Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/W8bWBAB8lcbbRO1mhesKGq3amw4.roa
File: W8bWBAB8lcbbRO1mhesKGq3amw4.roa (raw, json)
Hash identifier: 45XeE0H2zurPBTOxqxfAdosxK4nxnV1XXek1DMKoq3w=
Subject key identifier: 5B:C6:D6:04:00:7C:95:C6:DB:44:ED:66:85:EB:0A:1A:AD:DA:9B:0E
Certificate issuer: /CN=b83b5cdb65ecc5bd746d8b74982831a6d8dc1053
Certificate serial: 018572B4027F41312660EEAB3E9941461EE5
Authority key identifier: B8:3B:5C:DB:65:EC:C5:BD:74:6D:8B:74:98:28:31:A6:D8:DC:10:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uDtc22Xsxb10bYt0mCgxptjcEFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/W8bWBAB8lcbbRO1mhesKGq3amw4.roa
Signing time: Mon 02 Jan 2023 13:37:57 +0000
ROA not before: Mon 02 Jan 2023 13:37:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60111
IP address blocks: 185.193.236.0/22 maxlen: 22
2a0a:4140::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:02:7f:41:31:26:60:ee:ab:3e:99:41:46:1e:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b83b5cdb65ecc5bd746d8b74982831a6d8dc1053
Validity
Not Before: Jan 2 13:37:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5bc6d604007c95c6db44ed6685eb0a1aadda9b0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:5c:43:5b:6f:50:6f:c8:15:c2:2f:4b:75:5a:
ed:3c:12:cd:86:4e:e8:c1:b3:53:b9:94:8a:fb:c8:
38:c2:1a:52:50:6a:f9:dc:f8:34:45:bd:41:30:4e:
89:75:c7:ed:4b:b3:72:ef:3c:f3:8e:d1:3b:66:26:
d8:68:4c:e8:3e:0c:53:f4:19:23:6f:1a:14:99:42:
68:72:35:b0:d8:ca:b5:3c:3b:76:59:22:e7:fc:e2:
9f:f9:9c:45:15:16:da:a4:e5:5c:19:83:2b:15:c9:
1a:19:88:81:52:c7:57:e4:da:55:94:58:56:10:42:
7d:28:cc:11:57:be:af:e3:63:f0:4c:72:07:a5:fc:
a6:84:28:1c:b2:98:ce:01:d1:34:83:fe:9d:87:f4:
b5:55:95:d5:58:b2:92:22:cd:7e:b2:36:43:80:47:
17:08:e2:3b:d2:c1:54:0b:5e:bc:c5:d4:40:36:9c:
b0:60:76:1e:76:b9:4e:12:f3:9b:66:0a:4b:b2:7d:
47:a9:76:0e:64:29:0b:07:34:04:75:08:83:8a:13:
20:92:6a:f1:66:ed:6f:56:9a:0b:ff:3a:85:6e:a1:
ca:a7:96:05:a5:80:03:de:64:a7:29:8b:fd:8a:b1:
ac:a3:c5:2c:78:2f:53:ff:02:f8:fa:89:b3:f3:d0:
3c:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:C6:D6:04:00:7C:95:C6:DB:44:ED:66:85:EB:0A:1A:AD:DA:9B:0E
X509v3 Authority Key Identifier:
keyid:B8:3B:5C:DB:65:EC:C5:BD:74:6D:8B:74:98:28:31:A6:D8:DC:10:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uDtc22Xsxb10bYt0mCgxptjcEFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/W8bWBAB8lcbbRO1mhesKGq3amw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/4b8f5a-24e0-4ede-a4ab-50c78916f8e3/1/uDtc22Xsxb10bYt0mCgxptjcEFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.193.236.0/22
IPv6:
2a0a:4140::/29
