Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/wWwFvzWWgI1lBGEO9iE0dgiCg8o.roa
File: wWwFvzWWgI1lBGEO9iE0dgiCg8o.roa (raw, json)
Hash identifier: XIwxIMCQvgl6jDtkT5PjoygzqGo99SMWOKniNqMvUc0=
Subject key identifier: C1:6C:05:BF:35:96:80:8D:65:04:61:0E:F6:21:34:76:08:82:83:CA
Certificate issuer: /CN=961b9df745c32df27df33ebcfd536f19e13474fe
Certificate serial: 01856DDD4491C5928F30AB138BDF270C6C7A
Authority key identifier: 96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/wWwFvzWWgI1lBGEO9iE0dgiCg8o.roa
Signing time: Sun 01 Jan 2023 15:04:55 +0000
ROA not before: Sun 01 Jan 2023 15:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60789
IP address blocks: 193.100.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:dd:44:91:c5:92:8f:30:ab:13:8b:df:27:0c:6c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=961b9df745c32df27df33ebcfd536f19e13474fe
Validity
Not Before: Jan 1 15:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c16c05bf3596808d6504610ef6213476088283ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:76:33:e8:42:60:f7:26:2b:b2:8d:47:a3:8a:
44:3c:26:cb:95:b0:f3:b2:c7:df:cf:76:e6:5c:97:
d0:7b:47:66:a5:91:f0:8d:6b:aa:bf:34:81:d9:db:
fe:e7:1e:04:2e:aa:77:71:95:20:ba:8a:cd:10:6a:
79:64:41:e0:83:1d:3a:31:c4:31:53:b9:bb:cc:66:
9f:f6:72:15:81:82:19:cf:79:89:64:02:71:53:be:
3c:55:2f:71:22:45:dc:e8:4d:58:de:69:f5:17:b7:
0b:c9:97:ae:37:3a:e8:ef:a6:bf:5b:8f:2c:1e:be:
9e:02:57:f1:87:86:02:60:3b:4a:eb:cb:42:b4:d7:
00:52:34:aa:81:99:35:bd:1d:20:e5:a0:f8:0f:88:
63:2c:4d:82:e4:a3:42:bb:d3:15:9f:a6:d3:4b:4e:
83:c7:d4:06:e9:ba:9d:09:60:c6:77:5f:b2:d4:70:
4f:a7:71:17:78:c6:20:58:bc:08:7b:01:20:29:49:
f5:5a:83:a5:34:46:7c:b6:06:19:73:46:e3:af:cd:
67:80:94:e5:63:f5:f6:3d:54:4e:cf:62:9e:a6:f2:
e8:c5:90:8f:8e:a5:f1:9f:97:35:d1:5a:ee:85:7c:
78:88:17:76:0a:11:e5:15:b0:4b:95:c5:f8:35:4e:
4f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:6C:05:BF:35:96:80:8D:65:04:61:0E:F6:21:34:76:08:82:83:CA
X509v3 Authority Key Identifier:
keyid:96:1B:9D:F7:45:C3:2D:F2:7D:F3:3E:BC:FD:53:6F:19:E1:34:74:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lhud90XDLfJ98z68_VNvGeE0dP4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/wWwFvzWWgI1lBGEO9iE0dgiCg8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/e84920-f5cb-46d7-bc99-fe53210b57b6/1/lhud90XDLfJ98z68_VNvGeE0dP4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.100.64.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:09:9c:78:d0:38:3e:ea:50:e3:a2:0b:cb:2c:aa:4f:35:3e:
