Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/WMNpLUGzMCeiSSso-9iELh7_b2c.roa
File: WMNpLUGzMCeiSSso-9iELh7_b2c.roa (raw, json)
Hash identifier: drrLzpnwK0V2JtIxH7Y6MkhKIMqjaQJwuy/KpIi0Qi4=
Subject key identifier: 58:C3:69:2D:41:B3:30:27:A2:49:2B:28:FB:D8:84:2E:1E:FF:6F:67
Certificate issuer: /CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Certificate serial: 120B7E
Authority key identifier: 2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/WMNpLUGzMCeiSSso-9iELh7_b2c.roa
Signing time: Sat 01 Jan 2022 02:59:24 +0000
ROA not before: Sat 01 Jan 2022 02:59:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42209
IP address blocks: 2a0f:ca00:8000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1182590 (0x120b7e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2add438a7ce3cb379f28cfa051cf63d5ad8fe3ca
Validity
Not Before: Jan 1 02:59:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=58c3692d41b33027a2492b28fbd8842e1eff6f67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b5:01:67:86:66:d2:91:63:7e:94:a8:8a:45:
b0:73:8a:ba:d4:ca:36:46:d3:90:8d:80:1a:ad:83:
d0:38:87:13:be:bf:4c:09:da:03:d8:e7:73:f9:90:
db:fc:7e:ed:d3:eb:49:a3:83:df:2f:d3:fb:97:49:
d2:e8:72:44:83:f7:3d:4f:aa:7f:ff:f7:24:f4:f5:
43:be:bb:6c:9c:5d:45:8f:5a:36:26:34:fb:a8:b8:
91:5d:55:e2:1f:69:6c:2e:17:54:d6:fd:0c:ec:e5:
75:f5:fa:67:34:c4:78:65:74:b6:be:f1:4c:8e:47:
8e:21:f4:61:cb:e3:b6:e1:86:1b:df:12:a5:d8:67:
20:a5:73:11:ae:d0:48:6d:79:49:53:60:25:96:98:
62:16:77:de:6d:44:87:9a:06:21:bf:3a:8e:65:6b:
df:7f:7a:fe:3e:18:fb:90:f3:4a:12:55:8c:55:6f:
3b:e5:ba:fb:e3:3b:ea:67:f7:5b:86:c8:4e:f7:ad:
bd:63:46:b9:3e:42:a5:e2:fe:4f:32:36:3b:bf:1e:
7e:40:10:dd:40:e8:33:d5:96:f1:92:6d:3f:cb:44:
bc:ea:a6:5e:00:7d:b9:6a:df:1f:a3:94:e8:37:71:
dc:64:fa:7f:62:6c:ee:80:08:40:53:9f:9e:29:b7:
b0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:C3:69:2D:41:B3:30:27:A2:49:2B:28:FB:D8:84:2E:1E:FF:6F:67
X509v3 Authority Key Identifier:
keyid:2A:DD:43:8A:7C:E3:CB:37:9F:28:CF:A0:51:CF:63:D5:AD:8F:E3:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kt1DinzjyzefKM-gUc9j1a2P48o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/WMNpLUGzMCeiSSso-9iELh7_b2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/0b61cf-80ba-4e8e-a2e5-20a0d130c456/1/Kt1DinzjyzefKM-gUc9j1a2P48o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:ca00:8000::/48
Signature Algorithm: sha256WithRSAEncryption
2e:9a:52:db:52:dc:20:8f:02:7a:8e:0b:a7:fb:f0:a3:00:32:
