Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QuaGZz7FVj4iC0SNJzjFQ_MUipg.roa
File: QuaGZz7FVj4iC0SNJzjFQ_MUipg.roa (raw, json)
Hash identifier: 2vW3+je5bS9O+dgY+mSQBnCJqQAwPMT8z3dnJiXuwnM=
Subject key identifier: 42:E6:86:67:3E:C5:56:3E:22:0B:44:8D:27:38:C5:43:F3:14:8A:98
Certificate issuer: /CN=63b82772af3d611b99b1ba6e3eb6cbfd16965363
Certificate serial: 018266A1E98E17AB1A037FE8A8C2C948CC86
Authority key identifier: 63:B8:27:72:AF:3D:61:1B:99:B1:BA:6E:3E:B6:CB:FD:16:96:53:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y7gncq89YRuZsbpuPrbL_RaWU2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QuaGZz7FVj4iC0SNJzjFQ_MUipg.roa
Signing time: Thu 04 Aug 2022 02:14:23 +0000
ROA not before: Thu 04 Aug 2022 02:14:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209716
IP address blocks: 88.218.235.0/25 maxlen: 25
2a0c:ad80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:66:a1:e9:8e:17:ab:1a:03:7f:e8:a8:c2:c9:48:cc:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63b82772af3d611b99b1ba6e3eb6cbfd16965363
Validity
Not Before: Aug 4 02:14:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=42e686673ec5563e220b448d2738c543f3148a98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:32:6a:fd:dd:19:83:60:5b:08:02:4e:9a:57:
24:84:2e:2e:ee:3b:83:7a:b4:69:bb:1c:51:3a:0d:
71:24:ba:d1:0f:c7:e8:32:dc:f9:3d:c7:39:c5:3c:
65:de:fd:fc:30:84:85:21:e0:8f:ce:8a:29:e8:03:
d6:6a:ff:52:7f:f9:2f:69:70:21:25:8f:c8:2e:1e:
b3:d5:1c:8e:18:97:31:e9:2b:e8:c0:52:6d:e8:45:
3a:e5:06:c2:be:e8:3a:44:5e:d4:0d:53:4f:bd:9f:
37:f8:d7:8e:3e:4f:fc:68:ae:0a:5b:b8:08:42:c4:
07:cf:23:21:1d:21:a9:4b:8e:fe:71:1d:09:60:78:
bf:3c:90:b2:8a:46:de:16:c9:aa:96:0c:60:65:9b:
9b:73:73:07:fb:e1:95:09:6e:e3:a9:74:93:93:1a:
11:cd:90:50:7f:da:0f:53:9a:0a:f9:05:e3:86:7d:
b8:c8:64:79:32:0a:12:06:3b:29:53:67:92:81:38:
08:f8:c6:d2:fc:da:4d:62:ea:5a:54:ce:5f:ea:04:
32:80:5d:07:12:b9:69:39:5d:b4:3b:a4:3d:4a:2e:
06:83:dc:9f:72:51:83:81:09:e7:f5:6e:71:cb:75:
62:c3:ab:db:86:35:4b:f9:e4:d6:8c:e8:2a:17:75:
19:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:E6:86:67:3E:C5:56:3E:22:0B:44:8D:27:38:C5:43:F3:14:8A:98
X509v3 Authority Key Identifier:
keyid:63:B8:27:72:AF:3D:61:1B:99:B1:BA:6E:3E:B6:CB:FD:16:96:53:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y7gncq89YRuZsbpuPrbL_RaWU2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/QuaGZz7FVj4iC0SNJzjFQ_MUipg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/cb0d91-8270-4550-8fac-0ce2038aaa7b/1/Y7gncq89YRuZsbpuPrbL_RaWU2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.235.0/25
IPv6:
2a0c:ad80::/29
