Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/np0xEkvfv_1qjSrNRBiAY5Yzsjo.roa
File: np0xEkvfv_1qjSrNRBiAY5Yzsjo.roa (raw, json)
Hash identifier: ZAILeUjpcBZ9PDJMHp/luzIbJBF56Ps3hLBOb9ZMmC8=
Subject key identifier: 9E:9D:31:12:4B:DF:BF:FD:6A:8D:2A:CD:44:18:80:63:96:33:B2:3A
Certificate issuer: /CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Certificate serial: 0185704BCBCC8FF58C5D46648D253D23EE2C
Authority key identifier: 4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/np0xEkvfv_1qjSrNRBiAY5Yzsjo.roa
Signing time: Mon 02 Jan 2023 02:24:53 +0000
ROA not before: Mon 02 Jan 2023 02:24:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50181
IP address blocks: 88.132.224.0/20 maxlen: 20
185.45.196.0/22 maxlen: 22
88.132.240.0/22 maxlen: 22
109.110.128.0/19 maxlen: 19
2a01:7d60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:cb:cc:8f:f5:8c:5d:46:64:8d:25:3d:23:ee:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eca105ce4af6c21cd429e992d06ea7d06d8a56d
Validity
Not Before: Jan 2 02:24:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9e9d31124bdfbffd6a8d2acd441880639633b23a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:d2:d6:10:3e:24:8a:ef:61:2b:3d:fa:f7:2e:
7a:4d:b3:be:bc:4d:d8:04:45:b9:4a:54:73:3e:7e:
0c:3c:df:89:b3:b6:82:69:aa:64:a0:3c:94:11:20:
b3:67:cf:c4:0b:1b:26:5e:0e:7a:5a:bb:e2:55:03:
a5:2e:33:bd:79:bb:9a:64:5e:35:4d:e9:4f:b4:60:
8d:31:39:a6:88:ae:c4:6b:2c:cc:d4:4d:ed:48:62:
4d:60:3f:09:69:e1:e2:8e:9a:40:fa:60:f8:51:9b:
2e:33:35:8b:fb:b4:9d:29:81:8d:8e:91:10:2d:a9:
f7:61:30:9f:c5:9b:3e:a0:9e:2f:ab:d9:cd:a8:3c:
73:d2:7f:29:ee:aa:9e:b0:9c:45:b2:3c:75:15:e1:
2e:eb:49:1b:66:bc:24:5b:d4:93:28:fb:68:f5:5b:
e4:4b:07:32:e4:34:47:5f:1a:b9:bf:97:14:98:17:
79:cf:7e:57:f8:14:68:68:e9:ea:ac:34:69:46:b7:
f6:3d:c7:1d:05:25:27:fa:d6:b9:91:62:26:86:f4:
0b:32:06:bc:f7:df:47:b9:7e:71:1a:19:e9:39:28:
3f:ac:b7:5b:a3:85:dc:1c:84:21:7b:de:4e:a1:df:
31:8e:af:73:5b:7f:cb:a9:8c:32:86:cb:3d:e7:0c:
43:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:9D:31:12:4B:DF:BF:FD:6A:8D:2A:CD:44:18:80:63:96:33:B2:3A
X509v3 Authority Key Identifier:
keyid:4E:CA:10:5C:E4:AF:6C:21:CD:42:9E:99:2D:06:EA:7D:06:D8:A5:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/np0xEkvfv_1qjSrNRBiAY5Yzsjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/c3a85d-9d0b-4562-9238-46ee0cd7fcba/1/TsoQXOSvbCHNQp6ZLQbqfQbYpW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.132.224.0-88.132.243.255
109.110.128.0/19
185.45.196.0/22