86:c4:25:e6:c7:94:18:ff:f3:86:49:7b:f1:98:f1:db:20:a5:
52:30:f5:8c:3c:6a:26:5d:aa:c8:3e:3a:c9:c8:6b:ce:2e:bc:
f8:b8:d4:01:82:1c:ca:cb:c6:cb:d8:ea:b9:f5:74:ca:bd:94:
88:70:17:90:e3:1d:e0:67:e5:9f:67:48:be:46:e6:d2:a7:71:
40:51:1a:3a:ea:58:55:43:85:d4:7f:3d:1d:57:49:a2:77:08:
0e:54:96:ad:d7:e1:27:c8:b5:81:1b:ec:d9:c2:3b:40:26:45:
5d:0f:ea:9e:ae:69:75:37:30:b0:64:24:7b:1f:ca:bc:d6:bc:
1c:ea:ec:43:92:82:b5:7e:6f:7b:be:6b:18:01:ea:d9:1c:f2:
96:57:f3:97:58:6e:a1:e2:f1:a4:f5:73:8f:22:dc:5b:ee:f1:
ba:92:4a:2c:21:98:a1:dd:44:f8:2e:22:52:45:bf:58:3b:25:
aa:ae:fd:6f:e3:27:5e:9f:27:56:8d:bb:b1:06:22:a6:2a:f9:
6c:fb:b2:1f:a8:aa:14:a9:f9:e8:b4:82:34:b0:00:84:01:64:
a9:3e:b9:a5:61:69:56:9b:b0:e2:ee:31:c2:09:3c:aa:fc:ac:
36:12:0d:df
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDEgt+MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDJh
ZGQ0MzhhN2NlM2NiMzc5ZjI4Y2ZhMDUxY2Y2M2Q1YWQ4ZmUzY2EwHhcNMjIwMTAx
MDI1OTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1OGMzNjkyZDQxYjMz
MDI3YTI0OTJiMjhmYmQ4ODQyZTFlZmY2ZjY3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsrUBZ4Zm0pFjfpSoikWwc4q61Mo2RtOQjYAarYPQOIcTvr9M
CdoD2Odz+ZDb/H7t0+tJo4PfL9P7l0nS6HJEg/c9T6p///ck9PVDvrtsnF1Fj1o2
JjT7qLiRXVXiH2lsLhdU1v0M7OV19fpnNMR4ZXS2vvFMjkeOIfRhy+O24YYb3xKl
2GcgpXMRrtBIbXlJU2AllphiFnfebUSHmgYhvzqOZWvff3r+Phj7kPNKElWMVW87
5br74zvqZ/dbhshO9629Y0a5PkKl4v5PMjY7vx5+QBDdQOgz1Zbxkm0/y0S86qZe
AH25at8fo5ToN3HcZPp/YmzugAhAU5+eKbew1QIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFFjDaS1BszAnokkrKPvYhC4e/29nMB8GA1UdIwQYMBaAFCrdQ4p848s3nyjP
oFHPY9Wtj+PKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
S3QxRGluemp5emVmS00tZ1VjOWoxYTJQNDhvLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kZC8wYjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2LzEv
V01OcExVR3pNQ2VpU1Nzby05aUVMaDdfYjJjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC8w
YjYxY2YtODBiYS00ZThlLWEyZTUtMjBhMGQxMzBjNDU2LzEvS3QxRGluemp5emVm
S00tZ1VjOWoxYTJQNDhvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg/KAIAAMA0GCSqGSIb3DQEBCwUA
A4IBAQAumlLbUtwgjwJ6jgun+/CjADKGxCXmx5QY//OGSXvxmPHbIKVSMPWMPGom
XarIPjrJyGvOLrz4uNQBghzKy8bL2Oq59XTKvZSIcBeQ4x3gZ+WfZ0i+RubSp3FA
URo66lhVQ4XUfz0dV0midwgOVJat1+EnyLWBG+zZwjtAJkVdD+qerml1NzCwZCR7
H8q81rwc6uxDkoK1fm97vmsYAerZHPKWV/OXWG6h4vGk9XOPItxb7vG6kkosIZih
3UT4LiJSRb9YOyWqrv1v4ydenydWjbuxBiKmKvls+7IfqKoUqfnotII0sACEAWSp
PrmlYWlWm7Di7jHCCTyq/Kw2Eg3f
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:55 2025 by rpki-client