Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/wcAptUywdykJy1YnG5DCaICNtmo.roa
File: wcAptUywdykJy1YnG5DCaICNtmo.roa (raw, json)
Hash identifier: W0z91g3qxg9MYFRxNly35LGCmJq5AGXKuHoLTBC7Jew=
Subject key identifier: C1:C0:29:B5:4C:B0:77:29:09:CB:56:27:1B:90:C2:68:80:8D:B6:6A
Certificate issuer: /CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Certificate serial: 01878EC3600AAD5E0E2C7C2F2728CA338E77
Authority key identifier: AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/wcAptUywdykJy1YnG5DCaICNtmo.roa
Signing time: Mon 17 Apr 2023 10:29:41 +0000
ROA not before: Mon 17 Apr 2023 10:29:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59422
IP address blocks: 5.149.96.0/24 maxlen: 24
5.149.110.0/24 maxlen: 24
5.149.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:c3:60:0a:ad:5e:0e:2c:7c:2f:27:28:ca:33:8e:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aee08d9336f2e6cd165eb730297fe6d20c83c39a
Validity
Not Before: Apr 17 10:29:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c1c029b54cb0772909cb56271b90c268808db66a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:59:7d:39:4d:b1:94:3a:c5:ba:a4:07:a8:78:
bc:9b:8a:c6:2a:99:b3:51:22:87:1d:0d:85:42:5d:
33:a5:ab:2f:26:1c:35:e8:e0:5d:b0:99:21:38:21:
40:f8:38:a8:c5:f2:89:fc:af:a7:27:ad:39:69:7a:
f4:65:18:27:cb:fc:a5:b4:42:e7:9d:36:fd:68:83:
f8:2d:20:99:68:e9:f9:e7:c7:ad:6b:52:ab:bc:ca:
39:79:5b:99:94:2b:1c:a2:6e:12:ce:be:82:21:52:
de:e5:6f:ba:09:a0:f2:36:09:c9:70:96:67:b3:36:
b3:65:3c:20:53:fc:55:e6:89:21:da:3e:f3:89:8e:
51:68:26:7e:8b:c6:44:af:47:d3:4b:a8:ca:a6:af:
7b:66:1d:04:39:33:2e:fe:6d:ce:a8:bc:a0:81:25:
2d:9b:83:6d:e6:50:e0:2a:60:e9:7a:a7:ab:02:0a:
38:96:3d:32:12:28:71:af:3a:bd:73:f9:4e:c1:d7:
92:e4:ce:02:95:8c:71:ab:01:10:7b:ac:8f:54:fe:
e9:ee:90:1c:80:39:5c:8d:4f:01:78:f2:65:75:1a:
45:1b:99:97:eb:d0:dd:e2:db:88:24:c2:19:a3:9c:
50:76:f4:5e:ca:22:05:e5:b5:0b:06:a4:6a:85:f0:
15:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:C0:29:B5:4C:B0:77:29:09:CB:56:27:1B:90:C2:68:80:8D:B6:6A
X509v3 Authority Key Identifier:
keyid:AE:E0:8D:93:36:F2:E6:CD:16:5E:B7:30:29:7F:E6:D2:0C:83:C3:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ruCNkzby5s0WXrcwKX_m0gyDw5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/wcAptUywdykJy1YnG5DCaICNtmo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/f853f8-2071-49de-b6a0-497bedd71eb9/1/ruCNkzby5s0WXrcwKX_m0gyDw5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.96.0/24
5.149.107.0/24
