Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/I7hbl5ybZMVAHGtbWNWn7VDRZRM.roa
File: I7hbl5ybZMVAHGtbWNWn7VDRZRM.roa (raw, json)
Hash identifier: hG6RyrtvTq9ZHhGi/ZWC3ifSmPcGl5bEO4ubmHPhooU=
Subject key identifier: 23:B8:5B:97:9C:9B:64:C5:40:1C:6B:5B:58:D5:A7:ED:50:D1:65:13
Certificate issuer: /CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Certificate serial: 01856F14EF9AEA8879469D1BD6E803207E39
Authority key identifier: 17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/I7hbl5ybZMVAHGtbWNWn7VDRZRM.roa
Signing time: Sun 01 Jan 2023 20:45:21 +0000
ROA not before: Sun 01 Jan 2023 20:45:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200574
IP address blocks: 88.199.101.0/24 maxlen: 24
88.199.103.0/24 maxlen: 24
88.199.102.0/24 maxlen: 24
94.40.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:ef:9a:ea:88:79:46:9d:1b:d6:e8:03:20:7e:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=179301dcc7fae4f7ce01e4987a77cb82a336abff
Validity
Not Before: Jan 1 20:45:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23b85b979c9b64c5401c6b5b58d5a7ed50d16513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ba:87:83:6f:25:24:af:80:d2:2c:13:62:ba:
30:59:61:2c:71:c7:8a:9c:c2:eb:b9:6d:99:b1:88:
da:c9:b5:8d:1c:4c:62:73:51:9c:09:5b:43:d3:65:
ea:21:5c:bb:12:0d:0d:80:44:e3:cf:6c:c6:86:f1:
df:6c:44:fc:62:6c:8e:62:d5:cd:cf:58:93:01:36:
b5:5b:59:65:73:b2:22:c0:af:67:bd:6d:3d:e5:5e:
cc:7b:4a:a5:d1:0f:ee:ad:32:1f:b5:a0:bf:e0:66:
40:aa:21:17:04:5f:b0:4d:f0:82:bd:ad:d4:cb:31:
41:de:e3:0a:27:24:cd:6a:d2:6a:05:34:6c:ab:0a:
79:13:4e:43:61:85:42:f0:70:a1:5d:7d:79:6b:64:
57:11:a1:c0:6a:f8:16:5b:d5:57:40:f6:c1:84:12:
02:c6:6d:57:07:46:9a:d8:3e:05:6a:8e:63:22:d5:
94:48:93:4c:32:14:4e:b1:d5:c7:69:aa:16:73:06:
22:47:15:2f:82:61:82:70:d0:72:b1:52:1c:88:d3:
22:ae:dd:cb:a0:fa:17:5c:d2:b5:27:19:73:76:41:
7f:45:b2:16:68:b8:42:bb:10:e5:d2:66:19:99:1d:
b8:f4:27:8a:a4:53:15:dc:2e:60:a3:b1:80:b7:f3:
c2:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B8:5B:97:9C:9B:64:C5:40:1C:6B:5B:58:D5:A7:ED:50:D1:65:13
X509v3 Authority Key Identifier:
keyid:17:93:01:DC:C7:FA:E4:F7:CE:01:E4:98:7A:77:CB:82:A3:36:AB:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5MB3Mf65PfOAeSYenfLgqM2q_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/I7hbl5ybZMVAHGtbWNWn7VDRZRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/ed7963-72ea-4c1d-addd-aff92c16d8e3/1/F5MB3Mf65PfOAeSYenfLgqM2q_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.199.101.0-88.199.103.255
