Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/w2PqgSyYNPZ54d5ftFihzUx9_s0.roa
File: w2PqgSyYNPZ54d5ftFihzUx9_s0.roa (raw, json)
Hash identifier: 1zkTzMXeJWLIWypwihl+Ya48T6jpfVY9ox4opmmKj0U=
Subject key identifier: C3:63:EA:81:2C:98:34:F6:79:E1:DE:5F:B4:58:A1:CD:4C:7D:FE:CD
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 01856F1DC53596CE0C2C525CDCBE5CF1F2F6
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/w2PqgSyYNPZ54d5ftFihzUx9_s0.roa
Signing time: Sun 01 Jan 2023 20:54:59 +0000
ROA not before: Sun 01 Jan 2023 20:54:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2043
IP address blocks: 185.2.174.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:1d:c5:35:96:ce:0c:2c:52:5c:dc:be:5c:f1:f2:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 1 20:54:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c363ea812c9834f679e1de5fb458a1cd4c7dfecd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2e:19:61:09:49:27:b9:fe:5e:8f:f6:de:84:
70:44:9c:82:59:02:c8:f8:6a:86:69:29:17:b0:63:
44:2d:41:b1:fe:bc:00:1e:2f:e9:2a:68:2c:99:71:
4a:52:17:61:37:2d:be:b2:42:3c:d8:b8:5f:e4:3a:
38:21:14:20:59:14:d4:66:b2:22:53:2a:46:d6:83:
8e:b0:c2:f5:59:48:36:c7:19:fb:9d:a2:03:ff:2e:
8d:47:60:b3:dd:33:18:0e:73:0f:bc:2e:6e:2d:fc:
10:87:cb:04:df:84:dd:99:f3:6b:25:ab:45:4b:54:
77:d4:98:c8:30:ac:35:d5:0b:82:f1:2d:9f:f6:b5:
99:b0:ed:8c:8a:89:66:b7:72:75:fe:92:f4:f0:63:
f9:ad:09:c4:63:10:60:33:8d:28:ef:75:e5:11:c3:
20:05:5d:b2:c8:45:41:0a:26:54:a6:9c:1f:d5:cd:
8b:9d:7e:c8:57:f3:2f:75:2c:01:73:ac:6e:93:e7:
f1:8d:7a:91:7b:52:1f:c9:58:47:e5:31:73:69:c7:
81:7c:c6:ff:7f:dd:44:48:a4:69:83:82:27:72:13:
54:66:87:0a:9a:2e:97:83:3c:7a:56:8e:71:32:d2:
73:31:75:2d:a3:2c:dc:36:a8:ab:13:eb:ea:09:32:
e4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:63:EA:81:2C:98:34:F6:79:E1:DE:5F:B4:58:A1:CD:4C:7D:FE:CD
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/w2PqgSyYNPZ54d5ftFihzUx9_s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.174.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:4a:b0:e3:62:6b:4b:66:a8:3d:81:65:e2:89:6e:f4:09:07:
b5:d6:80:20:2c:bb:33:c5:38:29:04:3b:12:f1:60:fb:cd:6c:
86:c7:3e:2b:82:38:fb:c8:a5:f4:7f:aa:36:3a:3a:92:64:b3:
36:b8:8e:eb:c7:d5:fa:a1:e8:cc:7a:dd:6d:ca:33:bd:95:9e:
d5:0b:d8:5e:a1:b9:c3:17:a1:0a:e7:0f:b8:f7:1d:ba:28:c3:
10:78:14:4c:cf:49:cc:69:f2:e4:02:3f:26:a9:f4:c8:45:fb:
5a:6d:76:e9:a4:26:84:30:be:2c:12:d5:0a:40:c9:85:ee:81:
88:7c:6b:5e:cf:4a:3d:ab:cd:9e:73:b4:ab:ba:75:76:33:09:
07:8c:69:8f:c3:ff:a5:20:8c:52:bb:63:2e:4a:d3:57:61:11:
b2:33:c5:17:c9:bf:25:fc:08:f5:ec:be:be:6b:f6:7c:96:c2:
6b:47:73:32:2e:2d:e7:fc:e7:fa:2e:3f:95:e4:d5:28:64:c8:
85:0f:83:ed:ab:b4:b5:81:32:bb:a2:e9:7e:0d:e6:c1:6d:1f:
aa:09:e4:9a:3c:e1:51:ef:a4:f1:07:b9:88:51:1b:58:7f:38:
39:a2:36:10:b4:d3:25:27:91:4d:e3:c1:98:1c:01:f3:3a:4a:
aa:3c:9c:92
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvHcU1ls4MLFJc3L5c8fL2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjMwMTAxMjA1NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzYzZWE4MTJjOTgzNGY2NzllMWRlNWZiNDU4YTFjZDRjN2RmZWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjS4ZYQlJJ7n+Xo/23oRwRJyCWQLI
+GqGaSkXsGNELUGx/rwAHi/pKmgsmXFKUhdhNy2+skI82Lhf5Do4IRQgWRTUZrIi
UypG1oOOsML1WUg2xxn7naID/y6NR2Cz3TMYDnMPvC5uLfwQh8sE34TdmfNrJatF
S1R31JjIMKw11QuC8S2f9rWZsO2Miolmt3J1/pL08GP5rQnEYxBgM40o73XlEcMg
BV2yyEVBCiZUppwf1c2LnX7IV/MvdSwBc6xuk+fxjXqRe1IfyVhH5TFzaceBfMb/
f91ESKRpg4InchNUZocKmi6Xgzx6Vo5xMtJzMXUtoyzcNqirE+vqCTLkVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMNj6oEsmDT2eeHeX7RYoc1Mff7NMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvdzJQcWdTeVlOUFo1NGQ1ZnRGaWh6VXg5X3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuQKuMA0G
CSqGSIb3DQEBCwUAA4IBAQBKSrDjYmtLZqg9gWXiiW70CQe11oAgLLszxTgpBDsS
8WD7zWyGxz4rgjj7yKX0f6o2OjqSZLM2uI7rx9X6oejMet1tyjO9lZ7VC9heobnD
F6EK5w+49x26KMMQeBRMz0nMafLkAj8mqfTIRftabXbppCaEML4sEtUKQMmF7oGI
fGtez0o9q82ec7SrunV2MwkHjGmPw/+lIIxSu2MuStNXYRGyM8UXyb8l/Aj17L6+
a/Z8lsJrR3MyLi3n/Of6Lj+V5NUoZMiFD4Ptq7S1gTK7oul+DebBbR+qCeSaPOFR
76TxB7mIURtYfzg5ojYQtNMlJ5FN48GYHAHzOkqqPJyS
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:20 2025 by rpki-client