Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/wCJmt9wQM1QIK336o9E5lGac6IQ.roa
File: wCJmt9wQM1QIK336o9E5lGac6IQ.roa (raw, json)
Hash identifier: a7DeZySV7hTUSzxlcUXz/yEtZckW8xbE8VSm0EuMdhQ=
Subject key identifier: C0:22:66:B7:DC:10:33:54:08:2B:7D:FA:A3:D1:39:94:66:9C:E8:84
Certificate issuer: /CN=925069a5d764da255954db2ee9d1243de16b9101
Certificate serial: 0322BCE6
Authority key identifier: 92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/wCJmt9wQM1QIK336o9E5lGac6IQ.roa
Signing time: Thu 03 Mar 2022 12:40:35 +0000
ROA not before: Thu 03 Mar 2022 12:40:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3561
IP address blocks: 193.168.141.0/24 maxlen: 24
193.168.142.0/24 maxlen: 24
193.168.143.0/24 maxlen: 24
193.168.140.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 52608230 (0x322bce6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=925069a5d764da255954db2ee9d1243de16b9101
Validity
Not Before: Mar 3 12:40:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c02266b7dc103354082b7dfaa3d13994669ce884
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:35:5d:72:b2:e8:56:02:3e:37:0b:24:aa:62:
ee:cf:c7:68:06:e3:ff:76:b9:a5:ed:e0:9a:bc:c8:
25:1f:cf:93:0b:59:dc:3f:be:52:03:b5:67:0a:c9:
23:47:c5:be:a7:05:e8:7b:e2:53:f6:db:75:ac:41:
a3:cb:b9:bf:e4:9d:9c:61:34:a7:b3:11:a2:28:a6:
a2:6b:dd:5b:81:0e:69:2e:90:db:54:de:e5:59:1d:
7b:17:85:0e:1c:81:01:4f:bf:ec:ed:97:89:1f:4f:
fe:f3:1f:b3:60:6a:50:01:4e:23:b1:cf:78:e5:ca:
eb:71:01:72:96:b9:8a:0c:12:e1:27:b4:64:35:18:
79:1b:05:56:b4:d2:6a:77:af:07:50:ea:ce:a2:66:
b0:ac:35:40:89:7c:d7:3a:9d:ea:f2:06:f4:85:91:
79:a5:19:39:7d:c8:f7:16:67:26:06:50:57:c9:f1:
57:c3:33:5a:4f:2c:4a:88:de:d7:32:7c:0a:74:b1:
e5:66:fb:43:41:b1:9f:e9:8c:f4:b6:99:81:32:28:
9d:75:90:c9:30:9a:34:86:53:d3:2c:77:f4:f3:b0:
26:73:a5:d3:25:76:b7:b1:41:8b:9a:63:6e:38:07:
fe:3e:08:a4:f3:97:89:f0:f1:7f:7d:51:b9:8a:a4:
01:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:22:66:B7:DC:10:33:54:08:2B:7D:FA:A3:D1:39:94:66:9C:E8:84
X509v3 Authority Key Identifier:
keyid:92:50:69:A5:D7:64:DA:25:59:54:DB:2E:E9:D1:24:3D:E1:6B:91:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/klBppddk2iVZVNsu6dEkPeFrkQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/wCJmt9wQM1QIK336o9E5lGac6IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/6788f5-4889-4be7-bb19-a9b8de611a96/1/klBppddk2iVZVNsu6dEkPeFrkQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.140.0/22
Signature Algorithm: sha256WithRSAEncryption
