Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/7VTC8w0Kd0WRwSrOnRsCLWD3pd0.roa
File: 7VTC8w0Kd0WRwSrOnRsCLWD3pd0.roa (raw, json)
Hash identifier: Pp08+OcvDGBTTEqsjdDk5fMhPqcQGBoSShTUBMr4IuA=
Subject key identifier: ED:54:C2:F3:0D:0A:77:45:91:C1:2A:CE:9D:1B:02:2D:60:F7:A5:DD
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 01855DB68EB9DAD49F80A388EF54C99899B3
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/7VTC8w0Kd0WRwSrOnRsCLWD3pd0.roa
Signing time: Thu 29 Dec 2022 11:48:43 +0000
ROA not before: Thu 29 Dec 2022 11:48:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43372
IP address blocks: 88.220.112.0/24 maxlen: 24
195.136.168.0/22 maxlen: 22
88.220.130.0/23 maxlen: 23
88.220.134.0/23 maxlen: 23
88.220.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:b6:8e:b9:da:d4:9f:80:a3:88:ef:54:c9:98:99:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Dec 29 11:48:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed54c2f30d0a774591c12ace9d1b022d60f7a5dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:fd:b4:8b:84:2f:e8:61:a9:f6:a7:6d:bc:5c:
1c:39:65:20:cb:93:e1:9c:3d:01:72:56:49:28:81:
86:bb:53:89:47:6c:87:bd:6d:29:7a:ff:4c:6d:58:
42:c0:6c:2e:e2:93:c2:50:92:a4:08:3a:42:d2:5b:
c0:c7:bf:8b:2a:52:3d:11:62:6f:cf:3d:9f:e4:c4:
5a:20:ef:cf:a1:b0:a6:b6:d3:60:3b:65:ce:ef:60:
06:eb:64:60:d3:ec:72:ff:40:72:71:35:af:e5:f6:
00:3f:79:fa:e5:87:29:e4:10:2a:c1:7e:d7:bc:8f:
0f:01:7d:78:53:f7:9f:ef:e3:30:f0:d8:06:fb:18:
30:21:5d:48:89:1e:da:ee:d2:53:70:e5:ca:65:8b:
74:5b:fc:57:63:66:2b:13:4d:49:86:d5:a0:91:ed:
c4:e6:c9:d4:92:7b:32:3d:45:ba:8e:2b:11:66:45:
39:32:94:2e:5d:b9:0d:20:60:dd:02:ac:66:fc:51:
c6:6d:01:29:62:28:bb:0a:a3:06:c4:69:2c:32:db:
bf:2d:5f:e1:64:0d:30:52:ee:28:3f:09:60:db:3a:
90:69:ae:23:e3:40:fd:d5:b7:c1:93:f2:51:f8:b1:
cb:a7:bd:f5:8c:35:75:f5:14:32:33:7a:ac:6e:72:
50:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:54:C2:F3:0D:0A:77:45:91:C1:2A:CE:9D:1B:02:2D:60:F7:A5:DD
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/7VTC8w0Kd0WRwSrOnRsCLWD3pd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.112.0/24
88.220.130.0/23
88.220.134.0/23
88.220.161.0/24
195.136.168.0/22
Signature Algorithm: sha256WithRSAEncryption
44:9b:94:bb:5f:ac:0e:bc:4b:95:10:1d:fa:27:eb:29:b4:de:
1f:56:49:76:46:ad:d9:cf:98:4f:71:8e:18:5b:f2:35:1f:58:
e6:a7:29:0c:7c:c7:6f:21:24:b5:3a:06:57:d7:2f:ed:d2:79:
02:98:ea:02:da:2d:79:9a:2f:a0:7e:9b:46:44:cb:55:ce:e2:
9b:58:4e:7e:60:2f:6b:8c:0a:11:75:97:2f:49:c9:5d:73:7d:
32:37:90:0a:18:d1:d7:e1:71:16:b5:aa:e7:8e:55:97:6b:13:
f9:dc:3b:83:8e:8e:b0:aa:0d:41:a9:5e:b7:86:c9:17:df:4b:
3c:b3:78:4c:1a:c9:51:05:6f:96:e1:95:af:9a:8a:24:80:61:
40:1f:33:1c:5e:8c:71:40:0e:d8:8c:85:04:57:60:8e:55:41:
fd:6a:5d:53:8d:a0:f8:53:79:34:82:6e:26:69:5f:0b:d3:89:
a9:90:37:55:ce:d5:f6:d2:d7:99:bc:47:9d:4d:ac:ba:b8:5b:
e0:aa:bb:9a:ca:e0:a8:7b:66:7b:3a:83:73:a1:4b:03:e9:dd:
f3:b2:75:ea:bb:0d:4a:a3:56:de:5e:24:a0:b7:2a:5a:e9:59:
fb:3c:a0:86:b5:fc:17:b9:fc:d5:2c:e0:ae:23:19:f7:58:55:
31:a2:36:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVdto652tSfgKOI71TJmJmzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjIxMjI5MTE0ODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDU0YzJmMzBkMGE3NzQ1OTFjMTJhY2U5ZDFiMDIyZDYwZjdhNWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvP20i4Qv6GGp9qdtvFwcOWUgy5Ph
nD0BclZJKIGGu1OJR2yHvW0pev9MbVhCwGwu4pPCUJKkCDpC0lvAx7+LKlI9EWJv
zz2f5MRaIO/PobCmttNgO2XO72AG62Rg0+xy/0BycTWv5fYAP3n65Ycp5BAqwX7X
vI8PAX14U/ef7+Mw8NgG+xgwIV1IiR7a7tJTcOXKZYt0W/xXY2YrE01JhtWgke3E
5snUknsyPUW6jisRZkU5MpQuXbkNIGDdAqxm/FHGbQEpYii7CqMGxGksMtu/LV/h
ZA0wUu4oPwlg2zqQaa4j40D91bfBk/JR+LHLp731jDV19RQyM3qsbnJQYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO1UwvMNCndFkcEqzp0bAi1g96XdMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvN1ZUQzh3MEtkMFdSd1NyT25Sc0NMV0QzcGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWNxwAwQB
WNyCAwQBWNyGAwQAWNyhAwQCw4ioMA0GCSqGSIb3DQEBCwUAA4IBAQBEm5S7X6wO
vEuVEB36J+sptN4fVkl2Rq3Zz5hPcY4YW/I1H1jmpykMfMdvISS1OgZX1y/t0nkC
mOoC2i15mi+gfptGRMtVzuKbWE5+YC9rjAoRdZcvScldc30yN5AKGNHX4XEWtarn
jlWXaxP53DuDjo6wqg1BqV63hskX30s8s3hMGslRBW+W4ZWvmookgGFAHzMcXoxx
QA7YjIUEV2COVUH9al1TjaD4U3k0gm4maV8L04mpkDdVztX20teZvEedTay6uFvg
qruayuCoe2Z7OoNzoUsD6d3zsnXquw1Ko1beXiSgtypa6Vn7PKCGtfwXufzVLOCu
Ixn3WFUxojaZ
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:00 2025 by rpki-client