1f:b2:80:0b:41:be:57:ca:6a:80:91:3d:de:36:df:80:ba:6a:
93:cc:0c:61:31:75:8b:ca:68:50:47:50:20:33:b9:84:22:4f:
bf:8f:1d:fa:0e:51:52:d1:e6:71:02:2e:d6:46:78:0b:15:10:
48:a9:9c:18:c5:28:56:4a:c2:eb:32:48:b7:21:d2:94:ea:0d:
eb:ba:ee:de:b6:87:03:39:9d:a0:d4:8c:d8:31:b0:21:86:f8:
3a:66:94:5f:a7:c4:5d:17:02:c5:07:ec:c0:19:78:62:bf:60:
53:e8:43:5e:6d:f7:95:d5:53:68:c6:75:a9:26:bb:c1:f4:2e:
66:b5:f4:90:7f:93:a6:b8:e9:85:12:2a:22:11:67:dd:f8:9e:
d7:77:e2:c1:bb:17:67:73:08:44:42:da:df:9d:23:78:a7:15:
3f:02:0a:ac:15:43:36:da:54:75:2b:d1:9d:59:22:1a:74:ef:
73:c5:9b:9b:d7:7b:61:ef:40:4c:cf:f2:8b:29:68:59:18:a2:
7a:98:b8:ba:5c:b6:0a:e0:a3:04:9a:65:a8:a3:26:c8:c7:d7:
a5:53:61:1a:b7:67:3c:ba:e2:6c:85:91:38:0f:84:cd:6c:1a:
a7:76:b6:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt3USRxZKPMKsTi98nDGx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MWI5ZGY3NDVjMzJkZjI3ZGYzM2ViY2ZkNTM2ZjE5ZTEz
NDc0ZmUwHhcNMjMwMTAxMTUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTZjMDViZjM1OTY4MDhkNjUwNDYxMGVmNjIxMzQ3NjA4ODI4M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnYz6EJg9yYrso1Ho4pEPCbLlbDz
ssffz3bmXJfQe0dmpZHwjWuqvzSB2dv+5x4ELqp3cZUguorNEGp5ZEHggx06McQx
U7m7zGaf9nIVgYIZz3mJZAJxU748VS9xIkXc6E1Y3mn1F7cLyZeuNzro76a/W48s
Hr6eAlfxh4YCYDtK68tCtNcAUjSqgZk1vR0g5aD4D4hjLE2C5KNCu9MVn6bTS06D
x9QG6bqdCWDGd1+y1HBPp3EXeMYgWLwIewEgKUn1WoOlNEZ8tgYZc0bjr81ngJTl
Y/X2PVROz2KepvLoxZCPjqXxn5c10VruhXx4iBd2ChHlFbBLlcX4NU5P7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMFsBb81loCNZQRhDvYhNHYIgoPKMB8GA1UdIwQY
MBaAFJYbnfdFwy3yffM+vP1TbxnhNHT+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGh1ZDkwWERMZko5OHo2OF9WTnZHZUUwZFA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9lODQ5MjAtZjVjYi00NmQ3LWJjOTkt
ZmU1MzIxMGI1N2I2LzEvd1d3RnZ6V1dnSTFsQkdFTzlpRTBkZ2lDZzhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9lODQ5MjAtZjVjYi00NmQ3LWJjOTktZmU1MzIxMGI1N2I2
LzEvbGh1ZDkwWERMZko5OHo2OF9WTnZHZUUwZFA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWRAMA0G
CSqGSIb3DQEBCwUAA4IBAQALCZx40Dg+6lDjogvLLKpPNT4fsoALQb5XymqAkT3e
Nt+AumqTzAxhMXWLymhQR1AgM7mEIk+/jx36DlFS0eZxAi7WRngLFRBIqZwYxShW
SsLrMki3IdKU6g3ruu7etocDOZ2g1IzYMbAhhvg6ZpRfp8RdFwLFB+zAGXhiv2BT
6ENebfeV1VNoxnWpJrvB9C5mtfSQf5OmuOmFEioiEWfd+J7Xd+LBuxdncwhEQtrf
nSN4pxU/AgqsFUM22lR1K9GdWSIadO9zxZub13th70BMz/KLKWhZGKJ6mLi6XLYK
4KMEmmWooybIx9elU2Eat2c8uuJshZE4D4TNbBqndrbm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:45:38 2025 by rpki-client