Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/9YEl6jIpAfMt6J8NmMIWEfu0aOQ.roa
File: 9YEl6jIpAfMt6J8NmMIWEfu0aOQ.roa (raw, json)
Hash identifier: o0gwt8JZ2wQp9lyB82jwLTGKpzEL3qxXkK8UVxna9ic=
Subject key identifier: F5:81:25:EA:32:29:01:F3:2D:E8:9F:0D:98:C2:16:11:FB:B4:68:E4
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 0186C56AC20BA565A9100FA5110A49BC09E0
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/9YEl6jIpAfMt6J8NmMIWEfu0aOQ.roa
Signing time: Thu 09 Mar 2023 08:09:13 +0000
ROA not before: Thu 09 Mar 2023 08:09:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199694
IP address blocks: 88.220.71.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c5:6a:c2:0b:a5:65:a9:10:0f:a5:11:0a:49:bc:09:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Mar 9 08:09:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f58125ea322901f32de89f0d98c21611fbb468e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f5:43:d2:61:ab:20:b4:98:ce:c8:bc:bb:34:
15:d0:ed:e9:cc:ad:46:da:9a:99:cb:28:2e:df:64:
99:e5:b5:83:ba:0f:43:01:8d:44:e3:42:64:b8:eb:
14:23:1e:a1:d2:40:a9:da:84:45:b8:82:57:f3:f4:
ab:89:e6:ed:85:09:9a:07:a7:ef:4e:e3:78:05:42:
76:60:43:38:ee:cb:af:8f:97:91:01:63:03:68:ab:
62:44:34:03:bb:b7:8d:51:15:ed:01:b6:6c:1a:95:
40:ca:ad:93:07:09:ea:ab:e2:b8:1e:1a:97:66:88:
6d:6d:a9:1e:70:46:9a:9e:f7:2b:40:0a:29:e2:bb:
5d:e0:d8:81:29:c7:0a:8f:f3:5e:eb:80:fd:34:3c:
8c:52:51:75:5e:ec:1d:45:35:e9:38:55:b5:70:15:
0b:e6:f9:07:2f:ee:89:bd:ff:f9:d1:55:74:de:59:
69:ef:66:0d:27:8e:72:9e:ac:19:84:1f:f8:79:31:
1f:5f:2a:a9:7e:42:81:17:cf:df:1f:f4:1f:c3:87:
d5:5b:e1:71:1f:1b:bb:b4:14:9d:20:fb:90:7a:7d:
48:f9:0b:43:a2:fa:07:3d:5e:07:ef:69:ba:73:e8:
2e:9a:d0:86:29:1b:23:bc:20:f4:ba:9b:16:49:3d:
63:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:81:25:EA:32:29:01:F3:2D:E8:9F:0D:98:C2:16:11:FB:B4:68:E4
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/9YEl6jIpAfMt6J8NmMIWEfu0aOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.71.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d2:da:00:fc:f6:c2:b1:94:39:72:7b:3b:05:fc:12:82:dd:
7b:ca:8b:66:8a:b6:6d:d5:2d:a4:c4:cb:b3:46:9f:a4:c0:e8:
c0:e1:15:c9:e2:1f:e7:95:72:7b:60:d1:4e:96:3d:23:29:6c:
ee:0d:6a:4e:59:e0:44:48:bb:e2:4e:d0:4e:7b:4b:26:be:4a:
1f:cc:57:ea:74:8f:bc:7d:9b:3d:ad:f7:fe:0d:17:aa:ab:04:
b3:93:e1:46:f6:fd:1c:06:04:9c:7d:c7:59:b2:34:bf:9b:4b:
1f:54:c0:5a:98:03:fb:1f:2a:12:51:22:fd:0b:2e:a7:45:b7:
5a:1f:57:26:21:08:d0:21:fc:29:1c:74:93:10:02:f9:22:b5:
a5:79:7e:fa:6a:94:8b:92:cb:d2:0f:e8:41:68:5b:f8:74:5b:
d6:53:2b:57:33:91:22:1f:52:61:dc:19:83:80:b9:56:45:a4:
50:9b:2d:f7:71:ed:3e:b5:4f:8d:f6:41:34:72:ea:94:05:d9:
11:6c:29:f7:77:f7:60:d6:69:ed:37:68:e3:ff:82:28:a0:59:
ec:ce:0c:78:f0:09:3c:af:d2:87:12:c5:af:5a:48:a5:d4:a3:
84:d0:b7:9f:55:6b:d1:51:f2:7e:c8:e4:b6:5b:bc:dd:82:4b:
41:aa:11:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbFasILpWWpEA+lEQpJvAngMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMzA5MDgwOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTgxMjVlYTMyMjkwMWYzMmRlODlmMGQ5OGMyMTYxMWZiYjQ2OGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfVD0mGrILSYzsi8uzQV0O3pzK1G
2pqZyygu32SZ5bWDug9DAY1E40JkuOsUIx6h0kCp2oRFuIJX8/SriebthQmaB6fv
TuN4BUJ2YEM47suvj5eRAWMDaKtiRDQDu7eNURXtAbZsGpVAyq2TBwnqq+K4HhqX
ZohtbakecEaanvcrQAop4rtd4NiBKccKj/Ne64D9NDyMUlF1XuwdRTXpOFW1cBUL
5vkHL+6Jvf/50VV03llp72YNJ45ynqwZhB/4eTEfXyqpfkKBF8/fH/Qfw4fVW+Fx
Hxu7tBSdIPuQen1I+QtDovoHPV4H72m6c+gumtCGKRsjvCD0upsWST1jHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPWBJeoyKQHzLeifDZjCFhH7tGjkMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvOVlFbDZqSXBBZk10Nko4Tm1NSVdFZnUwYU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxHMA0G
CSqGSIb3DQEBCwUAA4IBAQBn0toA/PbCsZQ5cns7BfwSgt17yotmirZt1S2kxMuz
Rp+kwOjA4RXJ4h/nlXJ7YNFOlj0jKWzuDWpOWeBESLviTtBOe0smvkofzFfqdI+8
fZs9rff+DReqqwSzk+FG9v0cBgScfcdZsjS/m0sfVMBamAP7HyoSUSL9Cy6nRbda
H1cmIQjQIfwpHHSTEAL5IrWleX76apSLksvSD+hBaFv4dFvWUytXM5EiH1Jh3BmD
gLlWRaRQmy33ce0+tU+N9kE0cuqUBdkRbCn3d/dg1mntN2jj/4IooFnszgx48Ak8
r9KHEsWvWkil1KOE0LefVWvRUfJ+yOS2W7zdgktBqhG8
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:59 2025 by rpki-client