Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/wDk-xhBGH_WZkvMAjDP7g67HBG0.roa
File: wDk-xhBGH_WZkvMAjDP7g67HBG0.roa (raw, json)
Hash identifier: R79/RrIEXj2ig5qw4+fovKmjO1fCT818I1x8ku+O7uo=
Subject key identifier: C0:39:3E:C6:10:46:1F:F5:99:92:F3:00:8C:33:FB:83:AE:C7:04:6D
Certificate issuer: /CN=b653166a6f1f33e4720e67d24dd32e44580352f0
Certificate serial: 332EEB6F
Authority key identifier: B6:53:16:6A:6F:1F:33:E4:72:0E:67:D2:4D:D3:2E:44:58:03:52:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tlMWam8fM-RyDmfSTdMuRFgDUvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/wDk-xhBGH_WZkvMAjDP7g67HBG0.roa
Signing time: Sat 01 Jan 2022 03:56:12 +0000
ROA not before: Sat 01 Jan 2022 03:56:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39702
IP address blocks: 89.106.216.0/21 maxlen: 24
185.5.100.0/22 maxlen: 24
178.251.88.0/21 maxlen: 24
85.190.192.0/19 maxlen: 24
2a01:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 858712943 (0x332eeb6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b653166a6f1f33e4720e67d24dd32e44580352f0
Validity
Not Before: Jan 1 03:56:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c0393ec610461ff59992f3008c33fb83aec7046d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:3c:58:07:3c:2b:4e:0d:5c:c0:7a:28:43:
25:03:69:fd:ed:8c:56:56:24:0d:fa:53:1f:64:fd:
2b:1b:07:0a:e5:35:fa:47:ce:39:7a:5f:5f:20:e8:
ee:b3:43:ea:e8:58:45:12:ea:62:6e:79:98:d8:0c:
d3:e4:c8:79:e2:25:73:90:14:c7:f4:d1:a6:55:1a:
5f:d6:a8:a2:ee:42:e5:be:7c:c0:8a:d8:ef:0f:11:
02:88:a9:09:5a:e3:c4:ec:e5:e0:c1:33:35:03:6b:
25:c1:0e:12:31:2c:c7:d6:a5:f7:54:12:06:a1:02:
49:63:5b:37:13:04:e8:21:a1:56:36:2c:a1:65:47:
78:82:9c:a0:13:b3:86:c5:9e:4f:ee:4b:09:40:88:
48:b9:32:3d:c2:29:0b:d7:4f:28:8b:8c:31:a1:3b:
ce:0d:a9:ce:df:2d:f2:cb:49:b3:e5:66:20:45:9f:
65:a6:e5:1f:68:c4:dc:43:f7:6d:29:40:b6:77:36:
9c:65:38:d3:8d:3d:e3:e5:69:6e:ab:67:69:5e:2b:
0a:03:26:5f:f1:0b:8a:4c:f9:32:8a:79:0b:09:62:
62:85:19:1d:61:83:da:f6:01:64:54:6d:c7:82:08:
9b:30:00:ca:0a:e7:05:87:f8:55:ae:80:78:b7:2d:
54:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:39:3E:C6:10:46:1F:F5:99:92:F3:00:8C:33:FB:83:AE:C7:04:6D
X509v3 Authority Key Identifier:
keyid:B6:53:16:6A:6F:1F:33:E4:72:0E:67:D2:4D:D3:2E:44:58:03:52:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tlMWam8fM-RyDmfSTdMuRFgDUvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/wDk-xhBGH_WZkvMAjDP7g67HBG0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/aeb8bc-884c-404f-bcb2-fcd37f26047f/1/tlMWam8fM-RyDmfSTdMuRFgDUvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.190.192.0/19
89.106.216.0/21
178.251.88.0/21
