Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/pwGu0cGC00mAYwCM4Gm7a9N_zwk.roa
File: pwGu0cGC00mAYwCM4Gm7a9N_zwk.roa (raw, json)
Hash identifier: oVJoHXu0AqB5tD4mi/mGiSc3jZT/Tqd9BcydtrSyiTk=
Subject key identifier: A7:01:AE:D1:C1:82:D3:49:80:63:00:8C:E0:69:BB:6B:D3:7F:CF:09
Certificate issuer: /CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Certificate serial: 018570FBC405C58F1F1D478FA90516F251F5
Authority key identifier: B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/pwGu0cGC00mAYwCM4Gm7a9N_zwk.roa
Signing time: Mon 02 Jan 2023 05:37:06 +0000
ROA not before: Mon 02 Jan 2023 05:37:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50247
IP address blocks: 185.178.236.0/22 maxlen: 22
109.196.80.0/20 maxlen: 20
109.95.88.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:c4:05:c5:8f:1f:1d:47:8f:a9:05:16:f2:51:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4bdc376a159d05e2af97176a3eba8360e60d176
Validity
Not Before: Jan 2 05:37:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a701aed1c182d3498063008ce069bb6bd37fcf09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c5:cb:81:83:7c:11:1b:c3:ca:70:ea:24:40:
db:5d:24:5a:4b:a1:2e:b5:19:98:74:48:2f:35:ed:
ac:d0:27:6f:12:65:ef:98:35:7d:eb:f7:9b:91:a0:
a7:57:79:e3:32:cb:8b:6f:b9:8f:d2:79:50:33:b2:
d5:27:28:43:73:3f:ba:99:14:f9:d3:b1:84:2f:a8:
72:ea:6e:72:cb:c1:e1:10:cf:64:db:5e:d9:32:b3:
55:75:7d:44:0a:a2:46:0d:3a:cf:00:e4:22:76:4c:
d4:03:7f:78:01:a9:72:4f:75:2b:e8:7c:f7:28:be:
0e:b8:b0:f2:f2:5b:2a:25:aa:a9:41:fb:8b:cf:f0:
8d:62:2a:80:26:ce:86:60:c3:20:d9:d8:58:41:c0:
56:2c:90:25:1d:ce:de:33:df:10:b5:0a:2b:a1:3f:
2a:34:32:cc:59:e4:0d:c2:a5:cf:45:4c:10:83:af:
71:b7:12:d2:41:de:fe:ba:13:4e:f3:b6:d0:01:85:
0b:37:9c:ce:0a:5d:8f:d0:31:f4:63:7b:ab:a3:75:
83:12:6c:24:6e:a5:1f:3e:32:a0:05:40:fb:c2:41:
db:ea:0d:21:95:f7:51:1a:d8:75:6c:6c:70:e5:9f:
2d:72:34:d0:d8:9a:1f:24:6c:2c:8d:5e:c9:21:aa:
3a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:01:AE:D1:C1:82:D3:49:80:63:00:8C:E0:69:BB:6B:D3:7F:CF:09
X509v3 Authority Key Identifier:
keyid:B4:BD:C3:76:A1:59:D0:5E:2A:F9:71:76:A3:EB:A8:36:0E:60:D1:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/pwGu0cGC00mAYwCM4Gm7a9N_zwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/40ea14-dc50-4aa0-aa85-28d010603529/1/tL3DdqFZ0F4q-XF2o-uoNg5g0XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.88.0/21
109.196.80.0/20
