Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/WZa0rmgglIXrjkOBvyvS_TiR-EM.roa
File: WZa0rmgglIXrjkOBvyvS_TiR-EM.roa (raw, json)
Hash identifier: 44z4wh6rcDa04zZsVwS3Jy5j7C1cYjX1Hc6zHoE/dtc=
Subject key identifier: 59:96:B4:AE:68:20:94:85:EB:8E:43:81:BF:2B:D2:FD:38:91:F8:43
Certificate issuer: /CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Certificate serial: 018570307308B52EEBE3B5C6239BD97AA2DD
Authority key identifier: 9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/WZa0rmgglIXrjkOBvyvS_TiR-EM.roa
Signing time: Mon 02 Jan 2023 01:55:01 +0000
ROA not before: Mon 02 Jan 2023 01:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201471
IP address blocks: 84.40.58.0/23 maxlen: 24
84.40.60.0/22 maxlen: 24
185.90.48.0/22 maxlen: 24
84.40.40.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:73:08:b5:2e:eb:e3:b5:c6:23:9b:d9:7a:a2:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Validity
Not Before: Jan 2 01:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5996b4ae68209485eb8e4381bf2bd2fd3891f843
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:46:cf:b7:67:83:1c:0e:6e:3a:ba:20:9e:7e:
e3:7d:dc:18:32:99:39:c2:be:4d:5f:4d:0c:9d:f7:
11:2d:9f:52:27:a7:ae:08:92:9c:dd:2a:21:24:0b:
33:e5:b8:58:f2:22:fa:b5:8d:fa:82:50:14:f7:07:
a8:43:40:88:d9:bb:33:8c:77:d0:c9:22:3e:c1:2a:
2c:9f:3c:45:b0:1d:18:5e:93:91:ba:a5:bd:07:bc:
7e:51:b5:13:8b:75:6f:3c:5d:4e:2d:42:9c:ff:60:
86:7f:75:b4:e6:5c:4d:d9:da:9c:80:3c:e4:3f:3f:
84:77:99:3e:ea:45:46:bd:c5:9d:a2:53:45:99:14:
5b:7e:58:40:d0:03:66:0a:16:d1:86:32:e0:cf:ad:
00:2c:de:d0:94:cb:9f:fe:5e:c1:5c:83:c3:58:85:
63:19:30:61:b8:41:9f:b0:64:b9:07:2b:bb:16:5a:
ff:87:20:36:14:bd:fb:b1:cc:64:ee:89:85:5a:18:
09:06:1a:2a:7f:39:2c:6b:32:71:3c:b6:a6:bb:85:
ad:a9:2d:6a:bb:07:36:9e:ac:77:4d:59:7b:e6:5e:
48:7a:85:3d:df:ad:7c:4d:fb:49:c3:c5:1d:5d:73:
2f:15:e9:7f:22:49:35:99:e8:03:59:64:5a:14:7e:
fb:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:96:B4:AE:68:20:94:85:EB:8E:43:81:BF:2B:D2:FD:38:91:F8:43
X509v3 Authority Key Identifier:
keyid:9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/WZa0rmgglIXrjkOBvyvS_TiR-EM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/mnCwUeXN-WLbwms1JIjQgxvfmjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.40.0/21
84.40.58.0-84.40.63.255
185.90.48.0/22
Signature Algorithm: sha256WithRSAEncryption
01:33:6a:9e:e8:bb:35:c1:ab:eb:cd:a1:98:ed:56:be:8f:90:
f4:d5:20:39:3e:1a:d2:ea:02:e4:24:84:ba:f1:66:82:85:68:
