Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/h5oAVbduw_SV1LN-VWUONTTKrlg.roa
File: h5oAVbduw_SV1LN-VWUONTTKrlg.roa (raw, json)
Hash identifier: 7S8sqX8+GOqMcv8tUJMdi5HtPlfcQP+2/+0RvwJBbkM=
Subject key identifier: 87:9A:00:55:B7:6E:C3:F4:95:D4:B3:7E:55:65:0E:35:34:CA:AE:58
Certificate issuer: /CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
Certificate serial: 0188FC8381DB561E0129B06CC02C1D14CE1F
Authority key identifier: FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/h5oAVbduw_SV1LN-VWUONTTKrlg.roa
Signing time: Tue 27 Jun 2023 11:00:56 +0000
ROA not before: Tue 27 Jun 2023 11:00:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48803
IP address blocks: 185.60.128.0/22 maxlen: 22
88.206.128.0/17 maxlen: 17
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:83:81:db:56:1e:01:29:b0:6c:c0:2c:1d:14:ce:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbd83efdd9996f8c75e7f4114e466ebf836968ea
Validity
Not Before: Jun 27 11:00:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=879a0055b76ec3f495d4b37e55650e3534caae58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:be:b3:d3:b7:83:3f:fe:24:be:a1:c0:9d:f7:
ca:6b:a2:52:7b:c8:19:41:b3:6f:fc:dc:fe:75:24:
45:20:68:1c:6b:f4:82:b3:9b:d0:f4:e6:cf:8e:78:
9b:7a:63:ea:8a:5f:6a:c7:c5:9a:97:6b:ef:ed:84:
f4:ff:79:e4:a9:c7:4f:27:8a:43:25:40:b0:94:a0:
81:1f:ce:5c:c7:19:c2:13:4f:5e:91:91:82:93:76:
03:24:49:fc:8a:0e:74:5b:13:f1:cb:f0:da:42:52:
be:75:c0:76:06:55:9f:18:72:8c:18:2b:5a:5a:52:
aa:58:6c:fa:67:eb:54:19:4a:5d:cf:89:4f:75:1e:
5c:c4:ff:53:bf:b6:18:b8:59:a5:14:cd:1b:2a:3f:
17:24:5f:74:48:51:0b:3f:65:89:7c:38:1f:c6:a3:
bb:63:95:f6:13:66:17:f7:72:63:6b:9a:30:48:66:
5e:f2:a4:0e:1d:76:f9:d0:44:89:d3:03:fa:5f:48:
6c:0b:1c:d5:69:ea:10:b0:2e:13:b1:9e:08:67:61:
d0:5f:35:35:7c:e5:37:3b:15:4d:fd:b3:41:bc:e0:
c6:30:10:9e:64:e8:9e:50:13:0f:77:e5:b9:f7:53:
34:79:cc:73:a5:4a:40:04:4c:f4:be:e7:52:f5:84:
b5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:9A:00:55:B7:6E:C3:F4:95:D4:B3:7E:55:65:0E:35:34:CA:AE:58
X509v3 Authority Key Identifier:
keyid:FB:D8:3E:FD:D9:99:6F:8C:75:E7:F4:11:4E:46:6E:BF:83:69:68:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-9g-_dmZb4x15_QRTkZuv4NpaOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/h5oAVbduw_SV1LN-VWUONTTKrlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/aa06a5-7ef6-4bc9-b0a0-2fa839017d75/1/1-9g-_dmZb4x15_QRTkZuv4NpaOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.206.128.0/17
185.60.128.0/22
Signature Algorithm: sha256WithRSAEncryption