185.178.236.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:bf:a8:60:09:f0:07:ee:2c:70:db:7a:97:b3:7f:b6:f2:9b:
df:f7:94:a3:bd:b1:29:f1:a1:25:cc:33:6f:51:8e:8c:25:5a:
ba:c1:27:f1:02:65:d4:4a:a4:86:72:bd:1f:7f:00:2f:6c:7c:
4c:ca:15:62:54:f4:42:61:70:e8:39:8f:a4:5a:b0:69:a6:cf:
70:86:24:7e:8c:aa:37:04:9c:38:05:db:69:19:bd:ef:ae:75:
e7:52:c3:5f:49:51:46:65:0b:b7:55:ee:0b:96:f5:51:57:9e:
7f:79:4f:cc:7b:76:9e:58:6c:b5:8d:eb:f7:bb:60:eb:f9:32:
3f:bb:bc:11:28:b8:10:c7:3f:63:d5:13:46:3c:41:61:15:bb:
27:10:bd:8e:6d:2d:98:1e:63:79:7d:0c:83:24:9c:2f:fb:5d:
f2:2d:2f:9e:af:d1:8c:02:8c:ba:1c:c8:74:db:7b:6d:f3:c9:
86:fc:04:2f:45:1f:fe:f6:de:dd:a7:58:4b:7d:61:b0:f5:72:
c7:9f:c7:ff:85:f4:e6:9a:88:4f:42:52:93:35:ae:1b:7f:a2:
ca:33:46:2a:0b:66:dd:d1:d0:fb:cb:27:8b:d1:cb:81:ba:89:
d3:b3:b1:ca:5f:d9:93:71:df:29:a7:ec:b4:20:48:76:b6:a3:
af:7f:42:f0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVw+8QFxY8fHUePqQUW8lH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0YmRjMzc2YTE1OWQwNWUyYWY5NzE3NmEzZWJhODM2MGU2
MGQxNzYwHhcNMjMwMTAyMDUzNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzAxYWVkMWMxODJkMzQ5ODA2MzAwOGNlMDY5YmI2YmQzN2ZjZjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsXLgYN8ERvDynDqJEDbXSRaS6Eu
tRmYdEgvNe2s0CdvEmXvmDV96/ebkaCnV3njMsuLb7mP0nlQM7LVJyhDcz+6mRT5
07GEL6hy6m5yy8HhEM9k217ZMrNVdX1ECqJGDTrPAOQidkzUA394AalyT3Ur6Hz3
KL4OuLDy8lsqJaqpQfuLz/CNYiqAJs6GYMMg2dhYQcBWLJAlHc7eM98QtQoroT8q
NDLMWeQNwqXPRUwQg69xtxLSQd7+uhNO87bQAYULN5zOCl2P0DH0Y3uro3WDEmwk
bqUfPjKgBUD7wkHb6g0hlfdRGth1bGxw5Z8tcjTQ2JofJGwsjV7JIao6nwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKcBrtHBgtNJgGMAjOBpu2vTf88JMB8GA1UdIwQY
MBaAFLS9w3ahWdBeKvlxdqPrqDYOYNF2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUt
MjhkMDEwNjAzNTI5LzEvcHdHdTBjR0MwMG1BWXdDTTRHbTdhOU5fendrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy80MGVhMTQtZGM1MC00YWEwLWFhODUtMjhkMDEwNjAzNTI5
LzEvdEwzRGRxRlowRjRxLVhGMm8tdW9OZzVnMFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDbV9YAwQE
bcRQAwQCubLsMA0GCSqGSIb3DQEBCwUAA4IBAQCPv6hgCfAH7ixw23qXs3+28pvf
95SjvbEp8aElzDNvUY6MJVq6wSfxAmXUSqSGcr0ffwAvbHxMyhViVPRCYXDoOY+k
WrBpps9whiR+jKo3BJw4BdtpGb3vrnXnUsNfSVFGZQu3Ve4LlvVRV55/eU/Me3ae
WGy1jev3u2Dr+TI/u7wRKLgQxz9j1RNGPEFhFbsnEL2ObS2YHmN5fQyDJJwv+13y
LS+er9GMAoy6HMh023tt88mG/AQvRR/+9t7dp1hLfWGw9XLHn8f/hfTmmohPQlKT
Na4bf6LKM0YqC2bd0dD7yyeL0cuBuonTs7HKX9mTcd8pp+y0IEh2tqOvf0Lw
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:09:37 2025 by rpki-client