0:74:e5:79:bd:19:
a3:b0:75:37:09:e0:d2:57:e0:af:96:58:df:9b:d1:41:92:e0:
3a:58:4b:65:63:6c:23:6f:0a:8d:82:16:11:52:ca:d7:22:1a:
fd:17:33:c4:04:07:d1:18:94:26:44:26:57:2c:ca:3a:2b:3c:
d5:d5:35:b2:84:b1:f6:1f:87:25:9d:33:53:9d:3e:84:08:00:
32:51:ac:a9:84:38:b5:17:e3:8a:c2:9e:ad:cf:78:9d:38:25:
92:2c:de:ab:a0:1d:a3:40:18:97:3d:9e:2e:e4:d8:2b:55:cc:
d6:42:58:4f:0c:a3:a6:d9:90:6f:43:e2:f8:70:b5:61:ad:78:
c8:b4:72:5d:7f:d7:ee:4b:65:b3:8f:29:da:39:34:d7:c1:51:
f5:7b:dc:d8:d5:03:25:b2:d6:81:03:e7:8d:da:c1:79:13:eb:
27:29:8e:cb:56:5e:1d:86:49:4b:3e:bf:a9:29:ec:24:9e:0b:
05:d7:ce:87:fb:8d:98:f8:0f:45:fe:84:57:d4:08:30:19:87:
16:b4:8d:97
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAYf1lvpiw0jaoqNnI8pN+kr1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwNTA3MDk0MjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjRjMWFmN2EwMDViNjRjNzkzMjQzZWU4YmRhOWRjNjkxY2FmODZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn3mYQSNDuQXj3o6vQu2CZ1OMy6V
4xwu2YYbXL/08uKqXGKC6IfIOCFiNGpGVQVRNumqfIjGp+FZtmvZdT1T2b40NJw2
NaNR4OmnnjA97ephxwABCvJQOEOGV5FV1+MEMDbQpxTWJOhU/OBA5FVi/F5tXAVw
TyE7wN6Fzoj0zSOkUBaBAOSFDjSniTcc/cKLou6hK3U0IPahfq5cE/fQ0qLAPhdl
ACbdcHuMaDyctiR9v25bX+/rO6pksUUL5EmA4eUBvTbgFr3C77yVbb7qOU6x/bw2
dhb+v8o4qlgoLwZcu4rUKh0rPepgi09LJzIKTqRfvODkVN9LbN+ppC+a3wIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFMJMGvegBbZMeTJD7ovancaRyvhtMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvd2t3YTk2QUZ0a3g1TWtQdWk5cWR4cEhLLUcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBsQQCAAEwgaoDBAIt
m8ADBABb1ZcDBABb1Z0DBABb1acDBABb1awDBAK5UkADBAK5eTgwDAMEALl9FQME
A7l9EAMEArmJPAMEArmOXAMEArmOfAMEAbnUwAMEALnUwwMEArndwAMEArnuLAME
AcH2rgMEAcH2yAMEAMMIZgMEAMMIbgMEAMMIcAMEAMMIcgMEAcO/FgMEAcO/LAME
AMPmYQMEAMPmaQMEAMPmawMEAMPmfDANBgkqhkiG9w0BAQsFAAOCAQEAcvZ2n5Q0
NvVAfWXT3hga1YALbuqgJu+ioQk4s6UxJd51UxDSCpkrCqym3QYKdp9doHTleb0Z
o7B1Nwng0lfgr5ZY35vRQZLgOlhLZWNsI28KjYIWEVLK1yIa/RczxAQH0RiUJkQm
VyzKOis81dU1soSx9h+HJZ0zU50+hAgAMlGsqYQ4tRfjisKerc94nTglkizeq6Ad
o0AYlz2eLuTYK1XM1kJYTwyjptmQb0Pi+HC1Ya14yLRyXX/X7ktls48p2jk018FR
9Xvc2NUDJbLWgQPnjdrBeRPrJymOy1ZeHYZJSz6/qSnsJJ4LBdfOh/uNmPgPRf6E
V9QIMBmHFrSNlw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:29:01 2025 by rpki-client