Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wkGww5TDtIwZ94LxamafpGg-1Ik.roa
File: wkGww5TDtIwZ94LxamafpGg-1Ik.roa (raw, json)
Hash identifier: ykSjVFSYw86YKbLiARY5cMyBkEW1asMTGZvOQE4jdVY=
Subject key identifier: C2:41:B0:C3:94:C3:B4:8C:19:F7:82:F1:6A:66:9F:A4:68:3E:D4:89
Certificate issuer: /CN=a85310f503137ae8b35d4f329f46f069dd703815
Certificate serial: 01857082C83C6706DD224C2735774B065205
Authority key identifier: A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wkGww5TDtIwZ94LxamafpGg-1Ik.roa
Signing time: Mon 02 Jan 2023 03:24:57 +0000
ROA not before: Mon 02 Jan 2023 03:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212384
IP address blocks: 146.19.85.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:82:c8:3c:67:06:dd:22:4c:27:35:77:4b:06:52:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a85310f503137ae8b35d4f329f46f069dd703815
Validity
Not Before: Jan 2 03:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c241b0c394c3b48c19f782f16a669fa4683ed489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:7a:c2:46:d6:07:82:48:d3:12:fd:33:a2:a8:
91:bd:39:6b:33:39:e8:47:0f:16:22:a6:02:89:be:
a6:63:23:d7:32:35:81:f0:dd:c5:55:a4:62:ea:49:
a2:d0:88:07:f0:0e:d1:aa:7b:2e:09:69:a0:73:f7:
96:41:59:b7:fb:5b:28:b6:60:1a:3e:c9:00:ee:18:
90:a2:13:28:87:b6:8b:5a:ba:78:76:68:a1:3e:84:
20:6b:53:4b:80:43:4c:10:65:9f:d8:df:ad:6e:2a:
ee:fb:98:2c:9e:f5:4a:0f:8a:ca:e6:96:bb:1f:f6:
8e:d0:0a:99:82:f0:5a:98:14:8e:d1:2e:75:b4:60:
0c:0d:32:d8:16:fa:4e:a3:9b:e4:ec:d9:05:d0:fa:
72:60:0f:de:70:3e:b9:f5:e3:11:a8:dd:8b:e2:cf:
a3:eb:b2:4a:64:63:bd:e3:5e:12:2d:45:59:81:a4:
1b:d8:2d:aa:ab:4d:24:83:91:16:6d:a2:fe:0f:38:
f9:78:d1:6e:4a:62:d3:2a:fa:cf:b0:d6:a8:ea:39:
c3:b0:b9:77:54:80:94:39:29:91:eb:53:53:81:e8:
b5:05:a7:59:e0:6b:35:68:2d:61:03:79:8f:4c:3c:
0d:e3:85:43:17:af:fd:2a:4c:35:95:6e:8c:ed:f9:
fa:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:41:B0:C3:94:C3:B4:8C:19:F7:82:F1:6A:66:9F:A4:68:3E:D4:89
X509v3 Authority Key Identifier:
keyid:A8:53:10:F5:03:13:7A:E8:B3:5D:4F:32:9F:46:F0:69:DD:70:38:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qFMQ9QMTeuizXU8yn0bwad1wOBU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/wkGww5TDtIwZ94LxamafpGg-1Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/b42949-ee0a-4123-87bf-30189a5a4eba/1/qFMQ9QMTeuizXU8yn0bwad1wOBU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.85.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b0:98:11:c9:7c:3c:8e:40:73:c3:9a:b5:47:66:c5:cf:4d:
