Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/WjIgG6WOZpcf8uYEjLP58hk3cAc.roa
File: WjIgG6WOZpcf8uYEjLP58hk3cAc.roa (raw, json)
Hash identifier: v1yAuQS2CG0XGasU/L6zgGdPxdYMCPOBHWFId3o3rKo=
Subject key identifier: 5A:32:20:1B:A5:8E:66:97:1F:F2:E6:04:8C:B3:F9:F2:19:37:70:07
Certificate issuer: /CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Certificate serial: 0C537F35
Authority key identifier: 6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/WjIgG6WOZpcf8uYEjLP58hk3cAc.roa
Signing time: Sat 01 Jan 2022 02:56:11 +0000
ROA not before: Sat 01 Jan 2022 02:56:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8315
IP address blocks: 91.223.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 206798645 (0xc537f35)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Validity
Not Before: Jan 1 02:56:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5a32201ba58e66971ff2e6048cb3f9f219377007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:54:be:6a:8f:1a:eb:bc:9f:bb:6f:78:f5:53:
da:07:be:79:b2:db:c8:23:91:48:62:69:fb:5c:56:
f7:c1:9b:cc:dc:f4:87:3c:5b:e4:21:90:ac:01:57:
9c:1d:05:7b:ae:77:5c:5a:8a:e5:93:3f:98:95:33:
3e:b1:22:9b:a6:5e:4e:53:a0:2f:a6:6f:ec:45:b1:
9e:00:68:af:71:98:14:23:cb:34:e7:dc:7a:52:c6:
12:2f:71:0e:2a:ea:bd:6c:66:70:29:2c:d3:06:5e:
a3:33:08:a0:cc:f4:e5:3f:af:10:10:50:3b:b3:6f:
12:89:80:13:c6:d1:a8:69:32:13:85:b9:a7:2e:ae:
12:1c:5e:8e:52:82:93:78:03:38:4c:f0:bd:91:dd:
99:81:d3:af:fb:6d:ac:9c:ef:d8:7b:d8:aa:a3:68:
d6:7b:f3:a3:30:af:ad:cb:3a:43:a7:92:23:c8:b1:
bf:b2:cd:3c:46:cb:82:d9:87:03:a7:cd:ef:0a:9f:
30:7f:ad:3f:3d:6b:f3:8e:4c:3c:10:73:71:12:ea:
01:ae:ea:d3:e0:60:16:6f:f5:8a:80:15:47:ff:e8:
47:b5:9b:15:07:7b:2e:8e:6a:92:a7:18:40:7a:86:
25:59:db:a0:65:2f:b0:14:7e:88:f6:c7:0f:db:2a:
a0:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:32:20:1B:A5:8E:66:97:1F:F2:E6:04:8C:B3:F9:F2:19:37:70:07
X509v3 Authority Key Identifier:
keyid:6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/WjIgG6WOZpcf8uYEjLP58hk3cAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.124.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:ab:cc:4e:54:19:18:02:2b:d4:a6:1c:7e:9b:ec:50:53:5d:
4d:14:5a:0e:8f:af:e7:ce:12:3f:05:8e:db:67:1c:ba:1f:67:
e9:51:fa:70:68:5c:e2:b0:9f:45:bf:79:bc:55:0d:83:58:04:
03:dc:bb:a0:f1:5f:b2:bf:6a:cc:7e:51:e5:cc:19:34:60:df:
d2:b5:29:90:37:18:9e:e8:00:7f:0f:c4:d7:c0:5d:f1:b4:87:
25:37:25:b0:a8:8f:62:c6:05:10:92:74:3d:18:a6:2a:e2:50:
23:f6:08:16:3d:ac:b5:fc:0a:ab:cb:e1:ff:05:d7:ff:1a:71:
9d:aa:23:86:e2:81:e4:cf:6d:e6:cb:eb:be:ea:ed:21:f2:10:
ac:90:b7:35:5c:40:6b:36:1d:02:03:5a:ef:61:9f:47:76:77:
eb:7a:0c:63:07:05:46:aa:8a:ee:8d:4f:bf:86:a7:6f:73:74:
4a:d5:c9:95:81:2c:b2:7e:ca:cc:ad:5a:7c:1b:cf:41:9d:43:
26:c4:68:79:c3:31:04:54:83:33:94:b2:45:5a:d0:f0:d5:20:
80:9f:d0:f4:13:aa:22:d0:25:9b:66:49:fc:08:5f:3f:00:29:
b7:a9:fd:ab:ed:b7:b9:57:f1:e1:b4:2f:b9:81:7b:aa:f3:93:
a3:7c:6e:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDFN/NTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
Zjg1YTRkNTY0MjgzYTdmZGRmNjM0NTY5N2Q2YmMzMzczYTMyMjQ2MB4XDTIyMDEw
MTAyNTYxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWEzMjIwMWJhNThl
NjY5NzFmZjJlNjA0OGNiM2Y5ZjIxOTM3NzAwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVUvmqPGuu8n7tvePVT2ge+ebLbyCORSGJp+1xW98GbzNz0
hzxb5CGQrAFXnB0Fe653XFqK5ZM/mJUzPrEim6ZeTlOgL6Zv7EWxngBor3GYFCPL
NOfcelLGEi9xDirqvWxmcCks0wZeozMIoMz05T+vEBBQO7NvEomAE8bRqGkyE4W5
py6uEhxejlKCk3gDOEzwvZHdmYHTr/ttrJzv2HvYqqNo1nvzozCvrcs6Q6eSI8ix
v7LNPEbLgtmHA6fN7wqfMH+tPz1r845MPBBzcRLqAa7q0+BgFm/1ioAVR//oR7Wb
FQd7Lo5qkqcYQHqGJVnboGUvsBR+iPbHD9sqoEsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRaMiAbpY5mlx/y5gSMs/nyGTdwBzAfBgNVHSMEGDAWgBRvhaTVZCg6f932
NFaX1rwzc6MiRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2I0V2sxV1FvT25fZDlqUldsOWE4TTNPaklrWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvOThkZmZhLTgxMGItNDliNS1hZGRkLTA2MWZjMWFlYjE1OC8x
L1dqSWdHNldPWnBjZjh1WUVqTFA1OGhrM2NBYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
OThkZmZhLTgxMGItNDliNS1hZGRkLTA2MWZjMWFlYjE1OC8xL2I0V2sxV1FvT25f
ZDlqUldsOWE4TTNPaklrWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvffDANBgkqhkiG9w0BAQsFAAOC
AQEAvavMTlQZGAIr1KYcfpvsUFNdTRRaDo+v584SPwWO22ccuh9n6VH6cGhc4rCf
Rb95vFUNg1gEA9y7oPFfsr9qzH5R5cwZNGDf0rUpkDcYnugAfw/E18Bd8bSHJTcl
sKiPYsYFEJJ0PRimKuJQI/YIFj2stfwKq8vh/wXX/xpxnaojhuKB5M9t5svrvurt
IfIQrJC3NVxAazYdAgNa72GfR3Z363oMYwcFRqqK7o1Pv4anb3N0StXJlYEssn7K
zK1afBvPQZ1DJsRoecMxBFSDM5SyRVrQ8NUggJ/Q9BOqItAlm2ZJ/AhfPwApt6n9
q+23uVfx4bQvuYF7qvOTo3xuAA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:39 2025 by rpki-client