Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/7iFqcpgm_mP6bFFbBpA_bAtnMhc.roa
File: 7iFqcpgm_mP6bFFbBpA_bAtnMhc.roa (raw, json)
Hash identifier: 2NBbHp9f3E+veRfGjT+Ovxiq4UcFrPMFw5AH5rzWqjE=
Subject key identifier: EE:21:6A:72:98:26:FE:63:FA:6C:51:5B:06:90:3F:6C:0B:67:32:17
Certificate issuer: /CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Certificate serial: 0189BD325240855A979CB57A7D47825F9155
Authority key identifier: 69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/7iFqcpgm_mP6bFFbBpA_bAtnMhc.roa
Signing time: Thu 03 Aug 2023 20:58:58 +0000
ROA not before: Thu 03 Aug 2023 20:58:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51101
IP address blocks: 195.43.66.0/23 maxlen: 23
185.230.224.0/22 maxlen: 22
88.135.186.0/24 maxlen: 24
178.217.112.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:bd:32:52:40:85:5a:97:9c:b5:7a:7d:47:82:5f:91:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=694e515cc5be4e27e9d3d13e5e1c11dc7529274b
Validity
Not Before: Aug 3 20:58:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ee216a729826fe63fa6c515b06903f6c0b673217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:16:41:60:2d:55:9b:da:45:10:88:ca:27:6c:
4b:58:58:b2:17:d6:b8:c3:cf:71:9a:8b:92:30:20:
a9:a6:87:1a:b8:a4:a5:f8:2c:00:35:6b:62:1a:bb:
03:2b:9d:21:54:27:fc:3c:bb:51:17:67:d6:2d:63:
cf:e1:83:fb:32:36:c2:88:8e:30:45:32:29:93:d4:
0a:1b:80:aa:f9:98:13:4f:9f:f8:62:4a:cb:78:06:
1f:f1:a3:f3:4c:2d:f7:a8:af:3d:8c:c8:a5:6c:c6:
1e:2c:b2:65:4d:0b:bd:64:77:7b:6a:6e:d0:0f:59:
4f:54:24:77:0d:2f:02:fb:e1:58:95:db:11:40:c4:
92:b3:79:ba:c0:16:15:e0:0b:fc:f8:a0:3e:62:9b:
0a:e6:d0:ea:6e:83:71:5e:fd:c0:88:1d:d5:b2:13:
31:45:78:10:52:8a:14:fb:8c:56:e0:45:0e:af:da:
e0:1e:7e:eb:ec:61:fd:b9:c9:94:6e:10:a1:1c:df:
a5:a2:91:eb:da:d4:46:50:a0:01:d1:36:25:e7:5c:
16:50:d4:79:00:be:04:00:5a:45:75:9d:ab:12:e3:
08:73:3e:52:9f:25:42:43:9f:2a:10:46:2b:1c:65:
a6:55:cc:de:73:c8:1b:9a:86:98:03:c2:20:99:3e:
28:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:21:6A:72:98:26:FE:63:FA:6C:51:5B:06:90:3F:6C:0B:67:32:17
X509v3 Authority Key Identifier:
keyid:69:4E:51:5C:C5:BE:4E:27:E9:D3:D1:3E:5E:1C:11:DC:75:29:27:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aU5RXMW-Tifp09E-XhwR3HUpJ0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/7iFqcpgm_mP6bFFbBpA_bAtnMhc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/795620-2003-4785-999f-51c77cc49146/1/aU5RXMW-Tifp09E-XhwR3HUpJ0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.186.0/24
