Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/WXKqJpCbgJwfjvH-NmJ2t-SLn64.roa
File: WXKqJpCbgJwfjvH-NmJ2t-SLn64.roa (raw, json)
Hash identifier: VaAbepSq7D0giLjK6E6Tkemu/IKpCR0X+ia45v+0jgU=
Subject key identifier: 59:72:AA:26:90:9B:80:9C:1F:8E:F1:FE:36:62:76:B7:E4:8B:9F:AE
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 018B66F8B04C740C2D9190E1F4E3D50FCBA3
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/WXKqJpCbgJwfjvH-NmJ2t-SLn64.roa
Signing time: Wed 25 Oct 2023 13:14:15 +0000
ROA not before: Wed 25 Oct 2023 13:14:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212212
IP address blocks: 151.248.70.0/23 maxlen: 23
195.54.54.0/24 maxlen: 24
195.54.55.0/24 maxlen: 24
91.239.164.0/23 maxlen: 23
91.242.48.0/23 maxlen: 23
91.242.50.0/23 maxlen: 23
91.239.166.0/23 maxlen: 23
194.107.122.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:66:f8:b0:4c:74:0c:2d:91:90:e1:f4:e3:d5:0f:cb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Oct 25 13:14:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5972aa26909b809c1f8ef1fe366276b7e48b9fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:53:ea:44:48:d1:9e:d8:43:13:e0:8e:7a:3c:
e1:f2:73:51:0f:cf:76:3c:80:0e:27:80:db:41:52:
f8:4e:f6:9a:57:33:69:b4:3e:26:03:a8:14:55:20:
40:fd:20:6b:0a:4a:84:5f:3f:7e:b5:02:8b:b8:6b:
23:49:a7:8f:05:75:9f:f3:5b:4a:25:d4:dc:ee:1a:
72:83:63:b1:1e:92:f2:15:98:cb:bc:2f:53:65:15:
ca:05:fb:6e:85:32:59:38:54:48:4f:55:be:c7:ab:
64:6e:e6:a4:b0:b4:17:e8:74:73:72:a4:e1:22:7c:
4a:77:17:0a:3e:9b:ec:13:fe:ae:31:48:ca:2f:0d:
2c:0a:fc:e5:c2:8f:77:0c:c6:ab:42:4e:cc:97:69:
0a:2c:ce:32:d3:48:a5:3c:4c:de:5d:d7:9d:72:f2:
d7:f8:32:2f:34:5c:8c:43:7d:78:b1:23:a4:c5:6e:
cc:9b:c4:2a:4c:da:0f:12:52:92:8d:0e:ed:9d:d3:
2c:cf:b2:7b:77:e2:bf:bf:db:65:cf:91:e2:90:bb:
71:9d:83:36:9c:2a:43:9b:09:8c:38:73:47:fa:d1:
5f:50:8d:e7:61:5b:fc:9f:65:64:3b:0f:06:cf:18:
84:90:16:e9:75:e2:43:c2:c7:bf:ab:f3:ee:c6:cb:
0c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:72:AA:26:90:9B:80:9C:1F:8E:F1:FE:36:62:76:B7:E4:8B:9F:AE
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/WXKqJpCbgJwfjvH-NmJ2t-SLn64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.164.0/22
91.242.48.0/22
151.248.70.0/23
194.107.122.0/24
195.54.54.0/23
Signature Algorithm: sha256WithRSAEncryption
67:3e:c6:63:fc:70:c5:18:0c:76:0e:14:34:95:1f:b2:04:52:
ee:e1:2a:1e:83:49:b7:f9:17:c9:66:59:d0:8e:e7:ae:f3:50:
ad:2e:7a:3c:64:ac:a7:c5:f2:3b:f5:6e:3f:60:08:be:9e:b4:
5c:18:a9:29:6f:e9:04:d4:d9:e9:67:b2:b2:20:54:f8:76:98:
43:00:ec:cf:48:de:f7:00:02:ed:b1:c8:11:ff:24:f3:b8:97:
85:9a:56:dc:a0:b8:41:2a:44:41:e5:d5:dc:b2:43:18:fd:26:
3e:28:ae:ff:4a:87:88:8d:c8:dd:f1:99:1c:18:50:0e:32:01:
41:e3:85:d6:12:e5:d2:85:8e:1e:10:a4:a6:cf:23:db:e2:f9:
74:1f:1f:86:9a:9b:86:d6:8d:70:1b:ca:a1:f7:b2:c2:3f:6f:
20:a2:a7:b1:a3:a1:48:c7:79:7b:13:cf:ce:25:5e:fa:ed:02:
e4:c0:66:9e:13:ac:21:cd:9e:c7:35:87:4f:e0:2c:63:64:d0:
5f:06:f4:e9:66:a3:5d:b8:fe:fe:ae:87:70:b5:90:2d:f4:a4:
5a:7c:77:7c:c4:aa:a5:83:10:dc:02:3e:3c:87:78:fa:8b:ab:
1a:b2:1c:57:d8:7e:3b:20:07:19:06:e0:a7:6b:1a:e9:0e:4a:
d7:03:20:5f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYtm+LBMdAwtkZDh9OPVD8ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjMxMDI1MTMxNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTcyYWEyNjkwOWI4MDljMWY4ZWYxZmUzNjYyNzZiN2U0OGI5ZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1PqREjRnthDE+COejzh8nNRD892
PIAOJ4DbQVL4TvaaVzNptD4mA6gUVSBA/SBrCkqEXz9+tQKLuGsjSaePBXWf81tK
JdTc7hpyg2OxHpLyFZjLvC9TZRXKBftuhTJZOFRIT1W+x6tkbuaksLQX6HRzcqTh
InxKdxcKPpvsE/6uMUjKLw0sCvzlwo93DMarQk7Ml2kKLM4y00ilPEzeXdedcvLX
+DIvNFyMQ314sSOkxW7Mm8QqTNoPElKSjQ7tndMsz7J7d+K/v9tlz5HikLtxnYM2
nCpDmwmMOHNH+tFfUI3nYVv8n2VkOw8GzxiEkBbpdeJDwse/q/PuxssM8QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFlyqiaQm4CcH47x/jZidrfki5+uMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvV1hLcUpwQ2JnSndmanZILU5tSjJ0LVNMbjY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW++kAwQC
W/IwAwQBl/hGAwQAwmt6AwQBwzY2MA0GCSqGSIb3DQEBCwUAA4IBAQBnPsZj/HDF
GAx2DhQ0lR+yBFLu4Soeg0m3+RfJZlnQjueu81CtLno8ZKynxfI79W4/YAi+nrRc
GKkpb+kE1NnpZ7KyIFT4dphDAOzPSN73AALtscgR/yTzuJeFmlbcoLhBKkRB5dXc
skMY/SY+KK7/SoeIjcjd8ZkcGFAOMgFB44XWEuXShY4eEKSmzyPb4vl0Hx+GmpuG
1o1wG8qh97LCP28goqexo6FIx3l7E8/OJV767QLkwGaeE6whzZ7HNYdP4CxjZNBf
BvTpZqNduP7+rodwtZAt9KRafHd8xKqlgxDcAj48h3j6i6sashxX2H47IAcZBuCn
axrpDkrXAyBf
-----END CERTIFICATE-----
Generated at Wed May 14 14:11:26 2025 by rpki-client