53:7f:ef:c0:55:48:74:12:cd:c6:d0:27:36:e4:ff:54:2b:70:
5d:42:90:4f:21:56:4a:b1:f9:16:4e:82:b8:66:c8:29:95:88:
31:2f:04:02:95:c0:fa:90:93:29:e3:4b:fd:64:58:f5:34:e4:
97:db:c1:ed:eb:49:62:10:36:d7:ca:5d:fb:23:01:f9:25:c7:
b2:05:cb:f5:88:03:07:ae:58:ee:37:c0:c8:5c:68:7f:68:34:
61:af:40:92:6c:05:e3:77:c9:c6:f4:96:16:ba:c9:5f:a3:7b:
1b:ad:f2:5f:61:9e:08:dc:25:d9:43:d9:6b:52:3b:52:f7:c4:
14:8e:8c:ae:12:18:8f:37:07:95:d5:c2:7b:fa:78:d5:99:5d:
22:3a:17:d4:1f:4a:db:9c:24:d4:81:9b:fb:ae:16:cd:38:6c:
98:91:1a:e6:96:36:a3:1e:f2:17:2a:9b:15:f4:b3:ce:f9:22:
27:e9:6f:f5:33:dc:58:36:06:51:3a:61:b0:23:9b:2e:6e:1e:
f2:a0:75:93:34:0a:c9:16:68:0b:a0:6d:ab:12:24:a8:b2:93:
3d:cf:b5:54:3d:75:bd:31:4e:08:96:4f:a0:ee:f6:cf:a7:58:
da:5d:dd:32:1e:99:c1:29:5b:08:22:af:e1:1b:88:e9:d1:0f:
3b:8f:75:3b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAyK85jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MjUwNjlhNWQ3NjRkYTI1NTk1NGRiMmVlOWQxMjQzZGUxNmI5MTAxMB4XDTIyMDMw
MzEyNDAzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzAyMjY2YjdkYzEw
MzM1NDA4MmI3ZGZhYTNkMTM5OTQ2NjljZTg4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALU1XXKy6FYCPjcLJKpi7s/HaAbj/3a5pe3gmrzIJR/PkwtZ
3D++UgO1ZwrJI0fFvqcF6HviU/bbdaxBo8u5v+SdnGE0p7MRoiimomvdW4EOaS6Q
21Te5VkdexeFDhyBAU+/7O2XiR9P/vMfs2BqUAFOI7HPeOXK63EBcpa5igwS4Se0
ZDUYeRsFVrTSanevB1DqzqJmsKw1QIl81zqd6vIG9IWReaUZOX3I9xZnJgZQV8nx
V8MzWk8sSoje1zJ8CnSx5Wb7Q0Gxn+mM9LaZgTIonXWQyTCaNIZT0yx39POwJnOl
0yV2t7FBi5pjbjgH/j4IpPOXifDxf31RuYqkAckCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTAIma33BAzVAgrffqj0TmUZpzohDAfBgNVHSMEGDAWgBSSUGml12TaJVlU
2y7p0SQ94WuRATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tsQnBwZGRrMmlWWlZOc3U2ZEVrUGVGcmtRRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGUvNjc4OGY1LTQ4ODktNGJlNy1iYjE5LWE5YjhkZTYxMWE5Ni8x
L3dDSm10OXdRTTFRSUszMzZvOUU1bEdhYzZJUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGUv
Njc4OGY1LTQ4ODktNGJlNy1iYjE5LWE5YjhkZTYxMWE5Ni8xL2tsQnBwZGRrMmlW
WlZOc3U2ZEVrUGVGcmtRRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsGojDANBgkqhkiG9w0BAQsFAAOC
AQEAU3/vwFVIdBLNxtAnNuT/VCtwXUKQTyFWSrH5Fk6CuGbIKZWIMS8EApXA+pCT
KeNL/WRY9TTkl9vB7etJYhA218pd+yMB+SXHsgXL9YgDB65Y7jfAyFxof2g0Ya9A
kmwF43fJxvSWFrrJX6N7G63yX2GeCNwl2UPZa1I7UvfEFI6MrhIYjzcHldXCe/p4
1ZldIjoX1B9K25wk1IGb+64WzThsmJEa5pY2ox7yFyqbFfSzzvkiJ+lv9TPcWDYG
UTphsCObLm4e8qB1kzQKyRZoC6BtqxIkqLKTPc+1VD11vTFOCJZPoO72z6dY2l3d
Mh6ZwSlbCCKv4RuI6dEPO491Ow==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:37 2025 by rpki-client