Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/68Q98ah-O2kBg7LbT2kdShUJxTQ.roa
File: 68Q98ah-O2kBg7LbT2kdShUJxTQ.roa (raw, json)
Hash identifier: Zn/WsfN7mbkNafA8znyB8yfifMOlJKqPfs1woR6N9TY=
Subject key identifier: EB:C4:3D:F1:A8:7E:3B:69:01:83:B2:DB:4F:69:1D:4A:15:09:C5:34
Certificate issuer: /CN=7f2ba86df787888f6f8592a806a6ffea3046c07a
Certificate serial: 01857246AC685C51AC281D0C2F68E84C9F00
Authority key identifier: 7F:2B:A8:6D:F7:87:88:8F:6F:85:92:A8:06:A6:FF:EA:30:46:C0:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fyuobfeHiI9vhZKoBqb_6jBGwHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/68Q98ah-O2kBg7LbT2kdShUJxTQ.roa
Signing time: Mon 02 Jan 2023 11:38:32 +0000
ROA not before: Mon 02 Jan 2023 11:38:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47159
IP address blocks: 88.132.216.0/21 maxlen: 21
88.132.244.0/22 maxlen: 22
88.132.248.0/22 maxlen: 22
88.132.208.0/22 maxlen: 22
88.132.212.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:46:ac:68:5c:51:ac:28:1d:0c:2f:68:e8:4c:9f:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f2ba86df787888f6f8592a806a6ffea3046c07a
Validity
Not Before: Jan 2 11:38:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ebc43df1a87e3b690183b2db4f691d4a1509c534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:75:8f:a1:e5:35:55:82:c5:83:df:1b:70:0b:
39:b6:f6:9a:1d:5a:4b:eb:3d:94:81:36:a8:3c:6d:
2a:2b:cf:b9:08:3c:cb:f4:72:69:6d:02:5a:71:69:
23:43:4f:94:ca:dd:a2:a1:79:7c:20:79:e5:cb:49:
15:4b:61:b7:3e:7c:c8:5c:f5:0e:fd:01:90:77:dc:
01:04:53:7b:b6:9e:0d:0c:a5:c3:47:79:bb:7d:e2:
8f:af:5e:0f:8c:37:3f:9b:81:a3:66:b2:fd:da:0d:
a9:de:82:58:a9:96:34:cf:1c:35:87:2b:87:a7:ee:
3a:8a:b1:6d:6c:7d:54:2c:c8:c4:02:e0:12:05:c2:
9f:8a:5d:e6:dc:e4:d3:16:1a:e1:ce:5f:d6:1d:b2:
64:43:ac:3f:5b:15:7b:f1:d0:5b:6f:fd:c0:d9:cb:
e7:74:ec:a9:2e:18:e1:4a:70:88:32:ce:66:ba:1b:
8c:fc:37:3c:06:2d:4a:0a:c3:06:bf:9b:c5:21:56:
c6:89:67:7c:d8:d0:02:3c:50:57:29:0f:18:fe:0b:
04:7b:92:8d:62:cb:25:be:ce:39:db:28:06:94:e3:
d1:ae:cb:d6:af:0d:12:1c:a0:da:ad:7b:4b:41:55:
f7:28:86:dc:48:2c:af:2a:91:f2:c2:e2:89:55:06:
39:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C4:3D:F1:A8:7E:3B:69:01:83:B2:DB:4F:69:1D:4A:15:09:C5:34
X509v3 Authority Key Identifier:
keyid:7F:2B:A8:6D:F7:87:88:8F:6F:85:92:A8:06:A6:FF:EA:30:46:C0:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fyuobfeHiI9vhZKoBqb_6jBGwHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/68Q98ah-O2kBg7LbT2kdShUJxTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/5e6786-6377-4224-ba06-dc4769eff1f5/1/fyuobfeHiI9vhZKoBqb_6jBGwHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.132.208.0/20
