Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/5t4iD9pPk7TJnFOQV5fFpWWzAeU.roa
File: 5t4iD9pPk7TJnFOQV5fFpWWzAeU.roa (raw, json)
Hash identifier: TBjvNXvcOD5nP/Hzw5Edstqvt62F0G+pZbEF24FarvE=
Subject key identifier: E6:DE:22:0F:DA:4F:93:B4:C9:9C:53:90:57:97:C5:A5:65:B3:01:E5
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0874EC89
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/5t4iD9pPk7TJnFOQV5fFpWWzAeU.roa
Signing time: Sat 01 Jan 2022 00:53:31 +0000
ROA not before: Sat 01 Jan 2022 00:53:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198651
IP address blocks: 195.12.189.0/24 maxlen: 24
195.12.190.0/24 maxlen: 24
195.12.188.0/24 maxlen: 24
195.12.191.0/24 maxlen: 24
88.119.176.0/24 maxlen: 24
88.119.179.0/24 maxlen: 24
88.119.177.0/24 maxlen: 24
88.119.178.0/24 maxlen: 24
2a00:1eb8:c000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141880457 (0x874ec89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 1 00:53:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6de220fda4f93b4c99c53905797c5a565b301e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:43:02:c8:cc:d5:ec:33:5d:d8:a3:46:25:f9:
7e:e9:14:d0:71:ed:18:c1:9a:dd:90:a1:a1:0a:95:
71:15:ed:ab:77:8d:66:e2:21:b3:a8:c3:25:2c:0b:
f4:57:c6:59:33:22:d4:04:2b:de:c9:13:ce:bb:ba:
88:b4:7d:8e:44:ea:c5:8b:c4:c9:f1:2e:4d:f9:c8:
bf:85:31:f4:c6:10:e9:cb:df:66:3a:af:7c:0c:36:
88:50:7d:a0:40:97:d8:af:57:d0:db:3f:d9:66:7c:
f4:07:a4:3d:92:37:47:19:8a:35:68:ba:d9:90:36:
80:f9:17:20:fa:8d:a2:33:3a:c9:9e:64:42:56:a5:
cb:dd:33:03:15:7d:34:5b:46:59:2c:18:b8:0d:31:
af:50:39:0d:82:c5:2a:5c:be:b1:02:24:0f:5a:be:
74:80:7e:83:1e:e2:34:59:c9:3b:65:93:09:7c:ef:
3b:4f:af:69:6d:d1:27:44:1d:d3:58:2e:de:64:79:
3a:c9:65:2c:c2:c0:80:35:57:2d:2b:2d:58:7c:52:
ee:e3:3c:43:ba:0f:d4:06:bf:ad:05:40:aa:09:bf:
23:db:a9:eb:00:62:c1:81:78:2d:3d:17:67:36:c6:
1b:31:6c:4d:41:44:29:3b:59:78:68:10:00:55:7f:
90:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DE:22:0F:DA:4F:93:B4:C9:9C:53:90:57:97:C5:A5:65:B3:01:E5
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/5t4iD9pPk7TJnFOQV5fFpWWzAeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.119.176.0/22
195.12.188.0/22
IPv6:
2a00:1eb8:c000::/48
Signature Algorithm: sha256WithRSAEncryption
05:ab:3b:d0:b9:94:73:96:31:3e:f1:e9:20:e8:99:2f:8b:03:
1a:f4:98:a3:fc:55:74:1a:f1:f6:54:a2:4c:63:4b:65:16:bc:
