Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa
File: WSb4zaTWXHAyTO69X4l6qYl4j-E.roa (raw, json)
Hash identifier: 9qCYGk+u3DNcM2vEhgfZua1BW+q18Mt2zJk6GCNjvDM=
Subject key identifier: 59:26:F8:CD:A4:D6:5C:70:32:4C:EE:BD:5F:89:7A:A9:89:78:8F:E1
Certificate issuer: /CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Certificate serial: 095B93D1
Authority key identifier: 9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa
Signing time: Fri 03 Jun 2022 10:41:29 +0000
ROA not before: Fri 03 Jun 2022 10:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35237
IP address blocks: 185.157.96.0/23 maxlen: 24
84.252.144.0/24 maxlen: 24
84.252.144.0/23 maxlen: 24
84.252.145.0/24 maxlen: 24
185.157.99.0/24 maxlen: 24
84.252.149.0/24 maxlen: 24
84.252.147.0/24 maxlen: 24
84.252.146.0/24 maxlen: 24
91.217.194.0/24 maxlen: 24
194.54.15.0/24 maxlen: 24
194.54.14.0/24 maxlen: 24
195.43.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 156996561 (0x95b93d1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a526a73ce8f9f62c14a11a2ea913ec273d58c46
Validity
Not Before: Jun 3 10:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5926f8cda4d65c70324ceebd5f897aa989788fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:87:48:b7:d6:84:a0:6a:10:29:b4:4f:ae:e2:
56:16:a6:65:40:38:49:54:d3:80:c6:9b:9c:e5:66:
cc:25:91:be:60:ec:7a:65:b4:77:be:fc:3a:2f:6d:
ba:6e:5c:59:a4:bd:81:dc:59:f3:ab:44:56:b1:fb:
86:61:1e:94:ea:0a:7a:07:40:cd:02:6d:ac:72:3c:
33:13:3d:fe:3d:a5:7c:cd:37:62:82:63:0d:44:98:
36:ae:4b:8a:c8:e4:b9:33:86:51:65:7f:dd:aa:04:
6c:7b:ca:0a:0c:ee:99:cc:42:a8:59:53:74:03:29:
7c:49:8d:fb:47:bc:92:f0:0c:5a:dc:9f:bd:02:2c:
2a:78:be:c7:3c:d4:0c:5e:0c:80:ee:58:66:af:30:
19:17:e0:a9:60:18:dd:cc:5a:dd:10:3e:f2:81:32:
cb:06:08:2c:84:82:fa:ad:fd:7f:05:30:0b:a5:03:
14:b4:fe:4c:8a:46:db:1b:66:a6:3a:4a:02:2b:43:
15:cf:2b:9e:5b:6c:df:89:a6:2a:be:82:66:78:00:
7d:7c:dd:87:5a:c2:30:b0:06:40:42:cc:77:0b:36:
cf:47:9d:aa:e9:da:25:ed:60:63:0d:57:58:15:1b:
77:25:b2:04:53:c9:c3:5f:73:47:7d:97:d0:3e:13:
af:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:26:F8:CD:A4:D6:5C:70:32:4C:EE:BD:5F:89:7A:A9:89:78:8F:E1
X509v3 Authority Key Identifier:
keyid:9A:52:6A:73:CE:8F:9F:62:C1:4A:11:A2:EA:91:3E:C2:73:D5:8C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mlJqc86Pn2LBShGi6pE-wnPVjEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/WSb4zaTWXHAyTO69X4l6qYl4j-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/6fcdca-d121-4391-9cfc-7d16b90dbe72/1/mlJqc86Pn2LBShGi6pE-wnPVjEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.144.0/22
84.252.149.0/24
91.217.194.0/24
185.157.96.0/23
185.157.99.0/24
