Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/88zKUIboJlqeqIQbCkKNfghN2fo.roa
File: 88zKUIboJlqeqIQbCkKNfghN2fo.roa (raw, json)
Hash identifier: yZhaM7TaBFrbIVdsyjaZcmwLuD65wS49kgvd5wpjyO0=
Subject key identifier: F3:CC:CA:50:86:E8:26:5A:9E:A8:84:1B:0A:42:8D:7E:08:4D:D9:FA
Certificate issuer: /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial: 03E96B15
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/88zKUIboJlqeqIQbCkKNfghN2fo.roa
Signing time: Sat 01 Jan 2022 13:57:29 +0000
ROA not before: Sat 01 Jan 2022 13:57:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12363
IP address blocks: 195.110.96.0/19 maxlen: 24
195.110.97.0/24 maxlen: 24
195.110.96.0/24 maxlen: 24
195.110.99.0/24 maxlen: 24
2a0e:f080:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65628949 (0x3e96b15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Validity
Not Before: Jan 1 13:57:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3ccca5086e8265a9ea8841b0a428d7e084dd9fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:44:8e:1b:a7:0f:98:f5:03:ab:04:9f:42:d8:
e6:e7:e7:2f:8b:c4:0e:f7:97:e1:2d:86:9b:85:99:
80:5a:f9:74:1f:c9:c2:c2:28:c9:61:41:81:6d:4f:
37:ef:44:b3:39:b9:91:f7:e0:71:af:a8:40:32:fc:
c3:4a:c1:de:a9:f9:20:6c:fe:4e:5f:3a:26:db:00:
98:7c:64:1d:c9:38:9e:cc:27:90:bd:4a:6f:30:78:
f1:81:e9:c6:7c:41:03:82:3d:17:fc:89:65:7b:8c:
2a:9b:cf:5d:76:5f:3c:30:57:fb:52:37:3b:bc:b5:
f6:f2:89:65:e2:b6:e8:5c:cc:e6:ca:f9:76:9c:e8:
61:bd:8e:af:4d:5b:9d:21:e6:c9:b0:93:fb:8c:47:
fa:b9:40:45:70:fd:fd:c9:ba:73:d7:e2:2c:f2:48:
b3:6e:b1:75:02:33:23:44:5f:70:a6:2d:56:7e:4b:
2f:dc:12:ce:58:80:3c:63:f9:b4:cb:84:ea:ad:53:
09:64:e9:13:14:5a:bf:2e:f7:48:79:22:8f:32:07:
f0:fe:d0:7a:8e:22:0e:cf:e8:2c:2b:a6:56:42:0e:
e6:ee:fa:f8:c5:3c:32:c1:46:a9:96:d2:5f:47:c3:
c2:d4:a9:08:b3:b3:46:f2:b4:35:ad:7d:8e:4d:06:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CC:CA:50:86:E8:26:5A:9E:A8:84:1B:0A:42:8D:7E:08:4D:D9:FA
X509v3 Authority Key Identifier:
keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/88zKUIboJlqeqIQbCkKNfghN2fo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.96.0/19
IPv6:
2a0e:f080:1::/48
Signature Algorithm: sha256WithRSAEncryption
68:3b:74:12:9d:14:7d:59:25:0c:f3:50:a0:92:dc:75:24:57:
04:ac:f6:bc:8b:77:ea:dd:6f:04:6c:38:a5:90:64:eb:47:79:
ca:12:e3:ae:33:e9:cd:df:49:e9:90:61:f6:30:20:eb:e6:11:
82:ee:e9:ef:6d:b1:68:00:74:f6:45:53:0c:b1:97:9e:3f:5e:
46:6d:66:2d:32:33:8c:21:b4:b4:15:c0:dd:0d:37:f1:f8:10:
68:1f:b2:be:89:a9:04:69:05:7b:5e:d6:ba:7a:b7:4f:35:de:
a7:8e:48:d8:fd:20:e7:36:9d:02:cc:95:05:d0:28:3d:c2:4a:
f0:bf:3b:aa:a2:d1:c9:6d:e8:8c:6c:07:9b:e3:d3:1a:9c:bc:
87:cc:f9:49:86:e7:29:d1:69:ae:db:9d:ea:f0:62:3e:e8:25:
36:e1:96:4a:f3:12:79:ed:50:fc:25:fa:fa:fb:a8:7c:e9:ad:
90:78:63:4b:c5:2a:f0:34:fd:48:80:1f:87:3b:03:4f:91:02:
c0:63:fd:2e:1d:c0:58:04:46:c9:2a:78:58:be:d0:9a:ef:ae:
48:18:d5:5e:a6:cf:49:91:17:e9:10:26:75:13:48:1a:18:1b:
48:28:46:84:bc:d0:36:90:11:95:0c:36:20:aa:79:19:30:30:
7e:34:ac:48
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEA+lrFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGRiNzQ3YjI4OTcxN2EwNjg0Y2Q2YWM4MjMwN2FhNjdiYjJkN2JiMB4XDTIyMDEw
MTEzNTcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNjY2NhNTA4NmU4
MjY1YTllYTg4NDFiMGE0MjhkN2UwODRkZDlmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMBEjhunD5j1A6sEn0LY5ufnL4vEDveX4S2Gm4WZgFr5dB/J
wsIoyWFBgW1PN+9Eszm5kffgca+oQDL8w0rB3qn5IGz+Tl86JtsAmHxkHck4nswn
kL1KbzB48YHpxnxBA4I9F/yJZXuMKpvPXXZfPDBX+1I3O7y19vKJZeK26FzM5sr5
dpzoYb2Or01bnSHmybCT+4xH+rlARXD9/cm6c9fiLPJIs26xdQIzI0RfcKYtVn5L
L9wSzliAPGP5tMuE6q1TCWTpExRavy73SHkijzIH8P7Qeo4iDs/oLCumVkIO5u76
+MU8MsFGqZbSX0fDwtSpCLOzRvK0Na19jk0GLgsCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTzzMpQhugmWp6ohBsKQo1+CE3Z+jAfBgNVHSMEGDAWgBSE23R7KJcXoGhM
1qyCMHqme7LXuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hOdDBleWlYRjZCb1ROYXNnakI2cG51eTE3cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWYvNzE0MmIxLTcwOTEtNGQzYS1iZDZkLTlmZTdlZTljMDM2OC8x
Lzg4ektVSWJvSmxxZXFJUWJDa0tOZmdoTjJmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWYv
NzE0MmIxLTcwOTEtNGQzYS1iZDZkLTlmZTdlZTljMDM2OC8xL2hOdDBleWlYRjZC
b1ROYXNnakI2cG51eTE3cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEBcNuYDAPBAIAAjAJAwcAKg7wgAAB
MA0GCSqGSIb3DQEBCwUAA4IBAQBoO3QSnRR9WSUM81Cgktx1JFcErPa8i3fq3W8E
bDilkGTrR3nKEuOuM+nN30npkGH2MCDr5hGC7unvbbFoAHT2RVMMsZeeP15GbWYt
MjOMIbS0FcDdDTfx+BBoH7K+iakEaQV7Xta6erdPNd6njkjY/SDnNp0CzJUF0Cg9
wkrwvzuqotHJbeiMbAeb49ManLyHzPlJhucp0Wmu253q8GI+6CU24ZZK8xJ57VD8
Jfr6+6h86a2QeGNLxSrwNP1IgB+HOwNPkQLAY/0uHcBYBEbJKnhYvtCa765IGNVe
ps9JkRfpECZ1E0gaGBtIKEaEvNA2kBGVDDYgqnkZMDB+NKxI
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:15:00 2025 by rpki-client