61:cf:3a:6d:32:ac:ab:61:4f:62:34:1c:c5:17:00:e5:aa:25:
f6:49:72:3f:54:e7:5a:97:ce:32:66:eb:bf:13:5f:16:54:b2:
9f:7f:b5:41:2f:97:71:0f:8b:d7:b0:9f:bf:44:d5:f2:6c:38:
06:f8:e2:3b:c1:6f:97:a4:54:38:49:6f:55:72:d6:aa:e5:b0:
33:c5:c0:91:ee:a8:51:fd:ce:65:e9:90:10:4b:93:6d:93:a6:
6d:a4:26:45:97:02:b9:19:fe:9d:9e:8a:5e:e9:26:5b:1d:13:
42:dd:f6:7b:88:ec:62:29:77:fb:f6:83:a7:92:4d:94:f9:1e:
2e:1f:7a:b9:c3:13:0e:30:74:f8:30:4d:09:43:52:85:77:c7:
a5:41:89:ae:86:0d:f4:c7:35:96:2a:67:9f:37:b8:7e:cd:1f:
f6:e7:34:73:fc:24:90:b0:c6:15:1a:ec:8a:71:99:03:ae:42:
c7:b3:21:76:f1:72:30:8b:9b:4a:8e:e0:59:6a:fa:df:b8:6e:
29:ae:07:c2:15:fb:2b:82:03:0a:75:9d:13:56:2b:bd:c4:49:
87:31:01:19
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYVwMHMItS7r47XGI5vZeqLdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzBiMDUxZTVjZGY5NjJkYmMyNmIzNTI0ODhkMDgzMWJk
ZjlhM2MwHhcNMjMwMTAyMDE1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTk2YjRhZTY4MjA5NDg1ZWI4ZTQzODFiZjJiZDJmZDM4OTFmODQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUbPt2eDHA5uOrognn7jfdwYMpk5
wr5NX00MnfcRLZ9SJ6euCJKc3SohJAsz5bhY8iL6tY36glAU9weoQ0CI2bszjHfQ
ySI+wSosnzxFsB0YXpORuqW9B7x+UbUTi3VvPF1OLUKc/2CGf3W05lxN2dqcgDzk
Pz+Ed5k+6kVGvcWdolNFmRRbflhA0ANmChbRhjLgz60ALN7QlMuf/l7BXIPDWIVj
GTBhuEGfsGS5Byu7Flr/hyA2FL37scxk7omFWhgJBhoqfzksazJxPLamu4WtqS1q
uwc2nqx3TVl75l5IeoU93618TftJw8UdXXMvFel/Ikk1megDWWRaFH77rwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFFmWtK5oIJSF645Dgb8r0v04kfhDMB8GA1UdIwQY
MBaAFJpwsFHlzfli28JrNSSI0IMb35o8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5Dd1VlWE4tV0xid21zMUpJalFneHZmbWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mOTY5MWQtYWZiMi00MWYyLThkMjIt
ZmE0NmI0ZjlhMjBjLzEvV1phMHJtZ2dsSVhyamtPQnZ5dlNfVGlSLUVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mOTY5MWQtYWZiMi00MWYyLThkMjItZmE0NmI0ZjlhMjBj
LzEvbW5Dd1VlWE4tV0xid21zMUpJalFneHZmbWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDVCgoMAwD
BAFUKDoDBAZUKAADBAK5WjAwDQYJKoZIhvcNAQELBQADggEBAAEzap7ouzXBq+vN
oZjtVr6PkPTVIDk+GtLqAuQkhLrxZoKFaGHPOm0yrKthT2I0HMUXAOWqJfZJcj9U
51qXzjJm678TXxZUsp9/tUEvl3EPi9ewn79E1fJsOAb44jvBb5ekVDhJb1Vy1qrl
sDPFwJHuqFH9zmXpkBBLk22Tpm2kJkWXArkZ/p2eil7pJlsdE0Ld9nuI7GIpd/v2
g6eSTZT5Hi4fernDEw4wdPgwTQlDUoV3x6VBia6GDfTHNZYqZ583uH7NH/bnNHP8
JJCwxhUa7IpxmQOuQsezIXbxcjCLm0qO4Flq+t+4bimuB8IV+yuCAwp1nRNWK73E
SYcxARk=
-----END CERTIFICATE-----
Generated at Sun Apr 20 01:57:25 2025 by rpki-client