Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/wFmjUs_XDx3Wws8p2J0DQvH-GFY.roa
File: wFmjUs_XDx3Wws8p2J0DQvH-GFY.roa (raw, json)
Hash identifier: Yy8icZWwpqxN37TSCw3jNuJW4QhRLzJwASFZt/07SHg=
Subject key identifier: C0:59:A3:52:CF:D7:0F:1D:D6:C2:CF:29:D8:9D:03:42:F1:FE:18:56
Certificate issuer: /CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Certificate serial: 0188BA8476F911C12AD24B9E17B7EA7D9004
Authority key identifier: E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/wFmjUs_XDx3Wws8p2J0DQvH-GFY.roa
Signing time: Wed 14 Jun 2023 15:27:03 +0000
ROA not before: Wed 14 Jun 2023 15:27:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49910
IP address blocks: 185.174.36.0/22 maxlen: 24
45.13.24.0/24 maxlen: 24
77.232.224.0/19 maxlen: 24
2a12:9940::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:ba:84:76:f9:11:c1:2a:d2:4b:9e:17:b7:ea:7d:90:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4ff5bbf540c65954b9913a68c24d174de97d829
Validity
Not Before: Jun 14 15:27:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c059a352cfd70f1dd6c2cf29d89d0342f1fe1856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:65:4f:e3:87:ab:b9:9a:c0:42:04:a0:c3:70:
0d:17:36:70:34:97:ce:b5:93:8a:6d:02:89:87:ae:
1c:39:13:39:90:37:a6:08:60:91:9f:fb:66:d3:e1:
e6:ee:f1:22:9c:e8:8b:b5:dc:6d:72:56:8e:71:5d:
41:9a:ed:24:46:4e:d4:ac:b6:2a:9e:4a:b2:e5:8e:
64:4b:b9:12:84:db:3d:40:c3:97:83:44:40:cc:b8:
f1:91:a2:8f:7c:0f:e0:6a:00:24:a3:76:89:c6:13:
df:5b:12:ef:36:fa:10:d3:5a:b6:fa:ef:c8:0e:11:
17:9d:b5:3e:16:e5:99:24:25:bd:a9:9c:46:77:6c:
28:67:0b:4a:37:d6:a0:fd:2c:06:d6:42:31:5b:b1:
e7:0e:84:80:47:cc:87:12:bd:e5:29:d1:ef:1c:8b:
20:35:34:a1:11:be:40:36:00:b3:08:b8:5e:d8:a3:
28:cc:02:20:0a:3d:9c:97:f9:6e:40:38:5f:40:7d:
d5:3d:61:11:8e:a3:62:33:89:86:dd:a6:87:ad:22:
9c:f3:e4:3a:40:6f:b7:b3:b6:5d:e7:7c:88:c6:1c:
4d:91:49:6d:9e:5a:c5:c5:8d:af:c5:55:67:a3:e6:
9d:7a:74:87:29:3e:c4:76:9f:b9:f5:73:35:b6:0b:
e6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:59:A3:52:CF:D7:0F:1D:D6:C2:CF:29:D8:9D:03:42:F1:FE:18:56
X509v3 Authority Key Identifier:
keyid:E4:FF:5B:BF:54:0C:65:95:4B:99:13:A6:8C:24:D1:74:DE:97:D8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5P9bv1QMZZVLmROmjCTRdN6X2Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/wFmjUs_XDx3Wws8p2J0DQvH-GFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/4393e8-5f59-4d57-8198-5c0c46d04ee1/1/5P9bv1QMZZVLmROmjCTRdN6X2Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.24.0/24
77.232.224.0/19