Signature Algorithm: sha256WithRSAEncryption
89:54:2b:77:4e:a3:2d:20:40:87:a3:62:c8:16:d7:aa:3d:c9:
b8:de:f1:3a:9f:c2:69:c1:0f:d8:36:bd:eb:19:04:d9:6c:ee:
f8:4e:cb:2f:d1:e3:80:8b:2f:31:27:7b:df:66:ca:25:ac:65:
62:c9:0b:d3:86:cc:33:9c:d7:b2:85:5a:d8:41:55:fc:fc:75:
66:ca:ea:c2:d7:33:0e:53:d1:55:5a:4a:f7:e3:6c:e8:84:93:
47:6f:d1:f1:1f:34:55:88:fa:98:df:17:ea:46:ca:01:72:33:
b1:57:ab:e5:42:30:42:4f:ec:68:72:70:ab:e5:4a:73:e4:c5:
c6:75:d6:85:71:f2:27:64:3d:be:94:38:36:1a:83:a2:fc:45:
65:1c:6b:c0:36:e2:e0:9b:84:7c:a5:19:4b:90:3d:0a:be:26:
7f:2c:81:14:02:af:18:e8:4a:c1:98:11:39:3b:15:1f:9a:ed:
3a:91:67:74:77:eb:08:01:43:18:cc:fb:4e:2d:23:2a:da:4c:
bf:54:09:ef:c4:c1:e2:92:06:72:aa:1c:7d:bb:24:8f:f7:a0:
c3:cb:7e:78:37:31:f9:a5:e8:0a:f8:21:b3:a4:33:ff:b1:de:
dd:db:e4:57:fc:32:7e:c1:ed:45:b2:a7:e5:ed:b7:53:06:04:
fd:01:96:d2
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYJmoemOF6saA3/oqMLJSMyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzYjgyNzcyYWYzZDYxMWI5OWIxYmE2ZTNlYjZjYmZkMTY5
NjUzNjMwHhcNMjIwODA0MDIxNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmU2ODY2NzNlYzU1NjNlMjIwYjQ0OGQyNzM4YzU0M2YzMTQ4YTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjJq/d0Zg2BbCAJOmlckhC4u7juD
erRpuxxROg1xJLrRD8foMtz5Pcc5xTxl3v38MISFIeCPzoop6APWav9Sf/kvaXAh
JY/ILh6z1RyOGJcx6SvowFJt6EU65QbCvug6RF7UDVNPvZ83+NeOPk/8aK4KW7gI
QsQHzyMhHSGpS47+cR0JYHi/PJCyikbeFsmqlgxgZZubc3MH++GVCW7jqXSTkxoR
zZBQf9oPU5oK+QXjhn24yGR5MgoSBjspU2eSgTgI+MbS/NpNYupaVM5f6gQygF0H
ErlpOV20O6Q9Si4Gg9yfclGDgQnn9W5xy3Viw6vbhjVL+eTWjOgqF3UZPwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFELmhmc+xVY+IgtEjSc4xUPzFIqYMB8GA1UdIwQY
MBaAFGO4J3KvPWEbmbG6bj62y/0WllNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTdnbmNxODlZUnVac2JwdVByYkxfUmFXVTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9jYjBkOTEtODI3MC00NTUwLThmYWMt
MGNlMjAzOGFhYTdiLzEvUXVhR1p6N0ZWajRpQzBTTkp6akZRX01VaXBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9jYjBkOTEtODI3MC00NTUwLThmYWMtMGNlMjAzOGFhYTdi
LzEvWTdnbmNxODlZUnVac2JwdVByYkxfUmFXVTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjANBAIAATAHAwUHWNrrADAN
BAIAAjAHAwUDKgytgDANBgkqhkiG9w0BAQsFAAOCAQEAiVQrd06jLSBAh6NiyBbX
qj3JuN7xOp/CacEP2Da96xkE2Wzu+E7LL9HjgIsvMSd732bKJaxlYskL04bMM5zX
soVa2EFV/Px1ZsrqwtczDlPRVVpK9+Ns6ISTR2/R8R80VYj6mN8X6kbKAXIzsVer
5UIwQk/saHJwq+VKc+TFxnXWhXHyJ2Q9vpQ4NhqDovxFZRxrwDbi4JuEfKUZS5A9
Cr4mfyyBFAKvGOhKwZgROTsVH5rtOpFndHfrCAFDGMz7Ti0jKtpMv1QJ78TB4pIG
cqocfbskj/egw8t+eDcx+aXoCvghs6Qz/7He3dvkV/wyfsHtRbKn5e23UwYE/QGW
0g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:39:59 2025 by rpki-client