Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/wbDOPf-SevRCIg-VJFkLLktUNXg.roa
File: wbDOPf-SevRCIg-VJFkLLktUNXg.roa (raw, json)
Hash identifier: BWrexdmg84g+kImjf6hrB3I3XeBw2I63htJ320swfR8=
Subject key identifier: C1:B0:CE:3D:FF:92:7A:F4:42:22:0F:95:24:59:0B:2E:4B:54:35:78
Certificate issuer: /CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Certificate serial: 01856ED4A54A5D3AB1502265DD0B6BB9DB9A
Authority key identifier: A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/wbDOPf-SevRCIg-VJFkLLktUNXg.roa
Signing time: Sun 01 Jan 2023 19:35:07 +0000
ROA not before: Sun 01 Jan 2023 19:35:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203206
IP address blocks: 185.204.101.0/24 maxlen: 24
2a10:8400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:a5:4a:5d:3a:b1:50:22:65:dd:0b:6b:b9:db:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a748fbe1d7d3a6aa474de43fa885ce2d091c529b
Validity
Not Before: Jan 1 19:35:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1b0ce3dff927af442220f9524590b2e4b543578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e9:62:da:83:92:2f:9c:24:8c:1c:dc:7e:2c:
a5:35:5c:f2:94:fe:bb:a7:44:3e:c8:68:29:13:1e:
a7:e7:29:80:0f:5c:60:e5:55:24:0d:54:18:78:f8:
28:58:fc:55:38:72:6a:d5:a3:6c:3a:d3:7d:e4:54:
d5:9b:66:d4:29:ed:19:ca:65:41:2f:0d:6c:c9:48:
bf:0b:ed:29:b6:ca:86:e7:e1:1e:6b:ec:83:0a:ce:
bc:38:1b:1d:a5:ed:c5:03:f3:76:4c:d5:22:25:ed:
ce:74:e1:38:10:b0:da:33:c0:a3:77:fa:f3:75:17:
bf:62:e7:82:d7:94:35:45:6e:d5:02:46:95:ec:7f:
c2:51:10:ac:54:90:79:21:54:72:dd:84:86:c6:cb:
b8:49:7b:a2:17:33:d4:8d:73:e8:96:11:d9:66:98:
2a:b2:c0:7f:6e:3b:20:10:27:6c:e7:fa:80:a0:4f:
2d:99:a4:4e:97:fc:ef:c2:63:28:36:bb:89:0f:ad:
cf:15:14:23:73:50:62:f5:e2:5a:09:7a:2e:68:3a:
0e:29:c1:2f:64:5d:10:cf:dc:91:f1:82:de:34:fd:
54:2c:88:ba:49:78:a3:c9:cf:25:ed:fa:a8:6e:eb:
3f:22:d4:31:0e:9b:40:ac:f7:70:e9:9e:75:22:58:
d3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:B0:CE:3D:FF:92:7A:F4:42:22:0F:95:24:59:0B:2E:4B:54:35:78
X509v3 Authority Key Identifier:
keyid:A7:48:FB:E1:D7:D3:A6:AA:47:4D:E4:3F:A8:85:CE:2D:09:1C:52:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0j74dfTpqpHTeQ_qIXOLQkcUps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/wbDOPf-SevRCIg-VJFkLLktUNXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/a723d8-d8cc-4e60-85ab-6c9b5c9bfa75/1/p0j74dfTpqpHTeQ_qIXOLQkcUps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.101.0/24
IPv6:
2a10:8400::/29
