Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/vCw2DFQtuJzeYv4F1VzMxJCj8dg.roa
File: vCw2DFQtuJzeYv4F1VzMxJCj8dg.roa (raw, json)
Hash identifier: XcgbV3/5yNlowVSkaDB5EgkK9TUxJ4zRsdJg4m0Atbk=
Subject key identifier: BC:2C:36:0C:54:2D:B8:9C:DE:62:FE:05:D5:5C:CC:C4:90:A3:F1:D8
Certificate issuer: /CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Certificate serial: 01854420D85104A738A1352C903486B9717D
Authority key identifier: 01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/vCw2DFQtuJzeYv4F1VzMxJCj8dg.roa
Signing time: Sat 24 Dec 2022 12:34:41 +0000
ROA not before: Sat 24 Dec 2022 12:34:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209277
IP address blocks: 185.38.192.0/24 maxlen: 24
185.38.193.0/24 maxlen: 24
88.214.16.0/24 maxlen: 24
88.214.17.0/24 maxlen: 24
88.214.19.0/24 maxlen: 24
88.214.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:20:d8:51:04:a7:38:a1:35:2c:90:34:86:b9:71:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Validity
Not Before: Dec 24 12:34:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc2c360c542db89cde62fe05d55cccc490a3f1d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:75:82:f3:04:aa:5b:be:6f:64:24:83:1d:71:
6b:02:2e:6d:c1:02:32:8c:39:61:65:29:86:28:3f:
33:4c:06:8b:2a:be:a4:45:6f:d1:b1:0d:13:57:50:
7c:26:9e:cb:7f:ef:83:8b:7d:c3:e9:08:96:45:9e:
04:e9:01:e0:d1:97:07:13:2b:67:41:3f:5e:09:6d:
8a:f4:cb:dd:92:fb:d7:02:39:78:23:b6:5a:c0:c7:
18:e6:f0:e3:96:2a:10:cb:8e:f2:bc:3e:7e:92:99:
8f:f9:13:92:f7:ef:7f:32:4e:8f:be:db:f7:89:89:
9c:54:5d:ef:4a:2f:0b:ae:d5:3b:39:12:c7:9d:10:
f1:2d:3e:31:fd:11:3c:6d:b5:67:15:16:b9:87:d1:
a5:e5:be:09:bf:57:33:f6:fd:69:74:71:0b:b3:cb:
cc:cb:19:e7:8b:52:26:dc:39:c9:91:25:78:84:04:
d1:fc:21:fd:ca:3b:11:86:48:d2:14:06:4a:99:35:
30:e3:3f:a0:41:58:7e:5a:1f:8b:65:c0:b5:b3:46:
00:ba:58:18:c0:ad:4c:fb:c0:5e:d1:d7:48:dc:26:
9d:e3:59:2a:eb:be:33:8c:65:f1:04:8a:03:34:28:
14:93:b6:18:b3:d5:4c:83:ee:de:19:17:89:de:3b:
b0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:2C:36:0C:54:2D:B8:9C:DE:62:FE:05:D5:5C:CC:C4:90:A3:F1:D8
X509v3 Authority Key Identifier:
keyid:01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/vCw2DFQtuJzeYv4F1VzMxJCj8dg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.16.0/22
185.38.192.0/23
Signature Algorithm: sha256WithRSAEncryption
57:66:64:27:59:01:84:0a:66:60:f7:b5:7d:9e:7d:89:86:2c:
6e:c0:ae:51:08:da:3e:c1:4d:f8:2e:e6:84:6f:67:f7:e0:cd:
c4:b6:9c:2c:9d:c6:35:49:32:0b:b4:5f:06:86:97:08:f0:f8:
69:4b:60:30:f2:4e:c9:14:47:c3:ca:fc:82:2c:0d:71:18:49:
f6:35:8d:9b:d1:63:51:d0:32:8c:31:ff:02:8f:f2:e7:a5:52:
8e:46:66:c8:ce:82:15:48:7b:b4:99:fc:b4:12:11:90:0c:19:
15:74:c8:1e:59:e5:50:28:fc:c0:e8:a5:7e:f1:08:d8:ca:f3:
1b:f6:ab:e7:ad:07:52:94:8f:08:b7:18:07:f6:9d:21:eb:f7:
86:f8:cc:c0:f6:24:1c:f7:0f:6f:6d:19:ed:06:b1:5c:50:9c:
c5:45:a2:2b:f9:09:b6:67:5e:8e:6d:21:ba:82:08:18:82:6d:
a2:fe:94:35:55:23:52:6f:6f:2b:77:d5:18:5d:d6:f2:0c:7b:
9b:ab:38:ad:be:73:bd:d3:ff:41:cb:6b:fd:c6:2a:10:94:0c:
56:67:f6:2c:6e:3a:9c:25:9d:d5:3e:e2:1f:84:a2:7b:64:b7:
0c:c4:48:8e:c9:32:a8:e7:bd:c8:5d:db:ab:f9:86:85:35:ea:
62:cf:bb:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVEINhRBKc4oTUskDSGuXF9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTI3NTY2YTVhYzQxZTY2YjRjNzUzN2E2MGZkY2JiZmFi
MzlhMTcwHhcNMjIxMjI0MTIzNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzJjMzYwYzU0MmRiODljZGU2MmZlMDVkNTVjY2NjNDkwYTNmMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHWC8wSqW75vZCSDHXFrAi5twQIy
jDlhZSmGKD8zTAaLKr6kRW/RsQ0TV1B8Jp7Lf++Di33D6QiWRZ4E6QHg0ZcHEytn
QT9eCW2K9MvdkvvXAjl4I7ZawMcY5vDjlioQy47yvD5+kpmP+ROS9+9/Mk6Pvtv3
iYmcVF3vSi8LrtU7ORLHnRDxLT4x/RE8bbVnFRa5h9Gl5b4Jv1cz9v1pdHELs8vM
yxnni1Im3DnJkSV4hATR/CH9yjsRhkjSFAZKmTUw4z+gQVh+Wh+LZcC1s0YAulgY
wK1M+8Be0ddI3Cad41kq674zjGXxBIoDNCgUk7YYs9VMg+7eGReJ3juwbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLwsNgxULbic3mL+BdVczMSQo/HYMB8GA1UdIwQY
MBaAFAESdWalrEHma0x1N6YP3Lv6s5oXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2It
MWJlYWM3NDQwMjYyLzEvdkN3MkRGUXR1SnplWXY0RjFWek14SkNqOGRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2ItMWJlYWM3NDQwMjYy
LzEvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNYQAwQB
uSbAMA0GCSqGSIb3DQEBCwUAA4IBAQBXZmQnWQGECmZg97V9nn2JhixuwK5RCNo+
wU34LuaEb2f34M3EtpwsncY1STILtF8GhpcI8PhpS2Aw8k7JFEfDyvyCLA1xGEn2
NY2b0WNR0DKMMf8Cj/LnpVKORmbIzoIVSHu0mfy0EhGQDBkVdMgeWeVQKPzA6KV+
8QjYyvMb9qvnrQdSlI8ItxgH9p0h6/eG+MzA9iQc9w9vbRntBrFcUJzFRaIr+Qm2
Z16ObSG6gggYgm2i/pQ1VSNSb28rd9UYXdbyDHubqzitvnO90/9By2v9xioQlAxW
Z/YsbjqcJZ3VPuIfhKJ7ZLcMxEiOyTKo573IXdur+YaFNepiz7vP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:52 2023 by rpki-client on console-ams.rpki-client.org