Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/WixStmXrhcmhwhPhnIo8HmZmWh0.roa
File: WixStmXrhcmhwhPhnIo8HmZmWh0.roa (raw, json)
Hash identifier: /I4mVdeQ4gOJsnUrxBefevZuVsWEZf4YpGSO7NqtZA4=
Subject key identifier: 5A:2C:52:B6:65:EB:85:C9:A1:C2:13:E1:9C:8A:3C:1E:66:66:5A:1D
Certificate issuer: /CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Certificate serial: 018819F9A2164020DAA46432769A3632ACB1
Authority key identifier: 27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/WixStmXrhcmhwhPhnIo8HmZmWh0.roa
Signing time: Sun 14 May 2023 11:16:10 +0000
ROA not before: Sun 14 May 2023 11:16:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42337
IP address blocks: 2.188.40.0/21 maxlen: 24
78.39.155.0/24 maxlen: 24
78.39.156.0/24 maxlen: 24
78.39.153.0/24 maxlen: 24
2.189.160.0/21 maxlen: 24
2.189.168.0/21 maxlen: 24
2.188.72.0/22 maxlen: 24
78.38.246.0/24 maxlen: 24
78.38.243.0/24 maxlen: 24
2.188.225.0/24 maxlen: 24
2.188.224.0/20 maxlen: 24
2.188.232.0/23 maxlen: 23
2.188.234.0/24 maxlen: 24
2.188.236.0/23 maxlen: 23
2.188.240.0/20 maxlen: 24
2.188.164.0/22 maxlen: 22
2.188.160.0/22 maxlen: 22
2.188.165.0/24 maxlen: 24
2.188.161.0/24 maxlen: 24
2.188.160.0/21 maxlen: 24
2.188.176.0/23 maxlen: 23
2.188.192.0/19 maxlen: 24
2.189.80.0/21 maxlen: 24
2.189.88.0/21 maxlen: 24
78.39.40.0/24 maxlen: 24
78.39.43.0/24 maxlen: 24
78.39.50.0/24 maxlen: 24
78.39.46.0/24 maxlen: 24
78.39.49.0/24 maxlen: 24
78.39.48.0/24 maxlen: 24
78.39.51.0/24 maxlen: 24
78.39.47.0/24 maxlen: 24
78.39.58.0/24 maxlen: 24
78.39.54.0/24 maxlen: 24
78.39.57.0/24 maxlen: 24
78.39.53.0/24 maxlen: 24
78.39.56.0/24 maxlen: 24
78.39.55.0/24 maxlen: 24
78.39.62.0/23 maxlen: 24
78.39.59.0/24 maxlen: 24
2.189.48.0/21 maxlen: 24
2.189.64.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:19:f9:a2:16:40:20:da:a4:64:32:76:9a:36:32:ac:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a39e4794c34612e7f22569b1a6a81710260ae5
Validity
Not Before: May 14 11:16:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5a2c52b665eb85c9a1c213e19c8a3c1e66665a1d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a1:0c:86:a6:17:d0:61:fe:9d:8b:d4:b0:29:
99:02:44:eb:d5:46:d8:d8:8e:b1:5c:61:26:67:3f:
1b:b5:0a:11:2a:83:3d:b0:9f:db:59:de:ba:35:8d:
17:9a:92:63:ce:d6:d7:78:62:1d:6b:12:c7:e3:8a:
18:70:2c:21:40:f4:48:62:fc:27:51:94:93:22:14:
a9:93:c0:98:20:8a:a8:a7:3c:f7:67:b3:28:be:50:
f1:d6:d4:2a:a8:9a:0b:30:39:13:c2:69:f8:06:ef:
d2:4a:ca:8b:ad:7e:8d:16:6c:1f:d4:a1:12:9f:02:
58:f3:4b:84:52:33:c2:2b:ab:a7:54:9a:e1:f7:bf:
fa:e8:58:20:d5:49:6a:66:a6:51:41:dd:6b:d9:78:
c1:53:bd:b0:63:64:1a:91:1c:38:6e:16:8b:e5:8f:
d9:0a:7f:d7:20:e3:f3:f0:28:f9:a5:63:ab:61:51:
cf:88:88:2c:d3:01:fb:7f:86:25:01:12:61:0d:69:
3a:33:0c:76:e5:e9:53:27:b2:51:fd:42:8e:fb:1b:
4c:51:af:64:64:37:7d:c8:f9:75:93:26:f7:5f:a1:
b2:8c:46:0c:4c:86:09:8d:3e:c5:b8:c6:8c:9b:df:
54:bd:0b:29:fc:92:f8:31:96:d1:39:81:3b:fe:00:
2b:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2C:52:B6:65:EB:85:C9:A1:C2:13:E1:9C:8A:3C:1E:66:66:5A:1D
X509v3 Authority Key Identifier:
