Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/WsNsvxkpL6DX0-upaU0PannPmDE.roa
File: WsNsvxkpL6DX0-upaU0PannPmDE.roa (raw, json)
Hash identifier: ZzZAz/RVceWCY59Yl/9YNZO4jZyTG4qeCxtZCAzqVUY=
Subject key identifier: 5A:C3:6C:BF:19:29:2F:A0:D7:D3:EB:A9:69:4D:0F:6A:79:CF:98:31
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 01865F1157A3C01A81B0036E184E7462BBF4
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/WsNsvxkpL6DX0-upaU0PannPmDE.roa
Signing time: Fri 17 Feb 2023 11:10:17 +0000
ROA not before: Fri 17 Feb 2023 11:10:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1921
IP address blocks: 2001:678:20::/48 maxlen: 48
2a02:850:ffe0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5f:11:57:a3:c0:1a:81:b0:03:6e:18:4e:74:62:bb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Feb 17 11:10:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ac36cbf19292fa0d7d3eba9694d0f6a79cf9831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9f:d4:b2:c0:d2:96:67:b8:0f:8d:ba:e1:12:
20:27:47:21:64:f0:cb:6c:29:d1:74:a6:89:16:ff:
e3:8e:43:5c:6c:96:bc:a9:3c:c6:1b:4a:49:7a:4e:
ce:eb:65:4e:08:39:11:03:86:2f:31:99:ae:5a:f0:
3d:89:8f:f7:51:66:f3:48:56:80:f2:18:f6:12:8f:
13:37:83:8c:5e:1f:30:d7:9e:98:c9:f6:c0:70:7c:
38:a8:aa:ab:4c:78:bc:0e:05:69:42:11:ff:68:64:
4f:dc:7a:d3:51:5d:0b:b5:72:37:50:a0:8c:fb:94:
c9:d4:32:bb:b9:2d:2e:c7:57:86:56:ab:ba:a8:65:
9a:31:d7:a6:78:66:de:42:87:55:99:bd:f3:9e:66:
27:b3:ea:8f:ef:bf:6e:38:19:e0:05:80:3e:38:95:
f4:a6:cf:09:11:04:83:66:3b:a5:5f:ab:18:28:f5:
6c:6f:ce:ed:de:ca:e9:f1:98:28:c6:90:ab:3d:69:
f7:65:f3:e0:04:c4:1d:41:78:3f:65:3d:5f:21:bd:
f3:df:70:c4:5f:9f:22:e0:5b:f6:1b:20:31:82:0d:
67:32:4c:d9:23:aa:76:6f:3a:45:4f:3d:56:97:98:
87:0f:d7:a8:d9:e2:07:2e:4b:a6:5e:ee:4b:27:e7:
04:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:C3:6C:BF:19:29:2F:A0:D7:D3:EB:A9:69:4D:0F:6A:79:CF:98:31
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/WsNsvxkpL6DX0-upaU0PannPmDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:20::/48
2a02:850:ffe0::/48
Signature Algorithm: sha256WithRSAEncryption
11:a9:1e:5a:42:e8:ed:f0:eb:8c:98:6e:8c:a2:ab:85:26:e2:
b2:d7:b2:f8:d1:b7:9d:69:86:da:c2:56:4d:65:d5:e9:db:ec:
93:fc:d3:25:1a:3c:47:77:07:d5:59:f3:95:28:bd:b8:26:3c:
3a:52:5c:5e:34:ca:e3:ba:af:b4:f7:31:ff:a5:60:83:47:7b:
87:c0:5b:91:36:61:5a:c7:dc:5a:93:07:ca:04:bc:07:06:4a:
b9:9b:31:fb:09:09:29:12:4e:f6:fa:15:ca:a3:8b:42:db:5c:
46:16:16:1d:28:cb:b2:8d:2f:17:8a:a4:5a:ad:4e:ac:b7:14:
c5:d5:91:a6:1e:26:19:f0:ee:a3:b4:7f:37:86:58:19:32:9b:
59:6a:6c:f8:8d:1f:73:0a:e7:b6:e0:6a:f9:ed:c2:5f:55:a4:
04:88:4f:cc:6e:b4:c7:2a:52:c0:45:41:d4:78:d9:69:dd:f5:
c8:ec:4b:1f:9b:5d:13:1a:5e:77:61:6b:7a:34:ad:06:3d:08:
92:5a:0c:f5:87:ed:15:24:f3:8c:b2:b3:59:30:15:7f:7e:93:
a3:f1:b8:94:ac:19:72:90:0b:54:1f:ba:d5:81:2c:5b:d5:fd:
8a:a2:1d:5d:fc:04:27:b3:09:52:5e:04:da:4a:fc:82:38:7f:
97:ce:3c:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZfEVejwBqBsANuGE50Yrv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjMwMjE3MTExMDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWMzNmNiZjE5MjkyZmEwZDdkM2ViYTk2OTRkMGY2YTc5Y2Y5ODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ/UssDSlme4D4264RIgJ0chZPDL
bCnRdKaJFv/jjkNcbJa8qTzGG0pJek7O62VOCDkRA4YvMZmuWvA9iY/3UWbzSFaA
8hj2Eo8TN4OMXh8w156YyfbAcHw4qKqrTHi8DgVpQhH/aGRP3HrTUV0LtXI3UKCM
+5TJ1DK7uS0ux1eGVqu6qGWaMdemeGbeQodVmb3znmYns+qP779uOBngBYA+OJX0
ps8JEQSDZjulX6sYKPVsb87t3srp8ZgoxpCrPWn3ZfPgBMQdQXg/ZT1fIb3z33DE
X58i4Fv2GyAxgg1nMkzZI6p2bzpFTz1Wl5iHD9eo2eIHLkumXu5LJ+cE/QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFrDbL8ZKS+g19PrqWlND2p5z5gxMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvV3NOc3Z4a3BMNkRYMC11cGFVMFBhbm5QbURFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGeAAg
AwcAKgIIUP/gMA0GCSqGSIb3DQEBCwUAA4IBAQARqR5aQujt8OuMmG6MoquFJuKy
17L40bedaYbawlZNZdXp2+yT/NMlGjxHdwfVWfOVKL24Jjw6UlxeNMrjuq+09zH/
pWCDR3uHwFuRNmFax9xakwfKBLwHBkq5mzH7CQkpEk72+hXKo4tC21xGFhYdKMuy
jS8XiqRarU6stxTF1ZGmHiYZ8O6jtH83hlgZMptZamz4jR9zCue24Gr57cJfVaQE
iE/MbrTHKlLARUHUeNlp3fXI7Esfm10TGl53YWt6NK0GPQiSWgz1h+0VJPOMsrNZ
MBV/fpOj8biUrBlykAtUH7rVgSxb1f2Koh1d/AQnswlSXgTaSvyCOH+XzjyR
-----END CERTIFICATE-----
Generated at Wed May 14 03:17:58 2025 by rpki-client