Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/Ym4ptWMZ5hsOMUu_8a45ym1DWPY.roa
File: Ym4ptWMZ5hsOMUu_8a45ym1DWPY.roa (raw, json)
Hash identifier: 9vQlQRES3e0Qe3jECygNFJg3cJRTPAcQPx6dDySGTHE=
Subject key identifier: 62:6E:29:B5:63:19:E6:1B:0E:31:4B:BF:F1:AE:39:CA:6D:43:58:F6
Certificate issuer: /CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Certificate serial: 0184C7A35514B1EAD08E9DDF6BB991A1155E
Authority key identifier: 01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/Ym4ptWMZ5hsOMUu_8a45ym1DWPY.roa
Signing time: Wed 30 Nov 2022 08:24:40 +0000
ROA not before: Wed 30 Nov 2022 08:24:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209277
IP address blocks: 185.38.192.0/24 maxlen: 24
88.214.16.0/24 maxlen: 24
88.214.17.0/24 maxlen: 24
88.214.19.0/24 maxlen: 24
88.214.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:a3:55:14:b1:ea:d0:8e:9d:df:6b:b9:91:a1:15:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Validity
Not Before: Nov 30 08:24:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=626e29b56319e61b0e314bbff1ae39ca6d4358f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6a:a3:51:5a:98:14:6d:d7:3b:e4:00:03:ba:
9c:40:47:fa:4b:c5:2d:bd:08:9d:71:34:52:4b:9f:
ec:94:4a:f3:b5:46:91:06:5a:c4:49:64:f1:eb:88:
a2:1c:50:8e:ba:e0:c0:1d:8d:d7:15:00:b5:3c:9d:
09:12:31:7f:40:ae:f2:e2:0e:a9:ba:db:1e:4d:74:
e7:6b:4f:56:11:b9:ea:90:86:69:dc:ed:84:a4:06:
d2:66:08:b2:5d:8a:58:be:d5:33:49:1d:21:e8:2f:
ee:af:3e:d5:e2:03:0a:e5:c0:04:21:22:6d:bc:54:
32:28:e4:a3:24:28:1c:5a:43:8f:2d:42:49:9a:53:
df:bf:23:16:c8:71:ce:d8:94:25:24:7c:a5:9e:3e:
63:93:c1:ad:25:5c:9d:72:0b:fb:f2:97:da:4c:b9:
cf:e4:b2:cd:e2:3a:8b:5b:1b:ce:aa:0a:e6:66:24:
2a:31:c7:c1:9e:e0:0e:cd:f8:25:42:75:57:7e:eb:
f6:85:7d:84:ff:34:f6:97:2f:7b:e6:e9:44:9f:99:
0d:9a:00:1c:a7:e3:49:1c:09:a5:1d:37:59:e7:a8:
b5:e4:4c:14:f7:66:74:01:e8:c4:ec:91:87:b2:c7:
88:84:59:26:2f:70:86:88:c3:69:9b:f8:79:0b:44:
2b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6E:29:B5:63:19:E6:1B:0E:31:4B:BF:F1:AE:39:CA:6D:43:58:F6
X509v3 Authority Key Identifier:
keyid:01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/Ym4ptWMZ5hsOMUu_8a45ym1DWPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.16.0/22
185.38.192.0/24
Signature Algorithm: sha256WithRSAEncryption
03:08:2e:95:9f:81:bf:b5:1c:a4:df:4b:0b:17:a9:45:cd:b9:
67:c9:a1:4d:12:69:70:1f:45:8b:02:48:46:dc:63:a4:9a:6f:
34:1a:58:04:14:6d:b6:89:7b:57:1d:45:65:67:38:ac:cf:43:
9c:6f:b2:28:0d:6e:ec:b6:da:6c:d7:c4:23:22:7c:30:e8:7e:
0a:c5:43:9e:12:40:a6:7f:6c:c2:28:38:b3:c3:e3:79:bc:a5:
e5:9c:dc:dd:a6:1d:0c:23:ef:43:6d:b6:3e:98:d6:8d:e8:8c:
e0:2a:b8:84:d7:d0:79:2a:82:89:5a:d0:b8:8f:6c:7a:9b:04:
73:ff:29:08:1b:c4:51:d5:68:2a:fb:23:89:7a:d1:08:63:b1:
e7:a0:44:1d:f0:2c:71:57:c1:27:55:da:e1:51:f6:87:e9:ab:
8b:0b:c7:32:68:6b:12:71:b1:87:5e:e4:67:2f:aa:f8:18:98:
7c:41:59:be:ef:4a:d3:a9:4a:a6:56:e6:6f:df:7a:54:88:e7:
74:cb:a7:ba:e3:ed:8a:18:2b:2e:70:b4:d5:3d:a7:de:2a:74:
31:74:61:2a:07:4d:e0:09:83:3b:1e:46:97:36:37:f4:3b:3f:
2b:e6:f6:2b:44:af:10:5e:32:64:87:49:c7:8e:a3:aa:f0:8e:
15:eb:cc:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTHo1UUserQjp3fa7mRoRVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTI3NTY2YTVhYzQxZTY2YjRjNzUzN2E2MGZkY2JiZmFi
MzlhMTcwHhcNMjIxMTMwMDgyNDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZlMjliNTYzMTllNjFiMGUzMTRiYmZmMWFlMzljYTZkNDM1OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2qjUVqYFG3XO+QAA7qcQEf6S8Ut
vQidcTRSS5/slErztUaRBlrESWTx64iiHFCOuuDAHY3XFQC1PJ0JEjF/QK7y4g6p
utseTXTna09WEbnqkIZp3O2EpAbSZgiyXYpYvtUzSR0h6C/urz7V4gMK5cAEISJt
vFQyKOSjJCgcWkOPLUJJmlPfvyMWyHHO2JQlJHylnj5jk8GtJVydcgv78pfaTLnP
5LLN4jqLWxvOqgrmZiQqMcfBnuAOzfglQnVXfuv2hX2E/zT2ly975ulEn5kNmgAc
p+NJHAmlHTdZ56i15EwU92Z0AejE7JGHsseIhFkmL3CGiMNpm/h5C0QrJQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGJuKbVjGeYbDjFLv/GuOcptQ1j2MB8GA1UdIwQY
MBaAFAESdWalrEHma0x1N6YP3Lv6s5oXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2It
MWJlYWM3NDQwMjYyLzEvWW00cHRXTVo1aHNPTVV1XzhhNDV5bTFEV1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2ItMWJlYWM3NDQwMjYy
LzEvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNYQAwQA
uSbAMA0GCSqGSIb3DQEBCwUAA4IBAQADCC6Vn4G/tRyk30sLF6lFzblnyaFNEmlw
H0WLAkhG3GOkmm80GlgEFG22iXtXHUVlZzisz0Ocb7IoDW7sttps18QjInww6H4K
xUOeEkCmf2zCKDizw+N5vKXlnNzdph0MI+9DbbY+mNaN6IzgKriE19B5KoKJWtC4
j2x6mwRz/ykIG8RR1Wgq+yOJetEIY7HnoEQd8CxxV8EnVdrhUfaH6auLC8cyaGsS
cbGHXuRnL6r4GJh8QVm+70rTqUqmVuZv33pUiOd0y6e64+2KGCsucLTVPafeKnQx
dGEqB03gCYM7HkaXNjf0Oz8r5vYrRK8QXjJkh0nHjqOq8I4V68wg
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:22 2025 by rpki-client