keyid:27:A3:9E:47:94:C3:46:12:E7:F2:25:69:B1:A6:A8:17:10:26:0A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6OeR5TDRhLn8iVpsaaoFxAmCuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/WixStmXrhcmhwhPhnIo8HmZmWh0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/38fc33-06c1-4006-9e23-f74d9518576c/1/J6OeR5TDRhLn8iVpsaaoFxAmCuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.188.40.0/21
2.188.72.0/22
2.188.160.0/21
2.188.176.0/23
2.188.192.0/18
2.189.48.0/21
2.189.64.0/22
2.189.80.0/20
2.189.160.0/20
78.38.243.0/24
78.38.246.0/24
78.39.40.0/24
78.39.43.0/24
78.39.46.0-78.39.51.255
78.39.53.0-78.39.59.255
78.39.62.0/23
78.39.153.0/24
78.39.155.0-78.39.156.255
Signature Algorithm: sha256WithRSAEncryption
19:3f:ca:81:b9:2c:a1:c3:88:72:90:6b:72:fb:50:66:c0:4c:
4e:c8:2b:92:d7:c6:3e:60:c6:a1:be:94:33:ac:63:7f:bd:a8:
0f:93:57:a9:c7:c0:7f:28:d2:4e:94:e9:38:69:58:d8:f5:60:
00:42:9f:5d:0d:36:74:79:4c:01:90:bd:70:7a:16:0d:7c:67:
4d:05:54:7e:77:35:ce:95:3e:d2:ad:f4:6f:ed:23:3c:cb:12:
ee:d0:87:e4:dd:88:e3:62:e3:71:0b:09:fe:f4:f8:24:48:84:
a1:4f:22:83:b9:f7:1d:5c:79:69:66:da:49:c7:9f:9d:09:8f:
33:cf:fc:8b:18:fa:d9:35:bd:11:b4:dd:3e:42:a1:f9:1b:a0:
7e:ae:c8:46:1e:a1:58:e0:4c:25:a6:58:d5:50:41:3b:b0:5a:
13:09:ef:2b:34:3a:72:c4:55:7f:f6:70:c6:69:22:31:68:9f:
f4:7d:46:3d:3a:ee:d8:28:5a:54:7d:a5:87:4e:77:3c:86:66:
a8:4f:02:b0:36:c0:65:cf:2e:09:a9:cd:91:97:39:9d:88:73:
15:0e:03:5a:34:0b:fa:74:6d:a1:55:90:e2:f0:c6:41:52:80:
28:05:0e:25:7a:b2:9a:cf:35:53:4d:44:bb:d1:b3:2b:4b:11:
c8:ca:b7:89
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAYgZ+aIWQCDapGQydpo2MqyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTM5ZTQ3OTRjMzQ2MTJlN2YyMjU2OWIxYTZhODE3MTAy
NjBhZTUwHhcNMjMwNTE0MTExNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJjNTJiNjY1ZWI4NWM5YTFjMjEzZTE5YzhhM2MxZTY2NjY1YTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuaEMhqYX0GH+nYvUsCmZAkTr1UbY
2I6xXGEmZz8btQoRKoM9sJ/bWd66NY0XmpJjztbXeGIdaxLH44oYcCwhQPRIYvwn
UZSTIhSpk8CYIIqopzz3Z7MovlDx1tQqqJoLMDkTwmn4Bu/SSsqLrX6NFmwf1KES
nwJY80uEUjPCK6unVJrh97/66Fgg1UlqZqZRQd1r2XjBU72wY2QakRw4bhaL5Y/Z
Cn/XIOPz8Cj5pWOrYVHPiIgs0wH7f4YlARJhDWk6Mwx25elTJ7JR/UKO+xtMUa9k
ZDd9yPl1kyb3X6GyjEYMTIYJjT7FuMaMm99UvQsp/JL4MZbROYE7/gArjwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFFosUrZl64XJocIT4ZyKPB5mZlodMB8GA1UdIwQY
MBaAFCejnkeUw0YS5/IlabGmqBcQJgrlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMt
Zjc0ZDk1MTg1NzZjLzEvV2l4U3RtWHJoY21od2hQaG5JbzhIbVptV2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8zOGZjMzMtMDZjMS00MDA2LTllMjMtZjc0ZDk1MTg1NzZj
LzEvSjZPZVI1VERSaExuOGlWcHNhYW9GeEFtQ3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAMC
vCgDBAICvEgDBAMCvKADBAECvLADBAYCvMADBAMCvTADBAICvUADBAQCvVADBAQC
vaADBABOJvMDBABOJvYDBABOJygDBABOJyswDAMEAU4nLgMEAk4nMDAMAwQATic1
AwQCTic4AwQBTic+AwQATieZMAwDBABOJ5sDBABOJ5wwDQYJKoZIhvcNAQELBQAD
ggEBABk/yoG5LKHDiHKQa3L7UGbATE7IK5LXxj5gxqG+lDOsY3+9qA+TV6nHwH8o
0k6U6ThpWNj1YABCn10NNnR5TAGQvXB6Fg18Z00FVH53Nc6VPtKt9G/tIzzLEu7Q
h+TdiONi43ELCf70+CRIhKFPIoO59x1ceWlm2knHn50JjzPP/IsY+tk1vRG03T5C
ofkboH6uyEYeoVjgTCWmWNVQQTuwWhMJ7ys0OnLEVX/2cMZpIjFon/R9Rj067tgo
WlR9pYdOdzyGZqhPArA2wGXPLgmpzZGXOZ2IcxUOA1o0C/p0baFVkOLwxkFSgCgF
DiV6sprPNVNNRLvRsytLEcjKt4k=
-----END CERTIFICATE-----
Generated at Wed Apr 30 02:47:45 2025 by rpki-client