Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/Rj0AoteXekkNSgIJHNjAoud9Iqg.roa
File: Rj0AoteXekkNSgIJHNjAoud9Iqg.roa (raw, json)
Hash identifier: EAJ5QMSS8KWXnWraA00DE2KXq9DdmfUv173ITe1bhvw=
Subject key identifier: 46:3D:00:A2:D7:97:7A:49:0D:4A:02:09:1C:D8:C0:A2:E7:7D:22:A8
Certificate issuer: /CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Certificate serial: 018225F92F5ACA98A66F803C8DA2AF65F983
Authority key identifier: 74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/Rj0AoteXekkNSgIJHNjAoud9Iqg.roa
Signing time: Fri 22 Jul 2022 12:54:23 +0000
ROA not before: Fri 22 Jul 2022 12:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 88.202.210.0/24 maxlen: 24
88.202.209.0/24 maxlen: 24
88.202.208.0/24 maxlen: 24
88.212.159.0/24 maxlen: 24
88.212.158.0/24 maxlen: 24
88.212.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:25:f9:2f:5a:ca:98:a6:6f:80:3c:8d:a2:af:65:f9:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7445ddeedfbd72d313e9ee8cceeae8403cc34146
Validity
Not Before: Jul 22 12:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=463d00a2d7977a490d4a02091cd8c0a2e77d22a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:90:f3:9f:c4:0a:46:67:6b:b6:d5:cf:cf:2f:
56:e0:a7:46:13:24:b0:c2:85:af:f6:a9:d1:37:9b:
2a:91:58:6e:d5:c1:43:23:0b:b0:81:bb:82:b9:38:
8a:d3:b1:f5:55:df:ca:dd:5d:9a:a6:b7:d7:fc:b4:
34:f6:36:4f:3a:82:79:c9:e1:fa:13:bb:33:42:3a:
09:05:c1:7f:97:81:c8:c9:95:61:af:ee:ef:4f:7a:
d3:7c:e3:38:9f:b3:ad:52:51:45:66:93:db:8a:1a:
9b:30:9f:a0:cd:c6:7c:3f:7c:85:e0:b7:42:4e:64:
ab:cf:26:08:60:17:da:44:cb:53:78:61:55:5d:d1:
2d:7f:a4:e2:96:51:f7:fa:df:68:12:28:e3:e2:17:
26:6d:b8:44:6a:1f:35:55:0a:f9:b7:56:68:05:44:
ec:12:9a:21:d0:a4:53:64:9b:1b:d0:47:9e:ee:f4:
f7:3c:a6:22:f4:4d:5b:6d:3b:ae:60:4f:5d:b1:dc:
07:a8:de:bf:0f:6d:8c:38:13:e5:5f:4b:1c:0d:3a:
3d:8d:e8:86:9d:db:b9:99:fb:99:46:39:37:c1:39:
12:76:95:10:97:b7:e9:25:fb:d9:7e:86:42:ea:f2:
fa:2d:2c:c9:45:fb:b8:8c:b4:5a:e9:59:97:fd:bc:
d1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:3D:00:A2:D7:97:7A:49:0D:4A:02:09:1C:D8:C0:A2:E7:7D:22:A8
X509v3 Authority Key Identifier:
keyid:74:45:DD:EE:DF:BD:72:D3:13:E9:EE:8C:CE:EA:E8:40:3C:C3:41:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dEXd7t-9ctMT6e6MzuroQDzDQUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/Rj0AoteXekkNSgIJHNjAoud9Iqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/c1765b-e3a5-410c-9cd3-6ca340fa7493/1/dEXd7t-9ctMT6e6MzuroQDzDQUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.202.208.0-88.202.210.255
