Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/vgqhuC6QG3HEKgDbEhnkyZ2fvGY.roa
File: vgqhuC6QG3HEKgDbEhnkyZ2fvGY.roa (raw, json)
Hash identifier: oRS+EetnC8Rw+n3Mu1oxqupT/cTwaBJLmx9+5+BmJTc=
Subject key identifier: BE:0A:A1:B8:2E:90:1B:71:C4:2A:00:DB:12:19:E4:C9:9D:9F:BC:66
Certificate issuer: /CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Certificate serial: 078B3942
Authority key identifier: 88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/vgqhuC6QG3HEKgDbEhnkyZ2fvGY.roa
Signing time: Sat 01 Jan 2022 14:04:39 +0000
ROA not before: Sat 01 Jan 2022 14:04:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39841
IP address blocks: 185.88.4.0/24 maxlen: 24
185.88.7.0/24 maxlen: 24
185.88.5.0/24 maxlen: 24
185.88.6.0/24 maxlen: 24
2a03:7d20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126564674 (0x78b3942)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88f342dd1127c67af1116ab1f997e27cb4c884e8
Validity
Not Before: Jan 1 14:04:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=be0aa1b82e901b71c42a00db1219e4c99d9fbc66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:e2:ea:f6:50:cd:66:ce:9b:5a:29:56:f7:b0:
70:13:ac:ff:dd:21:04:34:82:2b:72:37:e7:6d:99:
23:40:a4:5b:a0:e8:b4:b3:bd:c9:63:1e:b2:bc:15:
3f:4f:ee:99:01:dd:59:79:99:ae:40:fd:96:71:d1:
9f:4d:cf:4c:10:59:8e:e9:a8:91:1d:b4:48:7b:4e:
33:24:03:da:1a:38:10:21:63:b1:72:c2:e3:ff:a2:
a9:1f:87:9e:57:b8:d2:c4:7b:3d:0a:43:12:c0:4e:
40:a4:e0:ed:57:1d:2b:dd:6f:cb:64:4c:53:41:94:
2b:3d:a2:11:d5:fe:8b:7b:45:4a:90:e1:0e:b4:7c:
44:8a:d5:59:02:ce:65:49:c3:06:b5:4e:d3:14:c9:
df:b5:d4:b3:f8:8b:67:ba:4f:98:c9:f3:d8:06:80:
24:db:16:9b:b4:a5:06:d0:37:9b:03:d0:85:d0:fc:
47:c4:9a:3a:a6:b6:17:d2:5d:dc:ad:02:75:af:2b:
6d:e5:2f:07:1f:3d:cf:6c:8c:b3:2a:9f:4b:ed:6e:
7f:58:da:76:ad:c3:71:9b:11:a2:49:5d:f0:5f:d9:
64:9c:64:a9:32:af:4a:75:6c:ae:96:45:76:f8:03:
f1:7c:85:3e:f0:d0:77:c7:78:de:af:90:c9:16:cc:
db:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:0A:A1:B8:2E:90:1B:71:C4:2A:00:DB:12:19:E4:C9:9D:9F:BC:66
X509v3 Authority Key Identifier:
keyid:88:F3:42:DD:11:27:C6:7A:F1:11:6A:B1:F9:97:E2:7C:B4:C8:84:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iPNC3REnxnrxEWqx-ZfifLTIhOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/vgqhuC6QG3HEKgDbEhnkyZ2fvGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/24fd15-22a9-4bd6-a232-8b36e9d063a1/1/iPNC3REnxnrxEWqx-ZfifLTIhOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.4.0/22
IPv6:
2a03:7d20::/32
Signature Algorithm: sha256WithRSAEncryption
