Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/wvT3PcmH8wto64btAd7D5ZC09VY.roa
File: wvT3PcmH8wto64btAd7D5ZC09VY.roa (raw, json)
Hash identifier: mF6W9C5k9+cyCfuZbSvTU42nERTclGadP4GeeUTHjtw=
Subject key identifier: C2:F4:F7:3D:C9:87:F3:0B:68:EB:86:ED:01:DE:C3:E5:90:B4:F5:56
Certificate issuer: /CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Certificate serial: 01878EBFB6555A689EBB605CCE072C3BCAFC
Authority key identifier: 34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/wvT3PcmH8wto64btAd7D5ZC09VY.roa
Signing time: Mon 17 Apr 2023 10:25:41 +0000
ROA not before: Mon 17 Apr 2023 10:25:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25540
IP address blocks: 185.12.0.0/22 maxlen: 22
185.120.176.0/22 maxlen: 22
77.81.49.0/24 maxlen: 24
130.93.0.0/17 maxlen: 17
185.137.72.0/22 maxlen: 22
130.93.128.0/18 maxlen: 22
193.84.89.0/24 maxlen: 24
45.81.212.0/22 maxlen: 22
185.9.248.0/22 maxlen: 22
185.133.128.0/22 maxlen: 22
185.122.160.0/22 maxlen: 22
2a02:ec00::/29 maxlen: 29
2a0e:4180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:8e:bf:b6:55:5a:68:9e:bb:60:5c:ce:07:2c:3b:ca:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345fb3feb15c03c4d34d9ff444d9ad7e30067208
Validity
Not Before: Apr 17 10:25:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c2f4f73dc987f30b68eb86ed01dec3e590b4f556
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ca:7a:e7:3e:d4:53:4b:c3:97:f1:87:0f:b7:
32:4c:ea:b5:d4:0d:c9:f8:a8:cb:40:2a:65:0f:79:
1c:f1:28:27:90:e4:45:b5:a4:f0:f4:50:7a:18:5a:
00:85:9d:b3:59:ff:a5:16:a0:c0:47:bb:44:e3:da:
45:0a:f6:a2:fd:0f:7a:b3:96:bc:0c:93:07:4f:90:
9b:82:b7:fd:9e:bc:8e:3f:6b:4f:df:b1:d3:76:6b:
d4:9b:5f:8f:bb:ed:78:12:64:5f:e8:c4:f2:f5:cf:
14:99:58:68:f9:69:e5:d0:1a:ee:35:ed:00:4f:2c:
c4:f1:ff:69:24:17:0b:58:cf:b0:8b:c7:8a:9a:4b:
83:31:7d:c3:71:d1:0b:1b:f8:6e:40:df:b2:f6:08:
cd:b4:7e:0b:e4:a2:34:d7:d7:07:bf:ea:47:1f:b7:
82:f3:45:cb:65:0c:1b:9e:b3:39:21:5a:f9:e7:ff:
b7:9e:27:a6:b1:1c:4e:68:4d:f2:23:21:cf:67:2c:
4a:4a:a6:48:15:51:93:59:29:a5:c2:5f:0c:25:6a:
fc:74:77:cb:c9:b2:f7:70:8d:84:87:b9:dc:e2:37:
46:96:25:52:90:b4:13:f5:e1:ef:a1:f7:44:36:11:
f8:b7:39:54:81:55:85:8b:9d:94:22:ae:9e:5f:7d:
29:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:F4:F7:3D:C9:87:F3:0B:68:EB:86:ED:01:DE:C3:E5:90:B4:F5:56
X509v3 Authority Key Identifier:
keyid:34:5F:B3:FE:B1:5C:03:C4:D3:4D:9F:F4:44:D9:AD:7E:30:06:72:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/wvT3PcmH8wto64btAd7D5ZC09VY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/a442c5-d14f-429f-a515-bc54b1211b60/1/NF-z_rFcA8TTTZ_0RNmtfjAGcgg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.212.0/22
77.81.49.0/24
130.93.0.0-130.93.191.255