88.212.156.0/24
88.212.158.0/23
Signature Algorithm: sha256WithRSAEncryption
21:50:9f:61:eb:07:e9:db:ab:6d:32:f1:ee:67:d5:f6:18:cd:
8a:b6:51:ac:37:44:fc:bd:bd:32:cd:6a:66:6d:1a:7a:a7:db:
8e:d8:eb:42:ab:13:3b:39:4a:07:34:8d:7e:8a:d8:de:09:75:
7b:ae:5a:27:ce:c6:8c:98:16:2c:2d:d5:ab:64:0d:a5:b6:f7:
3c:f3:0f:38:65:a4:35:8b:c2:f3:66:49:b3:d1:4e:5f:21:ce:
8e:1b:60:3f:8e:67:2c:38:68:56:f2:07:3e:5c:78:96:a3:dd:
33:c4:f4:aa:4c:14:2c:f6:2d:fa:8d:fd:42:1b:ed:8f:f4:8d:
00:7a:ef:28:b7:da:db:11:e2:25:f3:35:5f:04:1e:12:f8:08:
e8:5c:4c:fd:4f:93:00:eb:29:44:76:f6:17:39:db:6f:6d:26:
f8:12:fd:51:72:e0:e3:12:83:7a:d8:9c:ce:6a:6b:c8:07:be:
b8:d7:9d:d4:52:80:55:78:f3:b9:86:c7:5e:b3:12:eb:66:d2:
94:cb:78:38:3a:b7:9e:e8:d7:b1:81:29:1d:81:d0:ea:68:67:
51:28:58:2b:e7:b7:f9:94:17:70:ca:41:b3:8d:4d:12:78:6b:
3c:f3:e8:db:d1:84:1d:ee:1d:9a:65:82:ee:aa:55:ef:f3:f8:
5f:30:da:79
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYIl+S9aypimb4A8jaKvZfmDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0NDVkZGVlZGZiZDcyZDMxM2U5ZWU4Y2NlZWFlODQwM2Nj
MzQxNDYwHhcNMjIwNzIyMTI1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjNkMDBhMmQ3OTc3YTQ5MGQ0YTAyMDkxY2Q4YzBhMmU3N2QyMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZDzn8QKRmdrttXPzy9W4KdGEySw
woWv9qnRN5sqkVhu1cFDIwuwgbuCuTiK07H1Vd/K3V2aprfX/LQ09jZPOoJ5yeH6
E7szQjoJBcF/l4HIyZVhr+7vT3rTfOM4n7OtUlFFZpPbihqbMJ+gzcZ8P3yF4LdC
TmSrzyYIYBfaRMtTeGFVXdEtf6TillH3+t9oEijj4hcmbbhEah81VQr5t1ZoBUTs
Epoh0KRTZJsb0Eee7vT3PKYi9E1bbTuuYE9dsdwHqN6/D22MOBPlX0scDTo9jeiG
ndu5mfuZRjk3wTkSdpUQl7fpJfvZfoZC6vL6LSzJRfu4jLRa6VmX/bzRgwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEY9AKLXl3pJDUoCCRzYwKLnfSKoMB8GA1UdIwQY
MBaAFHRF3e7fvXLTE+nujM7q6EA8w0FGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMt
NmNhMzQwZmE3NDkzLzEvUmowQW90ZVhla2tOU2dJSkhOakFvdWQ5SXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi9jMTc2NWItZTNhNS00MTBjLTljZDMtNmNhMzQwZmE3NDkz
LzEvZEVYZDd0LTljdE1UNmU2TXp1cm9RRHpEUVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBARYytAD
BABYytIDBABY1JwDBAFY1J4wDQYJKoZIhvcNAQELBQADggEBACFQn2HrB+nbq20y
8e5n1fYYzYq2Uaw3RPy9vTLNamZtGnqn247Y60KrEzs5Sgc0jX6K2N4JdXuuWifO
xoyYFiwt1atkDaW29zzzDzhlpDWLwvNmSbPRTl8hzo4bYD+OZyw4aFbyBz5ceJaj
3TPE9KpMFCz2LfqN/UIb7Y/0jQB67yi32tsR4iXzNV8EHhL4COhcTP1PkwDrKUR2
9hc5229tJvgS/VFy4OMSg3rYnM5qa8gHvrjXndRSgFV487mGx16zEutm0pTLeDg6
t57o17GBKR2B0OpoZ1EoWCvnt/mUF3DKQbONTRJ4azzz6NvRhB3uHZplgu6qVe/z
+F8w2nk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:43 2023 by rpki-client on console-ams.rpki-client.org