55:59:29:5d:da:3e:46:b6:88:af:02:90:04:e1:36:18:c1:75:
4c:f0:02:41:d7:41:eb:a6:8e:e3:86:1d:99:7b:62:97:e6:ea:
12:dc:c7:8f:11:2d:6e:fb:dc:05:20:82:f8:3a:e4:d6:b1:c0:
a4:a4:b5:3b:bf:32:6b:4e:7d:39:4d:0a:03:2b:3e:88:ca:62:
ea:5b:da:c7:f9:5e:91:9e:6c:90:f9:ce:d1:27:96:90:29:f5:
20:23:e6:64:3d:3f:07:6b:1b:54:ab:39:98:01:5a:06:34:2f:
08:a9:ed:99:66:84:c1:a0:65:50:3c:7f:9c:47:92:33:50:65:
01:72:02:40:75:86:f5:90:d7:f8:68:67:9c:46:bc:f8:83:4a:
a5:ff:70:e7:14:f5:95:fc:1b:c5:87:a0:2b:99:04:79:38:59:
53:2b:7c:f9:3b:5b:d3:5b:77:1f:82:36:48:4a:50:81:ad:de:
b5:4b:62:97:94:3a:69:68:b2:e7:07:84:b3:4a:21:67:a5:2c:
1d:d9:2c:94:5e:36:9c:5e:9a:80:d3:f8:5b:94:78:ac:3d:5d:
d5:9b:40:cb:e0:05:5c:38:8a:3c:02:b0:67:ff:09:0c:64:59:
18:1f:07:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwgsg8ZwbdIkwnNXdLBlIFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NTMxMGY1MDMxMzdhZThiMzVkNGYzMjlmNDZmMDY5ZGQ3
MDM4MTUwHhcNMjMwMTAyMDMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjQxYjBjMzk0YzNiNDhjMTlmNzgyZjE2YTY2OWZhNDY4M2VkNDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHrCRtYHgkjTEv0zoqiRvTlrMzno
Rw8WIqYCib6mYyPXMjWB8N3FVaRi6kmi0IgH8A7RqnsuCWmgc/eWQVm3+1sotmAa
PskA7hiQohMoh7aLWrp4dmihPoQga1NLgENMEGWf2N+tbiru+5gsnvVKD4rK5pa7
H/aO0AqZgvBamBSO0S51tGAMDTLYFvpOo5vk7NkF0PpyYA/ecD659eMRqN2L4s+j
67JKZGO9414SLUVZgaQb2C2qq00kg5EWbaL+Dzj5eNFuSmLTKvrPsNao6jnDsLl3
VICUOSmR61NTgei1BadZ4Gs1aC1hA3mPTDwN44VDF6/9Kkw1lW6M7fn6UwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMJBsMOUw7SMGfeC8Wpmn6RoPtSJMB8GA1UdIwQY
MBaAFKhTEPUDE3ros11PMp9G8GndcDgVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYt
MzAxODlhNWE0ZWJhLzEvd2tHd3c1VER0SXdaOTRMeGFtYWZwR2ctMUlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9iNDI5NDktZWUwYS00MTIzLTg3YmYtMzAxODlhNWE0ZWJh
LzEvcUZNUTlRTVRldWl6WFU4eW4wYndhZDF3T0JVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhNVMA0G
CSqGSIb3DQEBCwUAA4IBAQBdsJgRyXw8jkBzw5q1R2bFz01VWSld2j5GtoivApAE
4TYYwXVM8AJB10Hrpo7jhh2Ze2KX5uoS3MePES1u+9wFIIL4OuTWscCkpLU7vzJr
Tn05TQoDKz6IymLqW9rH+V6RnmyQ+c7RJ5aQKfUgI+ZkPT8HaxtUqzmYAVoGNC8I
qe2ZZoTBoGVQPH+cR5IzUGUBcgJAdYb1kNf4aGecRrz4g0ql/3DnFPWV/BvFh6Ar
mQR5OFlTK3z5O1vTW3cfgjZISlCBrd61S2KXlDppaLLnB4SzSiFnpSwd2SyUXjac
XpqA0/hblHisPV3Vm0DL4AVcOIo8ArBn/wkMZFkYHwfS
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:28:55 2025 by rpki-client