Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/I1rcZxjgjUCJEYsuKojQpFVUMUE.roa
File: I1rcZxjgjUCJEYsuKojQpFVUMUE.roa (raw, json)
Hash identifier: 8Knho+meYE3BqnnR1tbdZCV0ECjqYQPAaQcm1VfhD3s=
Subject key identifier: 23:5A:DC:67:18:E0:8D:40:89:11:8B:2E:2A:88:D0:A4:55:54:31:41
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 01847AA3B3E412811820136B1F2BC8D96019
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/I1rcZxjgjUCJEYsuKojQpFVUMUE.roa
Signing time: Tue 15 Nov 2022 09:34:19 +0000
ROA not before: Tue 15 Nov 2022 09:34:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39650
IP address blocks: 88.135.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:a3:b3:e4:12:81:18:20:13:6b:1f:2b:c8:d9:60:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Nov 15 09:34:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=235adc6718e08d4089118b2e2a88d0a455543141
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e9:36:27:3f:42:da:3c:a7:ce:f6:53:91:fe:
08:28:e1:16:56:56:8e:8f:b4:f3:f1:bb:52:e8:86:
88:bb:ff:9c:67:66:5d:48:8d:5e:64:9c:2c:02:66:
6c:a2:c7:23:ea:33:0b:bc:98:42:22:a4:6c:f2:2c:
24:7c:14:54:26:40:2a:44:35:06:42:5c:4e:4f:97:
0f:fb:58:b9:ad:cf:39:58:25:10:85:39:8b:7d:6c:
2f:bb:3f:3b:12:f9:91:60:22:02:95:33:fe:70:05:
7b:97:ec:f8:ab:76:73:42:aa:2b:ab:c5:f5:cb:73:
86:4e:a6:a5:63:46:47:0d:46:b5:be:27:25:29:36:
2f:1e:90:de:a0:89:24:85:ef:a6:5f:d7:37:86:62:
86:84:aa:a4:e5:4f:2f:86:01:02:57:ad:61:24:5a:
92:7c:64:33:90:67:1b:f9:ca:23:56:91:3e:7d:b9:
3a:f4:df:5c:24:b0:a0:40:ad:e3:6a:31:ae:68:89:
c1:b5:db:a3:7c:5c:84:f6:0f:3f:d0:3e:85:e0:05:
4f:5e:5f:41:b6:70:67:cc:71:df:f0:62:0e:3f:9a:
e9:a0:7f:bb:65:23:61:ea:0f:c9:e4:7e:dc:78:ec:
34:a5:ff:75:bd:e3:23:62:4a:6e:cf:45:75:0a:26:
eb:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:5A:DC:67:18:E0:8D:40:89:11:8B:2E:2A:88:D0:A4:55:54:31:41
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/I1rcZxjgjUCJEYsuKojQpFVUMUE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.45.0/24
Signature Algorithm: sha256WithRSAEncryption
17:5f:6e:5a:97:e1:39:4b:64:2f:42:f8:48:79:b9:cf:b2:30:
22:b4:53:5e:97:32:be:e9:27:f3:bf:cf:12:04:8e:83:f8:55:
ce:fb:38:ee:f5:38:c3:99:7d:75:7e:81:27:4e:01:67:fa:ab:
b8:dc:02:a5:f2:62:17:82:28:43:b4:63:6e:ee:ef:82:d8:e3:
a0:96:82:65:aa:a4:60:15:c5:b7:c5:1e:8e:c5:43:00:b2:b1:
29:20:6a:87:09:5d:b9:cf:3f:6f:22:5c:97:60:19:dc:80:8e:
7f:77:8d:bd:98:ba:a2:a5:d8:6b:2e:d7:b9:ea:13:97:0e:ab:
9e:98:49:d8:43:05:79:ff:b7:3d:83:03:ed:07:3d:26:bf:60:
91:f3:70:f1:e7:d4:3a:d4:94:91:9a:47:c2:d0:a7:06:7e:f5:
ca:82:01:d6:50:50:67:23:29:66:71:d1:21:87:24:57:41:14:
58:6a:06:f0:ee:e8:b9:8b:b6:98:cf:0e:8a:88:a7:89:39:4c:
f9:ba:e0:e2:9c:ca:19:d7:52:4f:34:3b:1f:9a:de:12:af:cb:
48:a3:34:38:af:75:c7:1b:a9:93:5a:cd:c0:98:11:1c:4d:76:
1f:a2:eb:31:8a:2a:9a:dd:83:fb:7a:78:d3:89:ed:25:58:72:
71:d0:35:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYR6o7PkEoEYIBNrHyvI2WAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjIxMTE1MDkzNDE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzVhZGM2NzE4ZTA4ZDQwODkxMThiMmUyYTg4ZDBhNDU1NTQzMTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOk2Jz9C2jynzvZTkf4IKOEWVlaO
j7Tz8btS6IaIu/+cZ2ZdSI1eZJwsAmZsoscj6jMLvJhCIqRs8iwkfBRUJkAqRDUG
QlxOT5cP+1i5rc85WCUQhTmLfWwvuz87EvmRYCIClTP+cAV7l+z4q3ZzQqorq8X1
y3OGTqalY0ZHDUa1viclKTYvHpDeoIkkhe+mX9c3hmKGhKqk5U8vhgECV61hJFqS
fGQzkGcb+cojVpE+fbk69N9cJLCgQK3jajGuaInBtdujfFyE9g8/0D6F4AVPXl9B
tnBnzHHf8GIOP5rpoH+7ZSNh6g/J5H7ceOw0pf91veMjYkpuz0V1CibrTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNa3GcY4I1AiRGLLiqI0KRVVDFBMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvSTFyY1p4amdqVUNKRVlzdUtvalFwRlZVTVVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWIctMA0G
CSqGSIb3DQEBCwUAA4IBAQAXX25al+E5S2QvQvhIebnPsjAitFNelzK+6Sfzv88S
BI6D+FXO+zju9TjDmX11foEnTgFn+qu43AKl8mIXgihDtGNu7u+C2OOgloJlqqRg
FcW3xR6OxUMAsrEpIGqHCV25zz9vIlyXYBncgI5/d429mLqipdhrLte56hOXDque
mEnYQwV5/7c9gwPtBz0mv2CR83Dx59Q61JSRmkfC0KcGfvXKggHWUFBnIylmcdEh
hyRXQRRYagbw7ui5i7aYzw6KiKeJOUz5uuDinMoZ11JPNDsfmt4Sr8tIozQ4r3XH
G6mTWs3AmBEcTXYfousxiiqa3YP7enjTie0lWHJx0DUt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:31 2025 by rpki-client