9b:3a:d5:78:94:66:09:36:16:69:e7:6a:f6:b3:90:d6:58:25:
c6:67:cc:0a:ba:2a:14:86:90:84:2c:24:a0:a2:be:25:56:81:
1c:58:bd:53:50:20:45:d1:72:7c:9f:20:12:1a:85:95:71:9e:
f8:4b:85:93:4d:d7:a8:66:d1:58:42:a8:fc:cf:18:1f:bf:f5:
25:16:44:c1:03:c3:4d:a6:e0:42:66:66:40:66:04:c1:89:a1:
1b:bc:dd:4e:ed:8f:b9:24:81:0d:aa:0c:91:0f:a7:84:f9:75:
59:0f:86:7c:7f:fb:a0:0c:52:a2:b7:13:ae:79:f6:d3:6f:51:
78:a2:c1:f7:64:d3:3e:aa:80:98:9d:34:51:09:90:97:3e:0d:
7f:4a:a4:80:37:7c:27:6f:b6:9b:d7:80:8c:bd:e7:6b:9e:58:
f7:2d:27:ba:ba:24:ee:48:7b:e5:02:b7:7d:81:1c:50:b7:19:
78:93:49:89:42:d4:f3:e8:35:5b:45:82:0f:8b:98:11:a7:97:
47:1b:eb:f4:cb:53:8c:1b:f0:45:3d:87:cb:05:00:0f:a5:1d:
7b:4c:c0:9f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIECHTsiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
Yjk4NzI0NDYxMWI1MjMwNTM2NzQ0YjZhODlmMDQ0ZjMyZjQ2MmVhMB4XDTIyMDEw
MTAwNTMzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTZkZTIyMGZkYTRm
OTNiNGM5OWM1MzkwNTc5N2M1YTU2NWIzMDFlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhDAsjM1ewzXdijRiX5fukU0HHtGMGa3ZChoQqVcRXtq3eN
ZuIhs6jDJSwL9FfGWTMi1AQr3skTzru6iLR9jkTqxYvEyfEuTfnIv4Ux9MYQ6cvf
ZjqvfAw2iFB9oECX2K9X0Ns/2WZ89AekPZI3RxmKNWi62ZA2gPkXIPqNojM6yZ5k
Qlaly90zAxV9NFtGWSwYuA0xr1A5DYLFKly+sQIkD1q+dIB+gx7iNFnJO2WTCXzv
O0+vaW3RJ0Qd01gu3mR5OsllLMLAgDVXLSstWHxS7uM8Q7oP1Aa/rQVAqgm/I9up
6wBiwYF4LT0XZzbGGzFsTUFEKTtZeGgQAFV/kJkCAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBTm3iIP2k+TtMmcU5BXl8WlZbMB5TAfBgNVHSMEGDAWgBT7mHJEYRtSMFNn
RLaonwRPMvRi6jAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzQ0LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEv
MS81dDRpRDlwUGs3VEpuRk9RVjVmRnBXV3pBZVUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzQ0
LzMxOWQ3Yy03ZTc2LTQzMDgtYmMwMC1iZTU4MzJkNWY3YWEvMS8xLTVoeVJHRWJV
akJUWjBTMnFKOEVUekwwWXVvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCWHewAwQCwwy8MA8EAgACMAkD
BwAqAB64wAAwDQYJKoZIhvcNAQELBQADggEBAAWrO9C5lHOWMT7x6SDomS+LAxr0
mKP8VXQa8fZUokxjS2UWvJs61XiUZgk2FmnnavazkNZYJcZnzAq6KhSGkIQsJKCi
viVWgRxYvVNQIEXRcnyfIBIahZVxnvhLhZNN16hm0VhCqPzPGB+/9SUWRMEDw02m
4EJmZkBmBMGJoRu83U7tj7kkgQ2qDJEPp4T5dVkPhnx/+6AMUqK3E6559tNvUXii
wfdk0z6qgJidNFEJkJc+DX9KpIA3fCdvtpvXgIy952ueWPctJ7q6JO5Ie+UCt32B
HFC3GXiTSYlC1PPoNVtFgg+LmBGnl0cb6/TLU4wb8EU9h8sFAA+lHXtMwJ8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:18 2024 by rpki-client on console-fra.rpki-client.org