185.5.100.0/22
IPv6:
2a01:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
17:76:6c:d4:24:33:0b:05:12:90:6f:b7:2e:d1:d7:ae:c7:35:
a8:59:5f:1b:86:6b:99:74:e5:9f:a1:18:fe:4a:63:31:8a:f5:
cd:8d:de:76:92:a9:6d:33:e2:88:ea:8f:36:f9:0e:d2:2a:23:
10:f3:39:70:bf:79:3b:5d:d1:98:c4:d6:a5:ed:f5:0c:39:44:
c5:33:c5:5b:fa:67:5a:46:83:75:d3:03:8f:c0:80:10:12:e5:
50:f0:65:b5:73:13:dd:d1:c5:69:5d:7a:94:db:8e:28:6f:01:
ef:f3:8b:c3:68:fd:97:c3:19:8f:ce:b4:30:b8:b5:d2:00:ab:
d7:92:99:dd:91:f0:e3:34:5d:e9:b6:03:36:d1:4b:bb:f2:c7:
6a:82:5f:c0:55:a2:53:ba:ae:d4:04:72:e9:7c:48:9c:61:fc:
99:57:86:0d:1b:af:06:26:ea:e1:27:5c:38:1f:d5:37:2c:8b:
c9:14:aa:df:63:aa:b2:87:e2:39:0a:c2:c8:56:ac:9d:ec:7a:
fe:21:b0:30:6e:9c:43:2a:ed:23:e6:db:75:92:7c:ff:83:24:
c8:e8:8e:18:b7:5a:98:b6:43:cd:09:39:3f:7f:b7:66:26:4e:
1c:69:35:3d:23:1c:a8:57:0b:2b:9a:17:3b:c0:d8:39:af:96:
29:4e:54:fd
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEMy7rbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NjUzMTY2YTZmMWYzM2U0NzIwZTY3ZDI0ZGQzMmU0NDU4MDM1MmYwMB4XDTIyMDEw
MTAzNTYxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzAzOTNlYzYxMDQ2
MWZmNTk5OTJmMzAwOGMzM2ZiODNhZWM3MDQ2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlHPFgHPCtODVzAeihDJQNp/e2MVlYkDfpTH2T9KxsHCuU1
+kfOOXpfXyDo7rND6uhYRRLqYm55mNgM0+TIeeIlc5AUx/TRplUaX9aoou5C5b58
wIrY7w8RAoipCVrjxOzl4MEzNQNrJcEOEjEsx9al91QSBqECSWNbNxME6CGhVjYs
oWVHeIKcoBOzhsWeT+5LCUCISLkyPcIpC9dPKIuMMaE7zg2pzt8t8stJs+VmIEWf
ZablH2jE3EP3bSlAtnc2nGU404094+VpbqtnaV4rCgMmX/ELikz5Mop5CwliYoUZ
HWGD2vYBZFRtx4IImzAAygrnBYf4Va6AeLctVC8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTAOT7GEEYf9ZmS8wCMM/uDrscEbTAfBgNVHSMEGDAWgBS2UxZqbx8z5HIO
Z9JN0y5EWANS8DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RsTVdhbThmTS1SeURtZlNUZE11UkZnRFV2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvYWViOGJjLTg4NGMtNDA0Zi1iY2IyLWZjZDM3ZjI2MDQ3Zi8x
L3dEay14aEJHSF9XWmt2TUFqRFA3ZzY3SEJHMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
YWViOGJjLTg4NGMtNDA0Zi1iY2IyLWZjZDM3ZjI2MDQ3Zi8xL3RsTVdhbThmTS1S
eURtZlNUZE11UkZnRFV2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBVW+wAMEA1lq2AMEA7L7WAMEArkF
ZDANBAIAAjAHAwUAKgFNgDANBgkqhkiG9w0BAQsFAAOCAQEAF3Zs1CQzCwUSkG+3
LtHXrsc1qFlfG4ZrmXTln6EY/kpjMYr1zY3edpKpbTPiiOqPNvkO0iojEPM5cL95
O13RmMTWpe31DDlExTPFW/pnWkaDddMDj8CAEBLlUPBltXMT3dHFaV16lNuOKG8B
7/OLw2j9l8MZj860MLi10gCr15KZ3ZHw4zRd6bYDNtFLu/LHaoJfwFWiU7qu1ARy
6XxInGH8mVeGDRuvBibq4SdcOB/VNyyLyRSq32OqsofiOQrCyFasnex6/iGwMG6c
QyrtI+bbdZJ8/4MkyOiOGLdamLZDzQk5P3+3ZiZOHGk1PSMcqFcLK5oXO8DYOa+W
KU5U/Q==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:17 2025 by rpki-client