194.54.14.0/23
195.43.144.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:9e:3e:f7:2d:4b:e5:96:3f:1f:d8:9b:d9:5b:4a:a8:28:c2:
4e:9c:ef:74:1e:7b:85:ae:e1:66:34:18:49:fe:88:be:a4:26:
27:88:03:03:8f:48:b0:47:7e:43:dd:41:50:96:52:f9:24:2a:
da:b7:9d:55:91:e8:f5:34:66:52:fc:ea:21:33:b1:0e:58:bb:
15:7f:b6:83:71:1c:2c:c7:d0:9c:ac:3d:b2:97:ef:2b:41:5e:
c7:ba:1a:a0:df:f8:22:ca:f0:20:1c:3b:55:41:64:f8:60:f1:
25:a7:ab:70:d0:dc:46:86:43:80:71:60:e3:1e:c5:93:6a:51:
e1:53:50:6a:77:a9:3e:04:09:13:08:72:8a:61:ff:5f:e0:9c:
1d:84:49:45:59:2e:46:13:87:9d:ea:0a:61:f6:f2:8c:7b:f3:
40:30:f2:a0:61:4d:0c:1d:78:9d:12:53:ff:aa:82:3b:d5:bb:
89:f3:c6:2a:cd:a3:d6:6c:ef:78:7e:59:43:43:e5:e8:3c:4d:
dd:4f:df:e0:37:75:15:f8:99:ef:d0:5c:5a:bd:7f:3d:34:2f:
2f:fe:3b:52:55:09:8d:17:c3:d7:be:74:71:51:8e:a3:0a:ae:
7c:b5:b6:c0:60:9f:ac:3f:b1:ba:b7:c4:1e:67:85:8a:44:9f:
63:96:b6:86
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECVuT0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YTUyNmE3M2NlOGY5ZjYyYzE0YTExYTJlYTkxM2VjMjczZDU4YzQ2MB4XDTIyMDYw
MzEwNDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTkyNmY4Y2RhNGQ2
NWM3MDMyNGNlZWJkNWY4OTdhYTk4OTc4OGZlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANuHSLfWhKBqECm0T67iVhamZUA4SVTTgMabnOVmzCWRvmDs
emW0d778Oi9tum5cWaS9gdxZ86tEVrH7hmEelOoKegdAzQJtrHI8MxM9/j2lfM03
YoJjDUSYNq5LisjkuTOGUWV/3aoEbHvKCgzumcxCqFlTdAMpfEmN+0e8kvAMWtyf
vQIsKni+xzzUDF4MgO5YZq8wGRfgqWAY3cxa3RA+8oEyywYILISC+q39fwUwC6UD
FLT+TIpG2xtmpjpKAitDFc8rnlts34mmKr6CZngAfXzdh1rCMLAGQELMdws2z0ed
qunaJe1gYw1XWBUbdyWyBFPJw19zR32X0D4TryMCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRZJvjNpNZccDJM7r1fiXqpiXiP4TAfBgNVHSMEGDAWgBSaUmpzzo+fYsFK
EaLqkT7Cc9WMRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21sSnFjODZQbjJMQlNoR2k2cEUtd25QVmpFWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvNmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8x
L1dTYjR6YVRXWEhBeVRPNjlYNGw2cVlsNGotRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
NmZjZGNhLWQxMjEtNDM5MS05Y2ZjLTdkMTZiOTBkYmU3Mi8xL21sSnFjODZQbjJM
QlNoR2k2cEUtd25QVmpFWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAlT8kAMEAFT8lQMEAFvZwgMEAbmd
YAMEALmdYwMEAcI2DgMEAMMrkDANBgkqhkiG9w0BAQsFAAOCAQEAX54+9y1L5ZY/
H9ib2VtKqCjCTpzvdB57ha7hZjQYSf6IvqQmJ4gDA49IsEd+Q91BUJZS+SQq2red
VZHo9TRmUvzqITOxDli7FX+2g3EcLMfQnKw9spfvK0Fex7oaoN/4IsrwIBw7VUFk
+GDxJaercNDcRoZDgHFg4x7Fk2pR4VNQanepPgQJEwhyimH/X+CcHYRJRVkuRhOH
neoKYfbyjHvzQDDyoGFNDB14nRJT/6qCO9W7ifPGKs2j1mzveH5ZQ0Pl6DxN3U/f
4Dd1FfiZ79BcWr1/PTQvL/47UlUJjRfD1750cVGOowqufLW2wGCfrD+xurfEHmeF
ikSfY5a2hg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:37:05 2025 by rpki-client