185.174.36.0/22
IPv6:
2a12:9940::/29
Signature Algorithm: sha256WithRSAEncryption
77:96:51:c7:66:35:7d:ab:57:94:31:2f:27:74:35:ba:64:fd:
28:a6:d3:2f:a2:85:40:a6:25:c1:6c:84:a3:6e:b0:aa:76:ea:
fa:e4:db:e0:98:bd:b4:51:2f:be:7e:fe:ee:28:d1:74:4d:25:
c0:67:e4:06:7a:0f:23:b6:7f:99:b2:f1:df:c6:9c:bd:7f:24:
44:0c:08:62:55:c6:b2:37:c5:35:c5:9b:a4:c9:86:08:ad:36:
6e:3e:2b:02:ba:68:29:8e:35:3d:51:13:81:83:d9:95:ad:66:
38:69:19:a5:57:af:5c:50:c2:bc:a9:db:5f:83:8b:b3:61:38:
01:5e:d7:dc:b2:89:03:f2:82:0e:44:97:6e:83:d7:c5:ff:cd:
2f:33:0e:02:2c:69:95:14:13:09:aa:cb:46:63:62:89:66:ec:
5e:a9:0b:e4:dc:67:79:46:7a:5f:f3:56:1f:25:17:e7:06:53:
38:81:15:12:4b:87:47:0a:4b:2e:cb:8c:f0:1c:7c:7c:f1:42:
b6:83:90:5a:11:3a:d9:06:8c:f4:2a:70:4a:01:82:af:91:b2:
10:48:10:34:c8:3e:10:7a:a5:d6:ff:42:e8:f3:ea:47:ae:97:
2a:9b:e7:9d:d4:2a:aa:98:d3:90:e4:eb:21:97:e1:60:da:f6:
9f:88:0a:bf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYi6hHb5EcEq0kueF7fqfZAEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ZmY1YmJmNTQwYzY1OTU0Yjk5MTNhNjhjMjRkMTc0ZGU5
N2Q4MjkwHhcNMjMwNjE0MTUyNzAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDU5YTM1MmNmZDcwZjFkZDZjMmNmMjlkODlkMDM0MmYxZmUxODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWVP44eruZrAQgSgw3ANFzZwNJfO
tZOKbQKJh64cORM5kDemCGCRn/tm0+Hm7vEinOiLtdxtclaOcV1Bmu0kRk7UrLYq
nkqy5Y5kS7kShNs9QMOXg0RAzLjxkaKPfA/gagAko3aJxhPfWxLvNvoQ01q2+u/I
DhEXnbU+FuWZJCW9qZxGd2woZwtKN9ag/SwG1kIxW7HnDoSAR8yHEr3lKdHvHIsg
NTShEb5ANgCzCLhe2KMozAIgCj2cl/luQDhfQH3VPWERjqNiM4mG3aaHrSKc8+Q6
QG+3s7Zd53yIxhxNkUltnlrFxY2vxVVno+adenSHKT7Edp+59XM1tgvmxQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFMBZo1LP1w8d1sLPKdidA0Lx/hhWMB8GA1UdIwQY
MBaAFOT/W79UDGWVS5kTpowk0XTel9gpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgt
NWMwYzQ2ZDA0ZWUxLzEvd0ZtalVzX1hEeDNXd3M4cDJKMERRdkgtR0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC80MzkzZTgtNWY1OS00ZDU3LTgxOTgtNWMwYzQ2ZDA0ZWUx
LzEvNVA5YnYxUU1aWlZMbVJPbWpDVFJkTjZYMkNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQALQ0YAwQF
TejgAwQCua4kMA0EAgACMAcDBQMqEplAMA0GCSqGSIb3DQEBCwUAA4IBAQB3llHH
ZjV9q1eUMS8ndDW6ZP0optMvooVApiXBbISjbrCqdur65NvgmL20US++fv7uKNF0
TSXAZ+QGeg8jtn+ZsvHfxpy9fyREDAhiVcayN8U1xZukyYYIrTZuPisCumgpjjU9
UROBg9mVrWY4aRmlV69cUMK8qdtfg4uzYTgBXtfcsokD8oIORJdug9fF/80vMw4C
LGmVFBMJqstGY2KJZuxeqQvk3Gd5Rnpf81YfJRfnBlM4gRUSS4dHCksuy4zwHHx8
8UK2g5BaETrZBoz0KnBKAYKvkbIQSBA0yD4QeqXW/0Lo8+pHrpcqm+ed1CqqmNOQ
5Oshl+Fg2vafiAq/
-----END CERTIFICATE-----
Generated at Mon May 12 04:20:11 2025 by rpki-client