Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/4HG34bdLQDtiliLFvQkg1Zi49z8.roa
File: 4HG34bdLQDtiliLFvQkg1Zi49z8.roa (raw, json)
Hash identifier: AbC6CJJEc/ncawikMbGvkhGGwNchWnU5T1FD7New+G8=
Subject key identifier: E0:71:B7:E1:B7:4B:40:3B:62:96:22:C5:BD:09:20:D5:98:B8:F7:3F
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 04F63FE8
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/4HG34bdLQDtiliLFvQkg1Zi49z8.roa
Signing time: Sat 01 Jan 2022 11:59:23 +0000
ROA not before: Sat 01 Jan 2022 11:59:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 38913
IP address blocks: 88.214.28.0/22 maxlen: 22
2a09:8b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 83247080 (0x4f63fe8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Jan 1 11:59:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e071b7e1b74b403b629622c5bd0920d598b8f73f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e1:b8:38:40:53:c6:2c:a2:7d:1e:35:56:3e:
ea:0c:9a:7a:05:b2:62:68:70:9a:02:1f:1e:5c:54:
c5:e7:b2:fc:12:29:6f:b3:b8:31:77:54:af:7d:4f:
36:76:4d:f1:34:0e:19:84:d5:6d:4f:56:d3:d2:fd:
f3:e6:6e:fc:89:98:15:37:d2:47:2c:24:3c:0b:62:
1d:00:a4:1c:15:f1:f5:b6:ee:e2:87:3b:2e:2e:73:
40:e9:f9:3a:00:d4:d5:a3:23:d8:05:c1:7c:4c:0f:
ec:22:b2:01:7f:f8:03:99:7a:47:92:ea:04:2a:dd:
7e:39:ef:6e:46:5e:c9:1d:8c:14:8c:15:90:29:ed:
d0:ce:ac:28:2b:dd:25:d2:7c:0e:c6:c5:84:f4:7b:
2b:64:d9:08:37:0f:54:e5:df:be:d8:02:c5:50:1e:
cc:17:f3:84:18:2f:96:27:34:33:ec:2b:e3:46:70:
51:9a:5b:28:37:de:d7:07:6e:c0:e6:63:9b:62:b9:
1c:80:cd:41:5e:43:d0:f2:b8:f2:56:a0:d5:f7:80:
5d:6f:9b:87:00:55:bb:1f:34:2c:f9:bd:ab:c9:77:
cf:3a:e7:1b:3f:55:80:f0:fe:d8:20:0f:74:ee:51:
9b:ad:a0:c6:88:73:38:64:21:88:7f:c1:b1:9d:84:
29:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:71:B7:E1:B7:4B:40:3B:62:96:22:C5:BD:09:20:D5:98:B8:F7:3F
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/4HG34bdLQDtiliLFvQkg1Zi49z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.28.0/22
IPv6:
2a09:8b00::/29
Signature Algorithm: sha256WithRSAEncryption
6a:e5:c2:3a:15:9e:97:56:a4:04:9c:6c:5c:ce:51:59:a9:0b:
ff:1f:11:15:36:ea:e7:c7:2f:ee:39:b7:be:f7:d1:98:b7:64:
96:54:d9:01:07:02:a3:9d:18:28:43:b5:75:d1:75:23:fb:c3:
32:0c:4a:61:6f:46:95:c1:37:42:52:00:45:a4:db:a5:fa:5b:
4e:99:e4:1b:ad:59:51:13:2b:dd:62:c8:b0:6a:d8:0c:ad:05:
fb:8c:9e:5d:34:fc:35:97:a5:7f:23:59:3d:cf:b9:bc:e5:36:
12:2a:48:ee:7a:2b:d5:cf:9d:90:de:e7:9a:3f:1c:f3:5b:e9:
e5:2c:85:a4:e1:3d:f0:72:92:a0:0e:64:a8:85:7a:b6:05:da:
52:86:e8:40:f1:cf:56:dd:b4:1c:e0:3a:89:7e:e5:b7:4e:98:
84:e5:60:6e:c5:cd:7f:80:eb:f1:77:e2:9c:d5:71:c9:fc:4b:
98:7e:9e:49:43:28:d0:3a:ff:8c:ec:63:d6:f2:7e:f8:31:b3:
0a:d5:4c:bc:c0:d8:4a:e4:b5:a7:89:7f:47:88:9c:2e:74:a8:
cb:30:a4:79:af:ab:da:84:81:cf:a6:4c:99:c9:27:5b:53:30:
31:64:4f:7e:d8:38:f7:de:5b:54:70:37:6e:63:d0:62:10:12:
5b:be:ed:cb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBPY/6DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MDM3NTEyZTUzNTVlODE1YWNmMDY0NjAzZjhhZTNmNTUyOGE1ZTNiMB4XDTIyMDEw
MTExNTkyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA3MWI3ZTFiNzRi
NDAzYjYyOTYyMmM1YmQwOTIwZDU5OGI4ZjczZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbhuDhAU8Yson0eNVY+6gyaegWyYmhwmgIfHlxUxeey/BIp
b7O4MXdUr31PNnZN8TQOGYTVbU9W09L98+Zu/ImYFTfSRywkPAtiHQCkHBXx9bbu
4oc7Li5zQOn5OgDU1aMj2AXBfEwP7CKyAX/4A5l6R5LqBCrdfjnvbkZeyR2MFIwV
kCnt0M6sKCvdJdJ8DsbFhPR7K2TZCDcPVOXfvtgCxVAezBfzhBgvlic0M+wr40Zw
UZpbKDfe1wduwOZjm2K5HIDNQV5D0PK48lag1feAXW+bhwBVux80LPm9q8l3zzrn
Gz9VgPD+2CAPdO5Rm62gxohzOGQhiH/BsZ2EKRMCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTgcbfht0tAO2KWIsW9CSDVmLj3PzAfBgNVHSMEGDAWgBQgN1EuU1XoFazw
ZGA/iuP1UopeOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lEZFJMbE5WNkJXczhHUmdQNHJqOVZLS1hqcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDYvYjE0NzVkLWZjYzItNDhiYi1hZTAxLWMyYmEyNDY1M2Y3Yi8x
LzRIRzM0YmRMUUR0aWxpTEZ2UWtnMVppNDl6OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYv
YjE0NzVkLWZjYzItNDhiYi1hZTAxLWMyYmEyNDY1M2Y3Yi8xL0lEZFJMbE5WNkJX
czhHUmdQNHJqOVZLS1hqcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAljWHDANBAIAAjAHAwUDKgmLADAN
BgkqhkiG9w0BAQsFAAOCAQEAauXCOhWel1akBJxsXM5RWakL/x8RFTbq58cv7jm3
vvfRmLdkllTZAQcCo50YKEO1ddF1I/vDMgxKYW9GlcE3QlIARaTbpfpbTpnkG61Z
URMr3WLIsGrYDK0F+4yeXTT8NZelfyNZPc+5vOU2EipI7nor1c+dkN7nmj8c81vp
5SyFpOE98HKSoA5kqIV6tgXaUoboQPHPVt20HOA6iX7lt06YhOVgbsXNf4Dr8Xfi
nNVxyfxLmH6eSUMo0Dr/jOxj1vJ++DGzCtVMvMDYSuS1p4l/R4icLnSoyzCkea+r
2oSBz6ZMmcknW1MwMWRPftg4995bVHA3bmPQYhASW77tyw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:29 2025 by rpki-client