5.149.110.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:6e:4d:77:be:7c:0b:ab:a0:10:e4:cc:2e:55:36:7d:60:67:
00:17:f2:41:b3:b5:8f:d5:52:3e:41:44:e4:e0:71:bc:7d:c8:
06:ae:c9:05:1d:1d:2d:1d:5b:e6:8f:c7:bf:d9:d2:70:bb:f0:
2d:d0:f9:84:aa:5e:f4:40:7b:f1:1c:1c:77:82:de:31:32:25:
e2:c5:6d:a3:bb:ac:b6:35:2e:24:08:40:4f:77:bd:e7:56:20:
95:29:9c:78:d8:02:62:7d:16:89:80:9d:ac:4d:b9:2d:46:71:
d0:f1:53:47:a7:b2:b2:58:44:00:f9:59:a9:fc:83:82:fa:49:
f5:bb:2b:22:62:1a:a8:70:56:00:e6:6d:30:51:bc:39:af:e7:
6d:2e:33:84:c6:05:f5:da:ce:71:78:d6:e2:19:8f:d0:da:18:
56:9b:8a:ba:c2:85:19:cf:c4:4d:b3:71:28:b7:00:e4:8b:8f:
ee:42:3f:cd:46:e4:e8:f0:2d:36:b5:89:cb:2d:86:09:95:21:
14:d5:16:87:d2:1f:e2:7a:93:5b:75:fb:98:42:29:26:67:a6:
83:34:55:db:1f:a1:50:6f:20:9d:ae:e3:79:24:4d:c4:31:75:
2d:7f:d5:d5:7e:0c:40:9c:76:f1:66:8c:4f:0c:b6:9d:46:60:
af:fd:0e:98
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYeOw2AKrV4OLHwvJyjKM453MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZTA4ZDkzMzZmMmU2Y2QxNjVlYjczMDI5N2ZlNmQyMGM4
M2MzOWEwHhcNMjMwNDE3MTAyOTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWMwMjliNTRjYjA3NzI5MDljYjU2MjcxYjkwYzI2ODgwOGRiNjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFl9OU2xlDrFuqQHqHi8m4rGKpmz
USKHHQ2FQl0zpasvJhw16OBdsJkhOCFA+DioxfKJ/K+nJ605aXr0ZRgny/yltELn
nTb9aIP4LSCZaOn558eta1KrvMo5eVuZlCscom4Szr6CIVLe5W+6CaDyNgnJcJZn
szazZTwgU/xV5okh2j7ziY5RaCZ+i8ZEr0fTS6jKpq97Zh0EOTMu/m3OqLyggSUt
m4Nt5lDgKmDpeqerAgo4lj0yEihxrzq9c/lOwdeS5M4ClYxxqwEQe6yPVP7p7pAc
gDlcjU8BePJldRpFG5mX69Dd4tuIJMIZo5xQdvReyiIF5bULBqRqhfAVqQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMHAKbVMsHcpCctWJxuQwmiAjbZqMB8GA1UdIwQY
MBaAFK7gjZM28ubNFl63MCl/5tIMg8OaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAt
NDk3YmVkZDcxZWI5LzEvd2NBcHRVeXdkeWtKeTFZbkc1RENhSUNOdG1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9mODUzZjgtMjA3MS00OWRlLWI2YTAtNDk3YmVkZDcxZWI5
LzEvcnVDTmt6Ynk1czBXWHJjd0tYX20wZ3lEdzVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZVgAwQA
BZVrAwQABZVuMA0GCSqGSIb3DQEBCwUAA4IBAQB9bk13vnwLq6AQ5MwuVTZ9YGcA
F/JBs7WP1VI+QUTk4HG8fcgGrskFHR0tHVvmj8e/2dJwu/At0PmEql70QHvxHBx3
gt4xMiXixW2ju6y2NS4kCEBPd73nViCVKZx42AJifRaJgJ2sTbktRnHQ8VNHp7Ky
WEQA+Vmp/IOC+kn1uysiYhqocFYA5m0wUbw5r+dtLjOExgX12s5xeNbiGY/Q2hhW
m4q6woUZz8RNs3EotwDki4/uQj/NRuTo8C02tYnLLYYJlSEU1RaH0h/iepNbdfuY
QikmZ6aDNFXbH6FQbyCdruN5JE3EMXUtf9XVfgxAnHbxZoxPDLadRmCv/Q6Y
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:55:24 2025 by rpki-client