IPv6:
2a01:7d60::/32
Signature Algorithm: sha256WithRSAEncryption
6c:23:30:28:c2:0f:25:c0:97:08:42:71:b0:d9:a7:74:a6:7a:
19:0a:fc:41:3f:8c:27:a8:7b:03:80:e4:97:ad:55:a3:ba:f5:
f4:23:df:6d:22:86:85:29:93:bd:2d:9f:37:1d:bb:80:d5:ac:
fb:0a:2c:f0:89:70:01:f9:3d:c2:d6:77:12:a9:23:7f:d8:b3:
bd:17:f2:28:43:8d:0c:57:96:9b:76:36:81:27:43:6e:a3:50:
87:6b:85:a8:7f:76:98:57:e4:24:3b:20:66:bd:48:50:d3:91:
3a:58:74:fa:bc:6b:9b:8d:92:30:b8:d4:0c:28:87:80:0a:5d:
66:aa:35:fd:e3:88:4e:d3:7c:66:d1:e0:80:ac:b2:eb:ae:67:
36:85:52:d5:dc:da:25:fc:59:2b:82:43:69:d1:4e:24:2b:4d:
cf:a7:80:ec:1a:48:00:38:4b:5f:e0:d0:04:93:b9:cc:67:bb:
ca:e3:d4:de:c7:c0:81:5f:92:e9:45:51:75:78:4f:b5:8e:96:
08:cf:28:e9:f2:0f:16:0f:ed:ea:83:ea:83:3c:0c:ce:8c:fa:
59:79:30:f9:81:3c:49:34:fa:44:25:82:60:60:dc:2a:7d:50:
b3:23:f6:c2:b7:8b:1b:10:5f:30:b8:87:62:92:4a:64:31:d8:
e0:93:3d:e5
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVwS8vMj/WMXUZkjSU9I+4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2ExMDVjZTRhZjZjMjFjZDQyOWU5OTJkMDZlYTdkMDZk
OGE1NmQwHhcNMjMwMTAyMDIyNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTlkMzExMjRiZGZiZmZkNmE4ZDJhY2Q0NDE4ODA2Mzk2MzNiMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdLWED4kiu9hKz369y56TbO+vE3Y
BEW5SlRzPn4MPN+Js7aCaapkoDyUESCzZ8/ECxsmXg56WrviVQOlLjO9ebuaZF41
TelPtGCNMTmmiK7EayzM1E3tSGJNYD8JaeHijppA+mD4UZsuMzWL+7SdKYGNjpEQ
Lan3YTCfxZs+oJ4vq9nNqDxz0n8p7qqesJxFsjx1FeEu60kbZrwkW9STKPto9Vvk
Swcy5DRHXxq5v5cUmBd5z35X+BRoaOnqrDRpRrf2PccdBSUn+ta5kWImhvQLMga8
999HuX5xGhnpOSg/rLdbo4XcHIQhe95Ood8xjq9zW3/LqYwyhss95wxDlQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJ6dMRJL37/9ao0qzUQYgGOWM7I6MB8GA1UdIwQY
MBaAFE7KEFzkr2whzUKemS0G6n0G2KVtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgt
NDZlZTBjZDdmY2JhLzEvbnAweEVrdmZ2XzFxalNyTlJCaUFZNVl6c2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9jM2E4NWQtOWQwYi00NTYyLTkyMzgtNDZlZTBjZDdmY2Jh
LzEvVHNvUVhPU3ZiQ0hOUXA2WkxRYnFmUWJZcFcwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAVYhOAD
BAJYhPADBAVtboADBAK5LcQwDQQCAAIwBwMFACoBfWAwDQYJKoZIhvcNAQELBQAD
ggEBAGwjMCjCDyXAlwhCcbDZp3SmehkK/EE/jCeoewOA5JetVaO69fQj320ihoUp
k70tnzcdu4DVrPsKLPCJcAH5PcLWdxKpI3/Ys70X8ihDjQxXlpt2NoEnQ26jUIdr
hah/dphX5CQ7IGa9SFDTkTpYdPq8a5uNkjC41Awoh4AKXWaqNf3jiE7TfGbR4ICs
suuuZzaFUtXc2iX8WSuCQ2nRTiQrTc+ngOwaSAA4S1/g0ASTucxnu8rj1N7HwIFf
kulFUXV4T7WOlgjPKOnyDxYP7eqD6oM8DM6M+ll5MPmBPEk0+kQlgmBg3Cp9ULMj
9sK3ixsQXzC4h2KSSmQx2OCTPeU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:16 2025 by rpki-client