Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/WDHCqpnqXvfpjdl7Jo9AyrhB2C4.roa
File: WDHCqpnqXvfpjdl7Jo9AyrhB2C4.roa (raw, json)
Hash identifier: 0IkzY7mqQHlIxeGTr1uy9OJPWgWAvcLAE6FfPIwfm5o=
Subject key identifier: 58:31:C2:AA:99:EA:5E:F7:E9:8D:D9:7B:26:8F:40:CA:B8:41:D8:2E
Certificate issuer: /CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Certificate serial: 01865672D9AD6C2B6B8891488DFDC73023ED
Authority key identifier: 97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/WDHCqpnqXvfpjdl7Jo9AyrhB2C4.roa
Signing time: Wed 15 Feb 2023 19:00:12 +0000
ROA not before: Wed 15 Feb 2023 19:00:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 2.59.202.0/23 maxlen: 23
88.218.150.0/23 maxlen: 23
85.209.6.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:72:d9:ad:6c:2b:6b:88:91:48:8d:fd:c7:30:23:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Validity
Not Before: Feb 15 19:00:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5831c2aa99ea5ef7e98dd97b268f40cab841d82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:69:1b:a6:be:af:ec:05:b9:81:7e:06:f1:3b:
e6:61:e3:14:e1:0c:f0:2f:d7:9c:fd:13:f1:11:67:
01:c8:a7:db:31:e8:fb:fe:4b:54:c4:58:5d:e1:ea:
7d:2b:21:99:47:db:5d:f3:23:1b:7c:67:fb:6a:80:
15:ef:3d:53:c5:3d:05:64:f5:98:00:26:3a:64:1b:
47:7e:25:a6:bc:6b:81:ed:01:0b:d9:3c:88:85:f1:
7f:ff:2a:a0:4b:99:f8:e0:63:d8:b3:ad:99:a4:d8:
79:22:d3:35:da:87:d5:0b:0e:8f:aa:31:22:8c:19:
4f:c1:55:2c:71:d4:f7:68:a4:69:ae:8e:06:49:4c:
59:c7:5d:28:a4:7e:56:3d:82:12:df:e6:93:b9:20:
57:05:f7:b3:35:5a:69:48:4e:2b:02:24:da:62:24:
a2:f4:47:0e:52:d9:d9:95:79:c7:5e:a5:9a:f7:dc:
2f:dc:c0:2e:9b:86:8b:3e:c0:8f:f0:02:7b:f5:d5:
7f:32:60:aa:80:89:1e:90:f2:e0:31:28:ea:80:46:
74:89:9e:f5:ad:ff:ad:f7:fd:45:ef:d8:d7:1b:56:
12:12:b1:d6:df:a6:de:e6:5b:84:7b:3b:53:48:21:
45:fa:47:25:fb:92:91:e4:e2:a0:a5:39:a2:f3:28:
1e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:31:C2:AA:99:EA:5E:F7:E9:8D:D9:7B:26:8F:40:CA:B8:41:D8:2E
X509v3 Authority Key Identifier:
keyid:97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/WDHCqpnqXvfpjdl7Jo9AyrhB2C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/lzvsM65zjJiViBnGwTuzNe40q0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.202.0/23
85.209.6.0/23
88.218.150.0/23
Signature Algorithm: sha256WithRSAEncryption
43:1e:ff:75:8b:d3:26:d8:68:4d:44:f7:0e:69:bb:90:37:35:
09:af:97:e4:0f:c5:41:15:5b:7f:b8:b5:50:51:d3:c0:f3:4a:
07:f5:ba:27:da:d3:1d:87:03:6c:1b:4a:fd:4f:ce:3d:e2:8b:
d7:e8:5d:3e:b1:ae:71:40:f3:1f:dd:4c:81:6d:b8:9f:76:d8:
cc:2d:f7:a2:25:19:6c:69:78:ac:e2:4c:c3:fb:10:6d:24:07:
d1:a4:38:75:38:59:7b:55:d2:f1:b2:10:97:fc:85:c8:f9:aa:
65:9f:08:1f:78:a5:48:a4:bf:9f:1d:fa:89:9f:4a:67:11:6a:
0b:f9:31:46:1f:83:2e:04:8c:5c:ca:3a:5b:c1:03:3e:5a:7a:
b7:60:06:19:8b:c8:41:aa:3c:53:fc:64:d1:35:6c:48:ce:5b:
1f:26:af:73:ca:5e:a9:e1:79:3c:39:bf:9e:31:ee:2f:03:46:
b3:f7:e6:95:2e:f3:14:fe:21:f6:5d:a3:52:e0:22:d5:f8:04:
33:3c:7c:37:80:c8:b6:95:80:42:61:98:7d:83:3e:f7:75:74:
67:fa:18:a7:68:68:bf:f4:44:6b:a4:ef:89:a9:9a:84:0c:49:
8a:71:94:11:92:67:af:2d:76:b4:60:2d:1f:3d:97:6a:e0:52:
b1:ef:55:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZWctmtbCtriJFIjf3HMCPtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3M2JlYzMzYWU3MzhjOTg5NTg4MTljNmMxM2JiMzM1ZWUz
NGFiNGMwHhcNMjMwMjE1MTkwMDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODMxYzJhYTk5ZWE1ZWY3ZTk4ZGQ5N2IyNjhmNDBjYWI4NDFkODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlmkbpr6v7AW5gX4G8TvmYeMU4Qzw
L9ec/RPxEWcByKfbMej7/ktUxFhd4ep9KyGZR9td8yMbfGf7aoAV7z1TxT0FZPWY
ACY6ZBtHfiWmvGuB7QEL2TyIhfF//yqgS5n44GPYs62ZpNh5ItM12ofVCw6PqjEi
jBlPwVUscdT3aKRpro4GSUxZx10opH5WPYIS3+aTuSBXBfezNVppSE4rAiTaYiSi
9EcOUtnZlXnHXqWa99wv3MAum4aLPsCP8AJ79dV/MmCqgIkekPLgMSjqgEZ0iZ71
rf+t9/1F79jXG1YSErHW36be5luEeztTSCFF+kcl+5KR5OKgpTmi8ygeAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFgxwqqZ6l736Y3ZeyaPQMq4QdguMB8GA1UdIwQY
MBaAFJc77DOuc4yYlYgZxsE7szXuNKtMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQt
YzQyZjlhYmYxNDc3LzEvV0RIQ3FwbnFYdmZwamRsN0pvOUF5cmhCMkM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQtYzQyZjlhYmYxNDc3
LzEvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBAjvKAwQB
VdEGAwQBWNqWMA0GCSqGSIb3DQEBCwUAA4IBAQBDHv91i9Mm2GhNRPcOabuQNzUJ
r5fkD8VBFVt/uLVQUdPA80oH9bon2tMdhwNsG0r9T8494ovX6F0+sa5xQPMf3UyB
bbifdtjMLfeiJRlsaXis4kzD+xBtJAfRpDh1OFl7VdLxshCX/IXI+aplnwgfeKVI
pL+fHfqJn0pnEWoL+TFGH4MuBIxcyjpbwQM+Wnq3YAYZi8hBqjxT/GTRNWxIzlsf
Jq9zyl6p4Xk8Ob+eMe4vA0az9+aVLvMU/iH2XaNS4CLV+AQzPHw3gMi2lYBCYZh9
gz73dXRn+hinaGi/9ERrpO+JqZqEDEmKcZQRkmevLXa0YC0fPZdq4FKx71VM
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:25 2025 by rpki-client