04:22:6f:72:3e:dd:a9:33:f6:9f:fd:18:c4:85:23:cc:22:0e:
55:fc:3d:3e:e1:89:9d:a3:67:8c:79:1e:0a:02:b0:9a:ff:ac:
03:1c:d3:dd:3c:93:2e:6a:be:31:39:87:fa:9f:e1:2f:fd:a9:
28:74:a8:f3:aa:0f:5b:c5:d2:2f:3a:b3:c3:25:a6:b3:08:3f:
ae:34:2a:6b:80:8d:cd:c8:e7:2d:79:46:49:cf:1b:7f:22:62:
9e:18:c7:92:49:dc:fa:de:a4:06:45:64:40:86:d2:f0:f1:4c:
8e:b6:01:f1:27:33:ff:ac:53:8a:80:12:92:c7:46:03:87:bf:
f7:da:96:79:06:e9:44:30:f5:ff:2c:bf:fe:1b:37:9d:e6:e5:
48:99:73:b2:c4:86:2b:d6:76:dd:9a:65:61:e6:f0:d2:aa:47:
5c:eb:63:3b:f6:3b:51:b0:85:f5:08:ff:3c:1c:67:34:73:a3:
67:59:7c:d0:51:3e:01:0d:b5:0c:c7:dd:71:f7:a0:36:4b:b2:
dc:be:0d:d6:1e:e4:9a:08:fa:92:ba:a0:0e:86:ce:b5:6f:60:
8f:71:ac:0f:7e:00:8f:f7:ee:d2:13:f9:1b:04:21:e0:c7:8c:
80:cb:2e:27:78:1a:a1:f5:ee:f1:45:fe:51:6c:6b:85:33:85:
52:d0:90:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYj8g4HbVh4BKbBswCwdFM4fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZDgzZWZkZDk5OTZmOGM3NWU3ZjQxMTRlNDY2ZWJmODM2
OTY4ZWEwHhcNMjMwNjI3MTEwMDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzlhMDA1NWI3NmVjM2Y0OTVkNGIzN2U1NTY1MGUzNTM0Y2FhZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr6z07eDP/4kvqHAnffKa6JSe8gZ
QbNv/Nz+dSRFIGgca/SCs5vQ9ObPjnibemPqil9qx8Wal2vv7YT0/3nkqcdPJ4pD
JUCwlKCBH85cxxnCE09ekZGCk3YDJEn8ig50WxPxy/DaQlK+dcB2BlWfGHKMGCta
WlKqWGz6Z+tUGUpdz4lPdR5cxP9Tv7YYuFmlFM0bKj8XJF90SFELP2WJfDgfxqO7
Y5X2E2YX93Jja5owSGZe8qQOHXb50ESJ0wP6X0hsCxzVaeoQsC4TsZ4IZ2HQXzU1
fOU3OxVN/bNBvODGMBCeZOieUBMPd+W591M0ecxzpUpABEz0vudS9YS16wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIeaAFW3bsP0ldSzflVlDjU0yq5YMB8GA1UdIwQY
MBaAFPvYPv3ZmW+Mdef0EU5Gbr+DaWjqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS05Zy1fZG1aYjR4MTVfUVJUa1p1djROcGFPby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEw
LTJmYTgzOTAxN2Q3NS8xL2g1b0FWYmR1d19TVjFMTi1WV1VPTlRUS3JsZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmMvYWEwNmE1LTdlZjYtNGJjOS1iMGEwLTJmYTgzOTAxN2Q3
NS8xLzEtOWctX2RtWmI0eDE1X1FSVGtadXY0TnBhT28uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAdYzoAD
BAK5PIAwDQYJKoZIhvcNAQELBQADggEBAAQib3I+3akz9p/9GMSFI8wiDlX8PT7h
iZ2jZ4x5HgoCsJr/rAMc0908ky5qvjE5h/qf4S/9qSh0qPOqD1vF0i86s8MlprMI
P640KmuAjc3I5y15RknPG38iYp4Yx5JJ3PrepAZFZECG0vDxTI62AfEnM/+sU4qA
EpLHRgOHv/falnkG6UQw9f8sv/4bN53m5UiZc7LEhivWdt2aZWHm8NKqR1zrYzv2
O1GwhfUI/zwcZzRzo2dZfNBRPgENtQzH3XH3oDZLsty+DdYe5JoI+pK6oA6GzrVv
YI9xrA9+AI/37tIT+RsEIeDHjIDLLid4GqH17vFF/lFsa4UzhVLQkIs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:38 2025 by rpki-client