Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/ZiOAaJAZ7B_e8HHeyMlVf8HC_sI.roa
File: ZiOAaJAZ7B_e8HHeyMlVf8HC_sI.roa (raw, json)
Hash identifier: 345bPn9OvH6ENBy18f2e9y9oc5JxY6TF1w5euefX0Xo=
Subject key identifier: 66:23:80:68:90:19:EC:1F:DE:F0:71:DE:C8:C9:55:7F:C1:C2:FE:C2
Certificate issuer: /CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Certificate serial: 01856FCB9FA4BA0EA49B3CBAA6E5E98D3095
Authority key identifier: 1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/ZiOAaJAZ7B_e8HHeyMlVf8HC_sI.roa
Signing time: Mon 02 Jan 2023 00:04:53 +0000
ROA not before: Mon 02 Jan 2023 00:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200706
IP address blocks: 185.88.16.0/23 maxlen: 23
185.88.16.0/24 maxlen: 24
185.88.17.0/24 maxlen: 24
185.88.16.0/22 maxlen: 22
185.88.19.0/24 maxlen: 24
185.88.18.0/24 maxlen: 24
185.88.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:9f:a4:ba:0e:a4:9b:3c:ba:a6:e5:e9:8d:30:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Validity
Not Before: Jan 2 00:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=662380689019ec1fdef071dec8c9557fc1c2fec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:b2:3c:b8:17:13:1e:6a:30:b7:76:f1:aa:
25:18:8e:c9:b3:88:6e:15:7a:a0:6f:23:d4:cb:8b:
0d:13:09:31:f3:d7:a6:50:9d:77:c1:f7:33:e3:18:
64:ed:c4:47:45:a7:6f:c3:2b:50:f2:ef:9a:03:58:
50:4d:fe:68:ba:c9:19:28:09:8c:05:02:17:2e:d3:
db:ca:1d:81:40:50:97:e1:99:12:34:1f:73:fd:1d:
b7:55:97:da:b0:d5:e5:d8:61:f7:41:31:58:f6:54:
71:90:25:0a:d7:9c:4b:fc:32:61:2a:c4:28:cb:1c:
11:fd:31:8d:4b:af:ba:5e:75:fb:6f:84:9c:e2:fa:
6f:7a:27:0d:e4:da:5b:f6:71:a0:3f:dd:20:12:20:
dc:c1:b3:67:b5:61:8b:29:bd:6c:3b:1e:75:79:7f:
bd:04:fa:14:82:fa:c2:1b:2e:79:5c:44:de:c5:68:
b1:11:c6:dd:e2:94:a8:d8:00:98:a8:7d:c3:50:ad:
83:88:a1:1d:f3:58:2f:e8:27:80:e1:41:a2:25:1c:
31:6f:78:be:f9:2f:07:66:4a:eb:87:63:f2:dc:7d:
27:ec:0c:00:ea:0d:5b:7f:55:85:1a:87:fe:65:00:
2b:41:9b:67:20:55:72:99:7b:98:1d:f2:c3:00:2a:
cc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:23:80:68:90:19:EC:1F:DE:F0:71:DE:C8:C9:55:7F:C1:C2:FE:C2
X509v3 Authority Key Identifier:
keyid:1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/ZiOAaJAZ7B_e8HHeyMlVf8HC_sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.16.0/22
Signature Algorithm: sha256WithRSAEncryption
52:27:52:9d:ab:2b:7e:66:61:52:f5:71:1c:f2:6c:a7:0c:2e:
d8:d0:75:93:2e:54:ac:9e:54:f1:22:35:e6:cd:35:e4:ae:e5:
c0:53:af:67:67:c8:72:3b:df:84:61:0f:77:62:ac:fb:a2:21:
d8:4c:bb:5a:ae:9e:3e:ed:23:84:ad:5d:61:13:de:b1:e7:6f:
8d:9d:3d:15:8c:a0:dc:f0:ac:83:72:47:6c:e2:bc:cc:0e:a1:
75:49:9b:95:1a:8d:21:64:1b:ce:b8:79:01:fc:ad:78:d8:14:
83:87:a4:c3:c4:d7:21:3b:6b:95:ba:41:d4:31:e2:43:12:a2:
e4:01:64:20:14:c6:be:b7:78:d0:7e:00:7e:23:03:20:93:a3:
77:10:ff:72:8f:59:43:6b:3c:f0:84:01:77:29:e9:ad:f9:f7:
6a:fa:90:bb:14:6f:72:26:ed:37:46:05:5e:8c:32:a7:5b:25:
1b:75:d4:98:ba:23:b1:52:c9:ee:19:a2:f9:b0:fb:0a:ce:a8:
2b:7c:76:74:32:c4:b2:35:1c:87:67:21:1a:c9:38:38:ee:23:
bf:3d:b0:78:61:5b:d0:b3:57:5d:ca:9b:d3:e8:bd:40:41:ad:
fe:92:7c:c8:46:24:c2:a9:c3:32:ec:03:0b:ec:38:bb:5d:65:
98:5e:cf:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy5+kug6kmzy6puXpjTCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmI2YjZhNTA2MWE0MTE1ZDUzMDQwY2ZmZGM2NGIzYjBk
NzFhNzgwHhcNMjMwMTAyMDAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjIzODA2ODkwMTllYzFmZGVmMDcxZGVjOGM5NTU3ZmMxYzJmZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkuyPLgXEx5qMLd28aolGI7Js4hu
FXqgbyPUy4sNEwkx89emUJ13wfcz4xhk7cRHRadvwytQ8u+aA1hQTf5ouskZKAmM
BQIXLtPbyh2BQFCX4ZkSNB9z/R23VZfasNXl2GH3QTFY9lRxkCUK15xL/DJhKsQo
yxwR/TGNS6+6XnX7b4Sc4vpveicN5Npb9nGgP90gEiDcwbNntWGLKb1sOx51eX+9
BPoUgvrCGy55XETexWixEcbd4pSo2ACYqH3DUK2DiKEd81gv6CeA4UGiJRwxb3i+
+S8HZkrrh2Py3H0n7AwA6g1bf1WFGof+ZQArQZtnIFVymXuYHfLDACrMgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGYjgGiQGewf3vBx3sjJVX/Bwv7CMB8GA1UdIwQY
MBaAFB1ra2pQYaQRXVMEDP/cZLOw1xp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTkt
YmZhZmQ2MjJlODlmLzEvWmlPQWFKQVo3Ql9lOEhIZXlNbFZmOEhDX3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTktYmZhZmQ2MjJlODlm
LzEvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBSJ1Kdqyt+ZmFS9XEc8mynDC7Y0HWTLlSsnlTxIjXm
zTXkruXAU69nZ8hyO9+EYQ93Yqz7oiHYTLtarp4+7SOErV1hE96x52+NnT0VjKDc
8KyDckds4rzMDqF1SZuVGo0hZBvOuHkB/K142BSDh6TDxNchO2uVukHUMeJDEqLk
AWQgFMa+t3jQfgB+IwMgk6N3EP9yj1lDazzwhAF3Kemt+fdq+pC7FG9yJu03RgVe
jDKnWyUbddSYuiOxUsnuGaL5sPsKzqgrfHZ0MsSyNRyHZyEayTg47iO/PbB4YVvQ
s1ddypvT6L1AQa3+knzIRiTCqcMy7AML7Di7XWWYXs+1
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:15:03 2025 by rpki-client