Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AqIjh_Xb4k-l4TPDgO5MURlD0LE.roa
File: AqIjh_Xb4k-l4TPDgO5MURlD0LE.roa (raw, json)
Hash identifier: TqP9h52DDlSOHwMOJO41qqZJ61K+7BQQZ3SjoxAWiaE=
Subject key identifier: 02:A2:23:87:F5:DB:E2:4F:A5:E1:33:C3:80:EE:4C:51:19:43:D0:B1
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01833573477BEE34853B02068E9D70746EBF
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AqIjh_Xb4k-l4TPDgO5MURlD0LE.roa
Signing time: Tue 13 Sep 2022 06:04:50 +0000
ROA not before: Tue 13 Sep 2022 06:04:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209181
IP address blocks: 88.218.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:73:47:7b:ee:34:85:3b:02:06:8e:9d:70:74:6e:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Sep 13 06:04:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=02a22387f5dbe24fa5e133c380ee4c511943d0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ee:3e:68:74:e8:c0:f7:6a:1a:df:63:62:76:
8b:9b:10:35:6b:5a:6e:20:dd:b9:f1:fc:70:4c:8f:
8a:1c:c4:87:4a:b2:7b:47:20:24:d2:7a:60:e2:bf:
d3:a3:9d:b7:7f:b0:6f:e1:48:2a:1c:e2:f9:77:00:
5c:17:3c:2e:40:e1:c3:0f:d5:5e:a8:59:1f:e4:02:
4a:38:6f:00:43:01:a6:60:67:ce:ff:89:3d:97:e6:
db:8f:3b:d6:0a:d1:bf:eb:28:64:32:91:db:0e:f4:
f7:a0:b4:b5:2c:6b:03:37:de:93:b9:89:65:17:78:
a4:14:40:8c:9e:40:1e:bf:55:ff:ba:54:06:f8:6d:
28:0e:f5:90:14:d4:4c:76:64:ab:7d:ca:08:bf:d2:
d3:74:39:c2:15:e6:79:1c:a5:11:ac:79:78:b8:92:
31:43:bb:c4:b0:12:cf:10:26:9a:26:d9:39:dc:bc:
a7:19:89:10:ab:02:41:e1:69:1e:af:19:ce:25:c5:
db:63:ae:46:3f:89:80:bc:5d:bf:27:bd:5c:bc:09:
99:18:85:b7:48:c0:2f:f3:46:3a:64:3e:50:8a:54:
e7:63:ea:0a:83:ea:4d:b7:3c:6f:1b:ce:63:93:68:
f8:29:2c:f2:01:d4:fb:cd:18:13:9f:97:fc:26:b2:
4d:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:A2:23:87:F5:DB:E2:4F:A5:E1:33:C3:80:EE:4C:51:19:43:D0:B1
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/AqIjh_Xb4k-l4TPDgO5MURlD0LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.41.0/24
Signature Algorithm: sha256WithRSAEncryption
74:f4:f5:5f:bc:68:a3:23:29:d0:9a:57:a0:f0:d7:1e:6e:50:
86:50:c9:54:9e:45:7b:09:13:f0:70:92:7c:2b:80:64:0f:fa:
88:45:cc:e2:d7:ef:d0:f0:d9:10:09:68:34:fd:99:cb:b5:8c:
1e:8c:3e:c0:b3:51:d6:19:6b:50:bf:52:d4:52:b2:ab:de:b5:
3d:ca:5a:0b:78:12:f5:f4:44:de:24:fe:91:f4:4c:b1:7d:3f:
d7:9b:91:13:46:0b:f8:5a:ef:8b:63:ea:88:12:f5:d6:84:3a:
06:76:5b:dc:40:94:75:78:ad:70:02:61:d7:57:24:8a:da:ee:
cb:e4:ff:d7:5b:05:9f:07:f3:f2:4b:ae:6e:f6:17:6b:65:f6:
2b:93:4f:9a:44:85:c6:f1:a4:2e:ed:d5:e5:10:65:2b:a5:e6:
28:c4:67:18:7f:09:94:79:7f:0d:00:22:19:23:e2:f9:6c:b8:
20:68:7f:a4:ae:0f:65:aa:b0:b8:ae:f4:2d:22:f4:62:c4:6e:
af:c7:3e:2f:4e:68:be:29:bf:6d:44:5b:d7:30:a0:a1:6b:13:
07:8e:52:aa:fc:c1:c4:79:7e:9c:47:04:63:82:83:12:f2:ae:
ad:f1:27:6c:a0:d4:c8:f1:19:27:49:c6:83:f0:95:d8:bc:3e:
a7:58:93:ad
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM1c0d77jSFOwIGjp1wdG6/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjIwOTEzMDYwNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmEyMjM4N2Y1ZGJlMjRmYTVlMTMzYzM4MGVlNGM1MTE5NDNkMGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAme4+aHTowPdqGt9jYnaLmxA1a1pu
IN258fxwTI+KHMSHSrJ7RyAk0npg4r/To523f7Bv4UgqHOL5dwBcFzwuQOHDD9Ve
qFkf5AJKOG8AQwGmYGfO/4k9l+bbjzvWCtG/6yhkMpHbDvT3oLS1LGsDN96TuYll
F3ikFECMnkAev1X/ulQG+G0oDvWQFNRMdmSrfcoIv9LTdDnCFeZ5HKURrHl4uJIx
Q7vEsBLPECaaJtk53LynGYkQqwJB4WkerxnOJcXbY65GP4mAvF2/J71cvAmZGIW3
SMAv80Y6ZD5QilTnY+oKg+pNtzxvG85jk2j4KSzyAdT7zRgTn5f8JrJNeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAKiI4f12+JPpeEzw4DuTFEZQ9CxMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvQXFJamhfWGI0ay1sNFRQRGdPNU1VUmxEMExFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNopMA0G
CSqGSIb3DQEBCwUAA4IBAQB09PVfvGijIynQmleg8NceblCGUMlUnkV7CRPwcJJ8
K4BkD/qIRczi1+/Q8NkQCWg0/ZnLtYwejD7As1HWGWtQv1LUUrKr3rU9yloLeBL1
9ETeJP6R9EyxfT/Xm5ETRgv4Wu+LY+qIEvXWhDoGdlvcQJR1eK1wAmHXVySK2u7L
5P/XWwWfB/PyS65u9hdrZfYrk0+aRIXG8aQu7dXlEGUrpeYoxGcYfwmUeX8NACIZ
I+L5bLggaH+krg9lqrC4rvQtIvRixG6vxz4vTmi+Kb9tRFvXMKChaxMHjlKq/MHE
eX6cRwRjgoMS8q6t8SdsoNTI8RknScaD8JXYvD6nWJOt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:34 2023 by rpki-client on console-ams.rpki-client.org