39:6b:77:d7:8f:7c:75:75:32:b2:ee:84:c1:41:86:c9:68:86:
1b:51:6d:ca:2a:de:eb:50:b4:c4:66:56:02:08:7d:2d:39:aa:
e2:86:c7:f0:5d:89:7d:9a:57:52:12:a5:5c:9c:80:9a:6b:ce:
71:b3:fa:bd:ea:22:8d:8b:42:b3:16:88:39:80:87:f6:5d:1f:
d9:66:bf:0c:53:15:2b:dd:a7:db:45:4d:66:35:12:aa:e9:1f:
ab:01:70:19:85:17:b7:fb:67:bc:cb:13:46:6a:dd:44:c3:00:
e7:2c:f6:07:8c:e8:bc:0d:79:de:0a:f7:09:aa:3b:7a:bc:75:
10:80:08:da:35:0b:e4:25:ac:0a:9a:ad:4d:f6:d4:c4:1d:d3:
ed:83:64:6c:a9:dd:e8:99:45:4d:71:e5:38:99:ff:ce:4f:93:
f2:93:94:c6:fc:45:75:c9:87:31:7e:a9:03:5e:a6:54:f0:8a:
89:f8:77:9f:5d:fd:46:e6:3d:8f:b5:a3:ab:7f:3e:54:62:08:
b8:91:fe:a0:4c:8c:75:e4:6e:a1:33:34:53:b2:7c:4b:29:86:
c8:fd:bf:5d:74:ed:73:da:d5:ae:25:92:9f:ca:62:a1:30:c7:
bb:5b:2b:8b:51:5b:c8:66:53:89:dc:e7:95:dd:02:fe:74:8b:
ae:99:38:d7
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB4s5QjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGYzNDJkZDExMjdjNjdhZjExMTZhYjFmOTk3ZTI3Y2I0Yzg4NGU4MB4XDTIyMDEw
MTE0MDQzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmUwYWExYjgyZTkw
MWI3MWM0MmEwMGRiMTIxOWU0Yzk5ZDlmYmM2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO/i6vZQzWbOm1opVvewcBOs/90hBDSCK3I3522ZI0CkW6Do
tLO9yWMesrwVP0/umQHdWXmZrkD9lnHRn03PTBBZjumokR20SHtOMyQD2ho4ECFj
sXLC4/+iqR+Hnle40sR7PQpDEsBOQKTg7VcdK91vy2RMU0GUKz2iEdX+i3tFSpDh
DrR8RIrVWQLOZUnDBrVO0xTJ37XUs/iLZ7pPmMnz2AaAJNsWm7SlBtA3mwPQhdD8
R8SaOqa2F9Jd3K0Cda8rbeUvBx89z2yMsyqfS+1uf1jadq3DcZsRokld8F/ZZJxk
qTKvSnVsrpZFdvgD8XyFPvDQd8d43q+QyRbM2wMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBS+CqG4LpAbccQqANsSGeTJnZ+8ZjAfBgNVHSMEGDAWgBSI80LdESfGevER
arH5l+J8tMiE6DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lQTkMzUkVueG5yeEVXcXgtWmZpZkxUSWhPZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvMjRmZDE1LTIyYTktNGJkNi1hMjMyLThiMzZlOWQwNjNhMS8x
L3ZncWh1QzZRRzNIRUtnRGJFaG5reVoyZnZHWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
MjRmZDE1LTIyYTktNGJkNi1hMjMyLThiMzZlOWQwNjNhMS8xL2lQTkMzUkVueG5y
eEVXcXgtWmZpZkxUSWhPZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlYBDANBAIAAjAHAwUAKgN9IDAN
BgkqhkiG9w0BAQsFAAOCAQEAOWt31498dXUysu6EwUGGyWiGG1Ftyire61C0xGZW
Agh9LTmq4obH8F2JfZpXUhKlXJyAmmvOcbP6veoijYtCsxaIOYCH9l0f2Wa/DFMV
K92n20VNZjUSqukfqwFwGYUXt/tnvMsTRmrdRMMA5yz2B4zovA153gr3Cao7erx1
EIAI2jUL5CWsCpqtTfbUxB3T7YNkbKnd6JlFTXHlOJn/zk+T8pOUxvxFdcmHMX6p
A16mVPCKifh3n139RuY9j7Wjq38+VGIIuJH+oEyMdeRuoTM0U7J8SymGyP2/XXTt
c9rVriWSn8pioTDHu1sri1FbyGZTidznld0C/nSLrpk41w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:52 2024 by rpki-client on console-fra.rpki-client.org