185.9.248.0/22
185.12.0.0/22
185.120.176.0/22
185.122.160.0/22
185.133.128.0/22
185.137.72.0/22
193.84.89.0/24
IPv6:
2a02:ec00::/29
2a0e:4180::/29
Signature Algorithm: sha256WithRSAEncryption
b4:25:90:03:03:ab:08:cb:fd:b2:ee:7c:2d:74:5d:a3:30:78:
4e:b0:9b:4d:ab:aa:8b:56:8c:9e:d8:35:bb:6f:23:3a:11:86:
76:fc:ef:f6:98:a4:cf:bf:a9:47:fb:8f:0c:55:d3:3d:68:ba:
ec:1e:73:2e:8c:bc:f4:33:b9:71:8b:f0:f0:3d:5f:f1:74:10:
34:f2:49:31:c4:de:36:19:46:ca:ac:cf:d8:8a:2b:84:0a:cc:
9a:71:67:64:14:6e:49:90:fc:9f:62:95:3e:18:5a:3d:24:d5:
c4:43:a6:51:c6:dd:ce:5e:81:7b:f4:82:61:74:f2:4c:90:f2:
2a:92:52:4b:47:24:bc:01:0a:fd:c4:cf:90:3b:a8:ef:69:5c:
e5:ab:d2:6c:a5:5f:64:7f:b0:97:2b:9a:d5:d3:0d:3b:01:d1:
4f:f8:72:5b:a3:2a:37:b5:41:45:bd:69:45:fc:21:45:81:c5:
d1:aa:52:95:be:4f:d3:85:b7:72:cf:ca:fd:28:9a:88:70:b4:
5d:46:e5:2c:f2:88:de:7a:09:0c:31:54:8b:a3:ce:d1:83:69:
18:e8:7f:df:25:0c:f6:d8:df:31:55:cb:8c:d6:65:0d:70:20:
1e:d0:b1:41:d4:d8:45:74:7c:c9:d5:5b:35:f9:95:5c:07:e5:
1c:c9:5b:b0
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAYeOv7ZVWmieu2BczgcsO8r8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NWZiM2ZlYjE1YzAzYzRkMzRkOWZmNDQ0ZDlhZDdlMzAw
NjcyMDgwHhcNMjMwNDE3MTAyNTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmY0ZjczZGM5ODdmMzBiNjhlYjg2ZWQwMWRlYzNlNTkwYjRmNTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8p65z7UU0vDl/GHD7cyTOq11A3J
+KjLQCplD3kc8SgnkORFtaTw9FB6GFoAhZ2zWf+lFqDAR7tE49pFCvai/Q96s5a8
DJMHT5Cbgrf9nryOP2tP37HTdmvUm1+Pu+14EmRf6MTy9c8UmVho+Wnl0BruNe0A
TyzE8f9pJBcLWM+wi8eKmkuDMX3DcdELG/huQN+y9gjNtH4L5KI019cHv+pHH7eC
80XLZQwbnrM5IVr55/+3niemsRxOaE3yIyHPZyxKSqZIFVGTWSmlwl8MJWr8dHfL
ybL3cI2Eh7nc4jdGliVSkLQT9eHvofdENhH4tzlUgVWFi52UIq6eX30pOQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFML09z3Jh/MLaOuG7QHew+WQtPVWMB8GA1UdIwQY
MBaAFDRfs/6xXAPE002f9ETZrX4wBnIIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUt
YmM1NGIxMjExYjYwLzEvd3ZUM1BjbUg4d3RvNjRidEFkN0Q1WkMwOVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hNDQyYzUtZDE0Zi00MjlmLWE1MTUtYmM1NGIxMjExYjYw
LzEvTkYtel9yRmNBOFRUVFpfMFJObXRmakFHY2dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBJBAIAATBDAwQCLVHUAwQA
TVExMAsDAwCCXQMEBoJdgAMEArkJ+AMEArkMAAMEArl4sAMEArl6oAMEArmFgAME
ArmJSAMEAMFUWTAUBAIAAjAOAwUDKgLsAAMFAyoOQYAwDQYJKoZIhvcNAQELBQAD
ggEBALQlkAMDqwjL/bLufC10XaMweE6wm02rqotWjJ7YNbtvIzoRhnb87/aYpM+/
qUf7jwxV0z1ouuwecy6MvPQzuXGL8PA9X/F0EDTySTHE3jYZRsqsz9iKK4QKzJpx
Z2QUbkmQ/J9ilT4YWj0k1cRDplHG3c5egXv0gmF08kyQ8iqSUktHJLwBCv3Ez5A7
qO9pXOWr0mylX2R/sJcrmtXTDTsB0U/4clujKje1QUW9aUX8IUWBxdGqUpW+T9OF
t3LPyv0omohwtF1G5SzyiN56CQwxVIujztGDaRjof98lDPbY3zFVy4zWZQ1wIB7Q
sUHU2EV0fMnVWzX5lVwH5RzJW7A=
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:07:41 2025 by rpki-client