Signature Algorithm: sha256WithRSAEncryption
1b:5c:9d:51:17:c1:da:a2:87:ad:ef:86:67:d7:1a:a3:ab:5e:
1b:9c:6a:c6:5d:d1:59:43:41:5b:64:24:f0:92:90:0f:5c:2a:
d2:07:92:2c:f5:61:4c:d1:92:9d:a9:98:78:63:ad:e4:17:20:
99:8f:58:37:f3:ae:72:4a:e9:6c:43:3a:67:94:ac:e5:fa:62:
09:02:e1:d9:e8:00:84:d6:c0:30:bc:56:f4:2e:be:fb:27:ef:
fe:9f:12:48:96:68:dd:ea:3e:02:50:2b:e1:af:c5:a5:63:9c:
8d:63:f1:03:f3:4f:39:11:d4:b2:94:84:35:0e:69:88:6b:00:
21:41:9a:27:f1:38:ae:c6:8d:a1:88:63:37:af:bb:07:06:aa:
36:24:4c:4e:c9:d5:d3:26:9c:f2:0a:6c:53:53:ce:15:c3:c3:
c6:2d:f8:53:82:2f:58:9f:ff:e6:ed:d1:6c:51:3a:a7:f5:25:
79:cb:c0:c1:db:4f:67:0a:b3:9f:59:e2:35:eb:2c:fc:85:35:
88:e9:48:1f:28:9d:68:53:e0:08:46:cc:70:32:10:b0:a0:20:
fa:4a:7b:a4:01:c0:77:98:6a:ee:a3:2b:07:5b:7e:d7:68:42:
55:47:59:9c:5d:6f:80:a5:00:08:af:a9:89:a4:87:e8:bb:23:
d2:ac:39:3d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVu1KVKXTqxUCJl3QtruduaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NDhmYmUxZDdkM2E2YWE0NzRkZTQzZmE4ODVjZTJkMDkx
YzUyOWIwHhcNMjMwMTAxMTkzNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWIwY2UzZGZmOTI3YWY0NDIyMjBmOTUyNDU5MGIyZTRiNTQzNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOli2oOSL5wkjBzcfiylNVzylP67
p0Q+yGgpEx6n5ymAD1xg5VUkDVQYePgoWPxVOHJq1aNsOtN95FTVm2bUKe0ZymVB
Lw1syUi/C+0ptsqG5+Eea+yDCs68OBsdpe3FA/N2TNUiJe3OdOE4ELDaM8Cjd/rz
dRe/YueC15Q1RW7VAkaV7H/CURCsVJB5IVRy3YSGxsu4SXuiFzPUjXPolhHZZpgq
ssB/bjsgECds5/qAoE8tmaROl/zvwmMoNruJD63PFRQjc1Bi9eJaCXouaDoOKcEv
ZF0Qz9yR8YLeNP1ULIi6SXijyc8l7fqobus/ItQxDptArPdw6Z51IljThQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMGwzj3/knr0QiIPlSRZCy5LVDV4MB8GA1UdIwQY
MBaAFKdI++HX06aqR03kP6iFzi0JHFKbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWIt
NmM5YjVjOWJmYTc1LzEvd2JET1BmLVNldlJDSWctVkpGa0xMa3RVTlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9hNzIzZDgtZDhjYy00ZTYwLTg1YWItNmM5YjVjOWJmYTc1
LzEvcDBqNzRkZlRwcXBIVGVRX3FJWE9MUWtjVXBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucxlMA0E
AgACMAcDBQMqEIQAMA0GCSqGSIb3DQEBCwUAA4IBAQAbXJ1RF8Haooet74Zn1xqj
q14bnGrGXdFZQ0FbZCTwkpAPXCrSB5Is9WFM0ZKdqZh4Y63kFyCZj1g3865ySuls
QzpnlKzl+mIJAuHZ6ACE1sAwvFb0Lr77J+/+nxJIlmjd6j4CUCvhr8WlY5yNY/ED
8085EdSylIQ1DmmIawAhQZon8Tiuxo2hiGM3r7sHBqo2JExOydXTJpzyCmxTU84V
w8PGLfhTgi9Yn//m7dFsUTqn9SV5y8DB209nCrOfWeI16yz8hTWI6UgfKJ1oU+AI
RsxwMhCwoCD6SnukAcB3mGruoysHW37XaEJVR1mcXW+ApQAIr6mJpIfouyPSrDk9
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:19:41 2025 by rpki-client