88.132.244.0-88.132.251.255
Signature Algorithm: sha256WithRSAEncryption
6c:ce:b4:c5:4b:46:bc:d4:45:c7:86:c6:f1:3e:ad:f9:73:14:
49:d5:c0:b3:03:52:14:ab:45:fe:eb:75:84:f9:b0:86:47:e7:
1b:b3:63:3f:8e:da:82:7d:6d:2e:c7:1a:c1:20:60:92:9b:51:
ac:61:9d:39:da:36:54:b5:0b:9b:b9:39:3e:ae:14:0d:a3:92:
ad:75:8d:9a:81:db:ee:2b:5e:66:c2:46:2c:33:65:3d:9c:2e:
11:f8:83:1d:91:07:51:f9:67:9b:d7:02:72:79:66:ba:41:80:
fd:da:1e:eb:dd:35:f1:c1:73:95:03:8f:66:af:7e:04:41:07:
25:7a:d0:e8:9f:25:0d:4e:8d:6a:b8:f5:63:27:57:fb:1f:9c:
bd:55:3e:ad:5e:72:b9:f6:a4:ee:7a:5c:58:fb:44:75:b5:8b:
0d:f6:94:7b:c3:47:d1:c0:4b:58:e7:8b:2e:af:9b:c0:ed:ad:
2f:e2:68:2d:fe:0c:93:e6:58:aa:53:9f:86:e1:f5:06:7c:8e:
9d:48:dc:bd:e6:67:55:55:1b:7f:5b:3d:72:b9:77:81:2a:aa:
74:95:31:3f:40:7d:99:47:a0:91:78:26:63:1f:4c:1f:e3:80:
67:70:3e:df:a1:50:29:7c:21:0f:6b:a0:46:e9:bf:06:85:03:
2d:42:f0:48
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVyRqxoXFGsKB0ML2joTJ8AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMmJhODZkZjc4Nzg4OGY2Zjg1OTJhODA2YTZmZmVhMzA0
NmMwN2EwHhcNMjMwMTAyMTEzODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmM0M2RmMWE4N2UzYjY5MDE4M2IyZGI0ZjY5MWQ0YTE1MDljNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0HWPoeU1VYLFg98bcAs5tvaaHVpL
6z2UgTaoPG0qK8+5CDzL9HJpbQJacWkjQ0+Uyt2ioXl8IHnly0kVS2G3PnzIXPUO
/QGQd9wBBFN7tp4NDKXDR3m7feKPr14PjDc/m4GjZrL92g2p3oJYqZY0zxw1hyuH
p+46irFtbH1ULMjEAuASBcKfil3m3OTTFhrhzl/WHbJkQ6w/WxV78dBbb/3A2cvn
dOypLhjhSnCIMs5muhuM/Dc8Bi1KCsMGv5vFIVbGiWd82NACPFBXKQ8Y/gsEe5KN
Ysslvs452ygGlOPRrsvWrw0SHKDarXtLQVX3KIbcSCyvKpHywuKJVQY5rwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOvEPfGofjtpAYOy209pHUoVCcU0MB8GA1UdIwQY
MBaAFH8rqG33h4iPb4WSqAam/+owRsB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnl1b2JmZUhpSTl2aFpLb0JxYl82akJHd0hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC81ZTY3ODYtNjM3Ny00MjI0LWJhMDYt
ZGM0NzY5ZWZmMWY1LzEvNjhROThhaC1PMmtCZzdMYlQya2RTaFVKeFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC81ZTY3ODYtNjM3Ny00MjI0LWJhMDYtZGM0NzY5ZWZmMWY1
LzEvZnl1b2JmZUhpSTl2aFpLb0JxYl82akJHd0hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQEWITQMAwD
BAJYhPQDBAJYhPgwDQYJKoZIhvcNAQELBQADggEBAGzOtMVLRrzURceGxvE+rflz
FEnVwLMDUhSrRf7rdYT5sIZH5xuzYz+O2oJ9bS7HGsEgYJKbUaxhnTnaNlS1C5u5
OT6uFA2jkq11jZqB2+4rXmbCRiwzZT2cLhH4gx2RB1H5Z5vXAnJ5ZrpBgP3aHuvd
NfHBc5UDj2avfgRBByV60OifJQ1OjWq49WMnV/sfnL1VPq1ecrn2pO56XFj7RHW1
iw32lHvDR9HAS1jniy6vm8DtrS/iaC3+DJPmWKpTn4bh9QZ8jp1I3L3mZ1VVG39b
PXK5d4EqqnSVMT9AfZlHoJF4JmMfTB/jgGdwPt+hUCl8IQ9roEbpvwaFAy1C8Eg=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:25:24 2025 by rpki-client