178.217.112.0/21
185.230.224.0/22
195.43.66.0/23
Signature Algorithm: sha256WithRSAEncryption
74:83:6d:58:07:f9:02:ff:7d:0e:53:d3:5d:b4:b4:9f:28:8f:
64:63:c0:32:b3:3f:37:6c:c5:e6:77:be:44:9c:0d:c4:4f:fe:
ba:9f:03:51:44:66:8c:e9:4a:2f:5f:fe:9f:ca:fd:bd:30:b5:
72:80:13:02:7d:0b:eb:7a:0f:1c:04:42:ce:dc:b4:98:0a:3c:
b4:28:1d:7f:7a:b1:6a:2a:dd:7f:42:f9:89:1a:88:54:21:13:
ea:0f:e4:8b:11:85:60:bd:ec:c4:b7:69:0c:86:3f:dc:1d:b5:
6d:c2:de:18:9a:46:19:d9:f1:a0:c2:9b:51:ec:3d:0e:b8:63:
29:4e:b0:c8:7b:86:a0:0b:49:32:9b:b6:c6:f0:af:1b:58:df:
2a:b4:5a:23:d4:2c:82:d8:34:d2:d4:ae:8d:0b:ed:2f:73:a6:
46:ee:ac:00:24:19:a0:49:c1:7d:fa:8a:47:77:a7:09:64:94:
51:1d:f6:40:55:79:e7:25:ce:fc:2a:49:34:96:5d:a2:8f:b9:
21:0b:c2:43:99:6a:e0:aa:7a:4f:ab:07:35:a9:f6:d2:65:54:
e8:50:15:42:84:60:ea:90:c5:24:92:0c:69:98:7a:83:00:26:
26:22:9a:c0:84:d5:30:21:1a:49:d3:b2:23:04:b7:02:e0:fb:
c5:0a:4d:30
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYm9MlJAhVqXnLV6fUeCX5FVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NGU1MTVjYzViZTRlMjdlOWQzZDEzZTVlMWMxMWRjNzUy
OTI3NGIwHhcNMjMwODAzMjA1ODU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTIxNmE3Mjk4MjZmZTYzZmE2YzUxNWIwNjkwM2Y2YzBiNjczMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgRZBYC1Vm9pFEIjKJ2xLWFiyF9a4
w89xmouSMCCppocauKSl+CwANWtiGrsDK50hVCf8PLtRF2fWLWPP4YP7MjbCiI4w
RTIpk9QKG4Cq+ZgTT5/4YkrLeAYf8aPzTC33qK89jMilbMYeLLJlTQu9ZHd7am7Q
D1lPVCR3DS8C++FYldsRQMSSs3m6wBYV4Av8+KA+YpsK5tDqboNxXv3AiB3VshMx
RXgQUooU+4xW4EUOr9rgHn7r7GH9ucmUbhChHN+lopHr2tRGUKAB0TYl51wWUNR5
AL4EAFpFdZ2rEuMIcz5SnyVCQ58qEEYrHGWmVczec8gbmoaYA8IgmT4orQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO4hanKYJv5j+mxRWwaQP2wLZzIXMB8GA1UdIwQY
MBaAFGlOUVzFvk4n6dPRPl4cEdx1KSdLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYt
NTFjNzdjYzQ5MTQ2LzEvN2lGcWNwZ21fbVA2YkZGYkJwQV9iQXRuTWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83OTU2MjAtMjAwMy00Nzg1LTk5OWYtNTFjNzdjYzQ5MTQ2
LzEvYVU1UlhNVy1UaWZwMDlFLVhod1IzSFVwSjBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWIe6AwQD
stlwAwQCuebgAwQBwytCMA0GCSqGSIb3DQEBCwUAA4IBAQB0g21YB/kC/30OU9Nd
tLSfKI9kY8Aysz83bMXmd75EnA3ET/66nwNRRGaM6UovX/6fyv29MLVygBMCfQvr
eg8cBELO3LSYCjy0KB1/erFqKt1/QvmJGohUIRPqD+SLEYVgvezEt2kMhj/cHbVt
wt4YmkYZ2fGgwptR7D0OuGMpTrDIe4agC0kym7bG8K8bWN8qtFoj1CyC2DTS1K6N
C+0vc6ZG7qwAJBmgScF9+opHd6cJZJRRHfZAVXnnJc78Kkk0ll2ij7khC8JDmWrg
qnpPqwc1qfbSZVToUBVChGDqkMUkkgxpmHqDACYmIprAhNUwIRpJ07IjBLcC4PvF
Ck0w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:56 2025 by rpki-client