94.40.61.0/24
Signature Algorithm: sha256WithRSAEncryption
97:bb:93:f3:b9:a3:14:6a:c9:77:9d:dd:8a:9a:d8:f1:73:c3:
5b:ff:87:1c:b1:4e:2c:f8:39:8c:97:26:ae:52:c2:72:67:5a:
6e:6e:96:a9:a0:b1:a5:03:db:d0:f0:ad:02:3e:d0:6c:45:43:
eb:9a:21:04:8f:7d:d3:9d:f0:79:d3:83:53:37:61:c1:d3:c7:
60:42:da:58:b0:38:d8:43:ba:ca:f3:7f:06:1e:fe:43:c4:57:
7d:f2:fc:9c:1c:82:5e:46:be:8c:ea:f7:a4:cd:34:5c:6b:38:
a6:31:6a:5b:8c:63:18:76:07:4a:1e:80:f8:49:5f:7a:34:86:
70:59:df:30:40:39:f5:5d:4a:00:0c:7a:2a:02:7d:fc:f4:3e:
2b:f1:43:7a:cb:b8:6d:a4:f1:41:76:6e:68:d3:fe:7c:ae:e4:
f4:a9:17:62:37:f7:1f:45:5d:af:06:26:d4:95:e4:39:e2:9b:
17:fa:ca:b7:9f:bf:98:36:47:92:3c:73:b6:33:3a:3a:ec:47:
c8:70:6f:fd:7a:87:47:92:08:91:ad:9e:46:be:e9:0c:01:bd:
48:36:82:3e:aa:87:47:ff:2d:4f:6e:91:0e:b0:93:73:ee:28:
b4:3b:b4:42:a9:cb:85:a1:18:fb:ed:65:c9:e8:ab:c9:6d:7f:
4b:35:24:b0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVvFO+a6oh5Rp0b1ugDIH45MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTMwMWRjYzdmYWU0ZjdjZTAxZTQ5ODdhNzdjYjgyYTMz
NmFiZmYwHhcNMjMwMTAxMjA0NTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I4NWI5NzljOWI2NGM1NDAxYzZiNWI1OGQ1YTdlZDUwZDE2NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bqHg28lJK+A0iwTYrowWWEscceK
nMLruW2ZsYjaybWNHExic1GcCVtD02XqIVy7Eg0NgETjz2zGhvHfbET8YmyOYtXN
z1iTATa1W1llc7IiwK9nvW095V7Me0ql0Q/urTIftaC/4GZAqiEXBF+wTfCCva3U
yzFB3uMKJyTNatJqBTRsqwp5E05DYYVC8HChXX15a2RXEaHAavgWW9VXQPbBhBIC
xm1XB0aa2D4Fao5jItWUSJNMMhROsdXHaaoWcwYiRxUvgmGCcNBysVIciNMirt3L
oPoXXNK1JxlzdkF/RbIWaLhCuxDl0mYZmR249CeKpFMV3C5go7GAt/PCWwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCO4W5ecm2TFQBxrW1jVp+1Q0WUTMB8GA1UdIwQY
MBaAFBeTAdzH+uT3zgHkmHp3y4KjNqv/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQt
YWZmOTJjMTZkOGUzLzEvSTdoYmw1eWJaTVZBSEd0YldOV243VkRSWlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9lZDc5NjMtNzJlYS00YzFkLWFkZGQtYWZmOTJjMTZkOGUz
LzEvRjVNQjNNZjY1UGZPQWVTWWVuZkxncU0ycV84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABYx2UD
BANYx2ADBABeKD0wDQYJKoZIhvcNAQELBQADggEBAJe7k/O5oxRqyXed3Yqa2PFz
w1v/hxyxTiz4OYyXJq5SwnJnWm5ulqmgsaUD29DwrQI+0GxFQ+uaIQSPfdOd8HnT
g1M3YcHTx2BC2liwONhDusrzfwYe/kPEV33y/Jwcgl5Gvozq96TNNFxrOKYxaluM
Yxh2B0oegPhJX3o0hnBZ3zBAOfVdSgAMeioCffz0PivxQ3rLuG2k8UF2bmjT/nyu
5PSpF2I39x9FXa8GJtSV5Dnimxf6yrefv5g2R5I8c7YzOjrsR8hwb/16h0eSCJGt
nka+6QwBvUg2gj6qh0f/LU9ukQ6wk3PuKLQ7tEKpy4WhGPvtZcnoq8ltf0s1JLA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:42 2025 by rpki-client