Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/w-HNx0-DxlLeXKRMOZp2gfxdjbw.roa
File: w-HNx0-DxlLeXKRMOZp2gfxdjbw.roa (raw, json)
Hash identifier: 3Zhn0klxM+/yWVn/3y/3Up0PInIS4Wz4QXvLoV/OCbE=
Subject key identifier: C3:E1:CD:C7:4F:83:C6:52:DE:5C:A4:4C:39:9A:76:81:FC:5D:8D:BC
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 018637A383FE244168FD1BC0A2D0E317FE54
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/w-HNx0-DxlLeXKRMOZp2gfxdjbw.roa
Signing time: Thu 09 Feb 2023 19:25:08 +0000
ROA not before: Thu 09 Feb 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.128.0/21 maxlen: 21
185.173.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:37:a3:83:fe:24:41:68:fd:1b:c0:a2:d0:e3:17:fe:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 9 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c3e1cdc74f83c652de5ca44c399a7681fc5d8dbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ce:8d:11:28:ac:8c:af:59:59:84:fa:73:cf:
ab:da:10:dd:30:4f:5b:06:fa:e2:4d:20:97:6e:9f:
53:1e:6f:cf:c4:a4:5b:cd:95:07:7a:8d:60:d7:47:
b4:bf:a8:05:7c:3d:d7:94:66:63:fe:6f:43:82:27:
9a:13:71:dd:21:17:2e:05:cc:29:46:06:3f:4c:c5:
0d:ef:36:2c:83:8a:17:77:5d:56:24:15:08:90:ec:
c3:d8:65:f0:c4:8e:37:05:28:65:f3:46:61:4f:97:
67:a8:d7:82:97:38:96:3c:b9:89:d7:23:b2:55:4c:
fa:16:f0:d4:78:3d:64:45:5a:6c:13:53:21:ea:eb:
41:1f:b8:08:6a:02:b9:d0:65:4f:ff:91:14:db:b2:
e0:c3:c5:35:f9:41:99:14:d7:6e:29:52:b9:1c:97:
7b:10:bd:7a:5f:6b:8a:f4:18:88:5a:90:16:66:ed:
75:c5:f2:2e:6b:1d:b8:b7:5b:26:e1:2f:82:87:17:
58:9e:0b:c1:8b:69:a3:44:c4:d5:63:6e:ef:9d:cd:
ec:16:43:44:b5:4c:4b:38:3b:f6:62:86:8c:96:e6:
e2:8b:c5:12:9f:b2:ab:92:d5:19:40:3a:11:2d:17:
62:fa:a9:2b:16:80:84:a7:26:47:e7:05:f0:e6:b2:
33:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:E1:CD:C7:4F:83:C6:52:DE:5C:A4:4C:39:9A:76:81:FC:5D:8D:BC
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/w-HNx0-DxlLeXKRMOZp2gfxdjbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
64:15:c2:36:8f:05:fc:bc:35:30:c4:29:1b:f3:94:21:a2:a7:
b4:b1:d2:8c:f4:dc:6a:db:48:8b:31:52:0e:63:57:0b:55:e9:
f1:32:0a:d1:61:fa:cd:90:27:c1:38:bf:a6:7a:11:75:c4:e3:
6c:17:5a:24:3b:a3:2d:a7:29:79:a1:a7:72:9c:65:db:a8:e2:
2f:21:01:2f:e4:22:13:5e:95:c5:bf:22:18:4a:9b:33:2f:0f:
51:39:85:b4:a2:3b:5f:6a:e4:d6:c4:84:bc:9f:13:a8:18:68:
97:f9:96:f5:d0:9c:fe:30:6e:4c:f5:79:60:9c:32:dd:71:de:
44:09:5c:66:e9:7f:02:eb:95:5a:76:41:2d:23:a2:b7:ae:66:
b8:2c:c7:18:28:c1:14:b8:17:eb:45:11:6c:35:4f:4a:88:3f:
19:f3:18:b0:5b:dd:be:a1:08:6c:8d:41:2b:14:93:cb:79:60:
e0:e7:81:34:3b:4e:03:02:4b:13:71:47:03:15:08:11:cf:46:
5a:6f:bc:2f:09:67:1e:f1:d9:f7:bc:b3:c9:2a:32:7c:1d:04:
d3:8b:1e:e6:32:1e:1b:07:de:a0:61:5b:82:c9:a7:48:b2:98:
d0:93:31:80:0f:1c:60:40:28:42:83:55:00:56:7a:a1:d9:94:
a4:35:82:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYY3o4P+JEFo/RvAotDjF/5UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjMwMjA5MTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2UxY2RjNzRmODNjNjUyZGU1Y2E0NGMzOTlhNzY4MWZjNWQ4ZGJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAks6NESisjK9ZWYT6c8+r2hDdME9b
BvriTSCXbp9THm/PxKRbzZUHeo1g10e0v6gFfD3XlGZj/m9DgieaE3HdIRcuBcwp
RgY/TMUN7zYsg4oXd11WJBUIkOzD2GXwxI43BShl80ZhT5dnqNeClziWPLmJ1yOy
VUz6FvDUeD1kRVpsE1Mh6utBH7gIagK50GVP/5EU27Lgw8U1+UGZFNduKVK5HJd7
EL16X2uK9BiIWpAWZu11xfIuax24t1sm4S+ChxdYngvBi2mjRMTVY27vnc3sFkNE
tUxLODv2YoaMlubii8USn7KrktUZQDoRLRdi+qkrFoCEpyZH5wXw5rIzJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMPhzcdPg8ZS3lykTDmadoH8XY28MB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvdy1ITngwLUR4bExlWEtSTU9acDJnZnhkamJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWWuAAwQA
ua2cAwQBua2eMA0GCSqGSIb3DQEBCwUAA4IBAQBkFcI2jwX8vDUwxCkb85Qhoqe0
sdKM9Nxq20iLMVIOY1cLVenxMgrRYfrNkCfBOL+mehF1xONsF1okO6Mtpyl5oady
nGXbqOIvIQEv5CITXpXFvyIYSpszLw9ROYW0ojtfauTWxIS8nxOoGGiX+Zb10Jz+
MG5M9XlgnDLdcd5ECVxm6X8C65VadkEtI6K3rma4LMcYKMEUuBfrRRFsNU9KiD8Z
8xiwW92+oQhsjUErFJPLeWDg54E0O04DAksTcUcDFQgRz0Zab7wvCWce8dn3vLPJ
KjJ8HQTTix7mMh4bB96gYVuCyadIspjQkzGADxxgQChCg1UAVnqh2ZSkNYLU
-----END CERTIFICATE-----
Generated at Wed May 14 20:38:25 2025 by rpki-client