Signature Algorithm: sha256WithRSAEncryption
59:fa:fd:0b:9e:fd:f9:c2:f6:41:9d:53:4b:c0:00:b0:eb:19:
4a:b5:a1:34:6b:ad:31:49:91:6a:80:1c:d2:31:dc:ae:8a:ba:
a6:26:6b:53:7b:29:97:2f:0a:c1:f1:0b:20:55:25:f8:cc:6c:
a5:b1:fd:47:e3:e1:28:03:f9:1c:87:0d:f8:c7:05:e3:10:1b:
e0:1a:85:cb:d8:d4:c1:4f:ae:c6:12:73:93:72:b9:4d:8d:30:
3a:2b:79:0f:e1:a5:ee:72:f8:dc:08:15:f5:08:c7:b5:ba:40:
b8:8e:13:52:26:64:71:ab:51:66:07:40:2d:f2:0b:17:02:34:
cf:38:3c:38:cf:60:98:62:37:68:11:a4:24:38:96:0d:4e:01:
11:3d:0e:09:4c:32:bf:68:0d:a7:4a:1f:d4:33:7d:cb:a9:37:
5f:42:09:dc:be:9f:f3:10:9b:bf:c9:37:47:b7:10:09:a7:c0:
e9:c0:fb:b7:3d:c1:34:5f:c8:4d:a4:a4:89:73:0e:be:2d:6f:
09:97:1d:3c:bf:25:6b:98:8e:52:aa:8e:60:65:28:af:ed:a3:
e4:81:80:72:f8:c2:e0:1e:c4:45:85:4c:28:17:d9:78:3d:dd:
ca:d2:20:13:69:c4:db:a0:0e:60:be:28:e6:26:fd:3a:c4:38:
6b:7c:39:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVytAJ/QTEmYO6rPplBRh7lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4M2I1Y2RiNjVlY2M1YmQ3NDZkOGI3NDk4MjgzMWE2ZDhk
YzEwNTMwHhcNMjMwMTAyMTMzNzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmM2ZDYwNDAwN2M5NWM2ZGI0NGVkNjY4NWViMGExYWFkZGE5YjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFxDW29Qb8gVwi9LdVrtPBLNhk7o
wbNTuZSK+8g4whpSUGr53Pg0Rb1BME6JdcftS7Ny7zzzjtE7ZibYaEzoPgxT9Bkj
bxoUmUJocjWw2Mq1PDt2WSLn/OKf+ZxFFRbapOVcGYMrFckaGYiBUsdX5NpVlFhW
EEJ9KMwRV76v42PwTHIHpfymhCgcspjOAdE0g/6dh/S1VZXVWLKSIs1+sjZDgEcX
COI70sFUC168xdRANpywYHYedrlOEvObZgpLsn1HqXYOZCkLBzQEdQiDihMgkmrx
Zu1vVpoL/zqFbqHKp5YFpYAD3mSnKYv9irGso8UseC9T/wL4+omz89A8HwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFvG1gQAfJXG20TtZoXrChqt2psOMB8GA1UdIwQY
MBaAFLg7XNtl7MW9dG2LdJgoMabY3BBTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUR0YzIyWHN4YjEwYll0MG1DZ3hwdGpjRUZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS80YjhmNWEtMjRlMC00ZWRlLWE0YWIt
NTBjNzg5MTZmOGUzLzEvVzhiV0JBQjhsY2JiUk8xbWhlc0tHcTNhbXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS80YjhmNWEtMjRlMC00ZWRlLWE0YWItNTBjNzg5MTZmOGUz
LzEvdUR0YzIyWHN4YjEwYll0MG1DZ3hwdGpjRUZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCucHsMA0E
AgACMAcDBQMqCkFAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ+v0Lnv35wvZBnVNLwACw
6xlKtaE0a60xSZFqgBzSMdyuirqmJmtTeymXLwrB8QsgVSX4zGylsf1H4+EoA/kc
hw34xwXjEBvgGoXL2NTBT67GEnOTcrlNjTA6K3kP4aXucvjcCBX1CMe1ukC4jhNS
JmRxq1FmB0At8gsXAjTPODw4z2CYYjdoEaQkOJYNTgERPQ4JTDK/aA2nSh/UM33L
qTdfQgncvp/zEJu/yTdHtxAJp8DpwPu3PcE0X8hNpKSJcw6+LW8Jlx08vyVrmI5S
qo5gZSiv7aPkgYBy+MLgHsRFhUwoF9l4Pd3K0iATacTboA5gvijmJv06xDhrfDkL
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:17 2025 by rpki-client