Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/woTC6EB1j9b3ujiN8W7u0EEQqTA.roa
File: woTC6EB1j9b3ujiN8W7u0EEQqTA.roa (raw, json)
Hash identifier: 2b4o+W3ceuYwatz4qX5sHOOADrZTMSg9qWH0uotG8qg=
Subject key identifier: C2:84:C2:E8:40:75:8F:D6:F7:BA:38:8D:F1:6E:EE:D0:41:10:A9:30
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 01856B9C8187F3CA3ED628CB23A0141FC247
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/woTC6EB1j9b3ujiN8W7u0EEQqTA.roa
Signing time: Sun 01 Jan 2023 04:34:56 +0000
ROA not before: Sun 01 Jan 2023 04:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57240
IP address blocks: 88.135.41.0/24 maxlen: 24
88.135.40.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.42.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:9c:81:87:f3:ca:3e:d6:28:cb:23:a0:14:1f:c2:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Jan 1 04:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c284c2e840758fd6f7ba388df16eeed04110a930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ca:9a:2f:44:01:e3:71:4c:da:55:e4:5b:b6:
76:e9:36:36:bd:c0:49:2c:49:57:65:dc:a2:ff:c3:
79:71:f7:4b:af:43:89:8a:39:89:d4:14:e1:e9:5b:
57:2a:4a:e9:f2:f3:53:88:2a:84:e2:5d:9f:1b:a6:
89:65:1f:1a:70:8a:69:e4:78:de:77:c0:2e:96:52:
9d:72:36:20:e2:f1:b0:56:db:c2:53:92:47:2e:d5:
89:3a:92:49:ab:2f:cc:e0:57:ea:c2:cd:b6:f9:20:
17:a2:8a:d6:23:13:e5:e3:54:42:e6:17:94:da:80:
cc:2f:96:0a:71:76:33:46:db:68:2f:ca:63:55:e6:
62:04:7e:31:51:b0:89:d0:0d:95:a1:f6:ad:10:50:
3a:5b:d1:58:64:9c:10:c6:5c:99:ba:03:9d:43:35:
b0:4b:3b:79:14:dc:df:ae:f3:52:3a:f8:40:41:61:
d9:bb:e9:04:b4:76:77:e1:04:a7:7d:63:c9:7b:04:
ff:27:53:14:85:5e:cb:d6:44:48:30:1a:84:2a:b4:
5a:ec:30:e1:dd:28:03:54:d9:33:ce:ec:23:07:0d:
ed:5d:d0:65:d9:d2:22:ac:d0:eb:24:52:cc:9b:a1:
c5:16:23:5c:5b:94:f1:d9:b3:2a:df:46:63:c7:db:
97:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:84:C2:E8:40:75:8F:D6:F7:BA:38:8D:F1:6E:EE:D0:41:10:A9:30
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/woTC6EB1j9b3ujiN8W7u0EEQqTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0/21
Signature Algorithm: sha256WithRSAEncryption
3d:82:55:ca:68:d0:18:1b:95:e1:15:28:f8:e0:b1:39:ee:2e:
8d:91:96:21:61:47:c3:76:06:0b:07:2b:b4:90:46:04:6e:d3:
02:c1:51:55:58:15:28:32:36:b8:29:43:62:61:0f:3e:ad:6e:
99:8d:94:08:09:55:5a:44:0b:86:6e:42:84:7d:71:c6:bd:64:
94:bb:cd:dd:fa:98:34:3e:26:af:bd:bb:34:c6:bb:5b:b8:5d:
2a:16:4f:f4:22:a1:2e:e4:75:df:91:90:9d:af:64:59:3d:78:
d3:c3:18:85:99:09:59:f9:da:79:d2:67:61:e1:ec:0e:f5:6f:
1d:86:ca:6a:9a:bc:35:0b:3c:91:6a:9e:fa:f8:3a:df:47:7e:
cc:41:ae:7a:9c:fd:04:18:9a:c4:ff:b6:82:79:09:a3:f0:f6:
76:00:1d:b7:06:9f:c5:ce:d9:f8:e7:76:b7:89:17:69:16:ac:
e9:76:0f:23:75:b9:f3:37:1c:b8:42:11:91:2d:9c:f5:01:39:
4d:89:8e:96:9d:51:56:5b:9b:4b:ad:aa:16:7a:0d:47:f5:a6:
23:ff:52:9d:bc:86:6f:52:fe:50:e7:17:e4:ac:df:e0:f9:87:
db:0c:71:17:4a:8e:7c:44:ea:cb:a1:96:2b:45:26:f0:48:bc:
f6:ab:10:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrnIGH88o+1ijLI6AUH8JHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjMwMTAxMDQzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjg0YzJlODQwNzU4ZmQ2ZjdiYTM4OGRmMTZlZWVkMDQxMTBhOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8qaL0QB43FM2lXkW7Z26TY2vcBJ
LElXZdyi/8N5cfdLr0OJijmJ1BTh6VtXKkrp8vNTiCqE4l2fG6aJZR8acIpp5Hje
d8AullKdcjYg4vGwVtvCU5JHLtWJOpJJqy/M4Ffqws22+SAXoorWIxPl41RC5heU
2oDML5YKcXYzRttoL8pjVeZiBH4xUbCJ0A2VofatEFA6W9FYZJwQxlyZugOdQzWw
Szt5FNzfrvNSOvhAQWHZu+kEtHZ34QSnfWPJewT/J1MUhV7L1kRIMBqEKrRa7DDh
3SgDVNkzzuwjBw3tXdBl2dIirNDrJFLMm6HFFiNcW5Tx2bMq30Zjx9uXxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMKEwuhAdY/W97o4jfFu7tBBEKkwMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvd29UQzZFQjFqOWIzdWppTjhXN3UwRUVRcVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWIcoMA0G
CSqGSIb3DQEBCwUAA4IBAQA9glXKaNAYG5XhFSj44LE57i6NkZYhYUfDdgYLByu0
kEYEbtMCwVFVWBUoMja4KUNiYQ8+rW6ZjZQICVVaRAuGbkKEfXHGvWSUu83d+pg0
Piavvbs0xrtbuF0qFk/0IqEu5HXfkZCdr2RZPXjTwxiFmQlZ+dp50mdh4ewO9W8d
hspqmrw1CzyRap76+DrfR37MQa56nP0EGJrE/7aCeQmj8PZ2AB23Bp/Fztn453a3
iRdpFqzpdg8jdbnzNxy4QhGRLZz1ATlNiY6WnVFWW5tLraoWeg1H9aYj/1KdvIZv
Uv5Q5xfkrN/g+YfbDHEXSo58ROrLoZYrRSbwSLz2qxA6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:36 2025 by rpki-client