Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/O4tXg-4dEzL-BjrGPe166mIBPd8.roa
File: O4tXg-4dEzL-BjrGPe166mIBPd8.roa (raw, json)
Hash identifier: Aezl21BN4EyNOp0VKvy6MXruZj/Wv2abRevoMuAfxzY=
Subject key identifier: 3B:8B:57:83:EE:1D:13:32:FE:06:3A:C6:3D:ED:7A:EA:62:01:3D:DF
Certificate issuer: /CN=1319f052bc9e7284888074390c9d0bc127606692
Certificate serial: 018535A828EF413485E362368FF903E4C462
Authority key identifier: 13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/O4tXg-4dEzL-BjrGPe166mIBPd8.roa
Signing time: Wed 21 Dec 2022 17:08:11 +0000
ROA not before: Wed 21 Dec 2022 17:08:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12527
IP address blocks: 88.157.231.0/24 maxlen: 24
88.157.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:a8:28:ef:41:34:85:e3:62:36:8f:f9:03:e4:c4:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1319f052bc9e7284888074390c9d0bc127606692
Validity
Not Before: Dec 21 17:08:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b8b5783ee1d1332fe063ac63ded7aea62013ddf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:dd:08:01:5c:52:de:f9:de:8f:3a:b5:b6:67:
64:ba:67:42:85:2c:a0:b6:dc:88:b5:f0:00:81:91:
e5:a8:21:a6:3e:ca:99:4e:72:6d:15:93:c1:d8:6d:
0f:87:6b:b3:4b:dc:0c:a5:6c:82:78:7f:67:d5:e5:
9a:40:39:c5:c7:70:2a:e4:f2:b6:3a:80:82:3b:fd:
e3:43:a4:18:73:2f:cd:01:53:52:8c:1e:bf:60:2f:
6b:6e:b7:6e:8c:53:ce:eb:b3:22:a1:e8:dc:a5:b4:
bc:7b:af:e0:1e:74:05:cc:cc:8f:6f:43:5c:64:7d:
54:a7:79:aa:4b:bc:ef:36:62:7b:8f:4e:a5:95:3c:
6d:3c:25:8c:3a:da:88:a5:26:39:43:f5:1c:9a:7d:
8f:70:67:ac:a6:bc:d4:10:61:80:e3:13:65:15:17:
d8:f6:a7:ee:11:e3:2b:6f:2d:15:9f:8b:6b:5e:40:
4f:9d:f4:7c:27:34:4a:9b:65:6d:c0:fd:a5:ab:5a:
20:e0:7e:d9:8d:e6:fc:ec:e0:1b:12:a9:29:3f:6a:
cc:56:99:f9:24:f0:8e:95:8d:49:e5:8b:6c:c8:bf:
1b:3e:13:be:d9:d5:14:78:e4:3e:f4:0c:34:62:1b:
a1:f3:b7:b7:c2:90:89:a2:47:85:d5:7d:38:fd:ec:
d8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8B:57:83:EE:1D:13:32:FE:06:3A:C6:3D:ED:7A:EA:62:01:3D:DF
X509v3 Authority Key Identifier:
keyid:13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/O4tXg-4dEzL-BjrGPe166mIBPd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/ExnwUryecoSIgHQ5DJ0LwSdgZpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.157.230.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:11:d4:ec:5c:f0:56:08:00:d4:df:0b:2b:b8:0e:92:a3:68:
90:c8:ec:bb:58:e2:aa:29:4f:56:49:6d:38:4e:b2:a0:97:81:
b6:47:34:d6:c2:4a:a7:fc:53:a6:d6:6c:eb:38:8a:5c:83:3c:
1d:a2:ec:d4:96:7a:d1:2c:c4:fe:d5:f4:bf:d1:74:69:4c:72:
1a:7e:4a:01:55:8b:6f:2c:7f:59:e1:ef:21:80:93:d5:81:d7:
83:cd:3b:ce:31:46:4c:a8:fb:0f:db:95:14:4a:24:d7:4a:d2:
6d:6e:15:1b:2e:41:46:37:96:c2:d2:91:67:ff:a1:94:33:3b:
f2:bb:d4:00:8e:79:f9:34:42:71:a5:3f:8b:9f:1b:97:b5:24:
90:53:1d:72:29:28:f0:8a:1f:0e:12:b9:8e:66:e9:1e:55:12:
43:6f:3b:7d:f5:19:0a:93:54:81:37:3c:66:61:bd:97:d1:21:
15:9f:9e:53:cd:b8:cd:d2:81:87:dc:d4:1d:0c:be:c4:85:b6:
c4:31:f6:97:30:50:7e:31:b6:58:80:c8:d6:85:d2:eb:33:1e:
33:c1:e6:bb:6e:58:66:57:27:d1:4c:3e:e3:ed:07:ca:37:6a:
fb:ff:8b:4a:67:a4:7e:36:ef:b7:0c:fc:01:46:28:00:3c:c6:
05:ae:fc:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU1qCjvQTSF42I2j/kD5MRiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTlmMDUyYmM5ZTcyODQ4ODgwNzQzOTBjOWQwYmMxMjc2
MDY2OTIwHhcNMjIxMjIxMTcwODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhiNTc4M2VlMWQxMzMyZmUwNjNhYzYzZGVkN2FlYTYyMDEzZGRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlN0IAVxS3vnejzq1tmdkumdChSyg
ttyItfAAgZHlqCGmPsqZTnJtFZPB2G0Ph2uzS9wMpWyCeH9n1eWaQDnFx3Aq5PK2
OoCCO/3jQ6QYcy/NAVNSjB6/YC9rbrdujFPO67MioejcpbS8e6/gHnQFzMyPb0Nc
ZH1Up3mqS7zvNmJ7j06llTxtPCWMOtqIpSY5Q/Ucmn2PcGesprzUEGGA4xNlFRfY
9qfuEeMrby0Vn4trXkBPnfR8JzRKm2VtwP2lq1og4H7Zjeb87OAbEqkpP2rMVpn5
JPCOlY1J5YtsyL8bPhO+2dUUeOQ+9Aw0Yhuh87e3wpCJokeF1X04/ezYXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDuLV4PuHRMy/gY6xj3teupiAT3fMB8GA1UdIwQY
MBaAFBMZ8FK8nnKEiIB0OQydC8EnYGaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUt
MmMxYTc3MzBiZDI1LzEvTzR0WGctNGRFekwtQmpyR1BlMTY2bUlCUGQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUtMmMxYTc3MzBiZDI1
LzEvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWJ3mMA0G
CSqGSIb3DQEBCwUAA4IBAQANEdTsXPBWCADU3wsruA6So2iQyOy7WOKqKU9WSW04
TrKgl4G2RzTWwkqn/FOm1mzrOIpcgzwdouzUlnrRLMT+1fS/0XRpTHIafkoBVYtv
LH9Z4e8hgJPVgdeDzTvOMUZMqPsP25UUSiTXStJtbhUbLkFGN5bC0pFn/6GUMzvy
u9QAjnn5NEJxpT+LnxuXtSSQUx1yKSjwih8OErmOZukeVRJDbzt99RkKk1SBNzxm
Yb2X0SEVn55TzbjN0oGH3NQdDL7EhbbEMfaXMFB+MbZYgMjWhdLrMx4zwea7blhm
VyfRTD7j7QfKN2r7/4tKZ6R+Nu+3DPwBRigAPMYFrvyi
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:40 2023 by rpki-client on console-fra.rpki-client.org