Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/YpRJCgKsREEnE9a9hnI6s_YeV8w.roa
File: YpRJCgKsREEnE9a9hnI6s_YeV8w.roa (raw, json)
Hash identifier: VEaYTSlV2p3q4/ZvW1elwaEhY4nvxx3w77Mm0ZsZhTo=
Subject key identifier: 62:94:49:0A:02:AC:44:41:27:13:D6:BD:86:72:3A:B3:F6:1E:57:CC
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 0186FDF82C419C426C59D6A9292CEEE89EE3
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/YpRJCgKsREEnE9a9hnI6s_YeV8w.roa
Signing time: Mon 20 Mar 2023 07:42:25 +0000
ROA not before: Mon 20 Mar 2023 07:42:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49664
IP address blocks: 88.220.107.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:fd:f8:2c:41:9c:42:6c:59:d6:a9:29:2c:ee:e8:9e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Mar 20 07:42:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6294490a02ac44412713d6bd86723ab3f61e57cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:44:d4:02:e0:27:4f:7a:28:30:13:26:8f:ea:
4b:0a:7a:1e:22:7c:12:02:47:03:96:2e:34:26:a6:
7b:e4:29:fc:c2:b0:72:1f:91:65:a1:03:2d:3b:53:
a2:b7:8c:e6:02:ee:a9:84:04:f4:d1:37:88:82:ea:
9c:98:61:02:48:bf:76:05:9d:45:c4:93:dc:73:bc:
c4:f4:f1:8a:ea:ac:f7:8b:36:c4:da:66:cb:f5:44:
a2:cc:9e:a8:8b:1a:b2:f9:53:c0:5b:66:6e:cb:6b:
40:5a:91:f2:ba:33:95:4a:fb:14:05:a1:50:db:6b:
42:43:17:da:1e:85:6f:fb:88:20:3f:6e:b8:ae:ea:
6f:53:37:76:0b:c3:cd:2b:10:37:e7:9d:cd:5f:a4:
8c:9e:2d:11:64:81:6f:c9:1d:67:9e:7c:b2:f0:67:
42:6b:18:5d:70:52:ce:e7:c3:5a:f3:ab:d6:0c:7b:
2b:a6:b9:12:03:f0:33:19:67:4c:01:b7:ae:9d:56:
a8:0e:92:69:5a:04:1a:78:d0:a5:f8:da:08:94:e3:
06:59:71:ec:05:f6:2d:5d:b7:86:20:f3:f5:97:b7:
31:33:65:be:67:7c:d5:4a:56:fb:d2:67:01:50:fa:
04:05:24:0d:ad:b0:e2:ae:a3:f1:f4:e1:92:bd:b1:
66:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:94:49:0A:02:AC:44:41:27:13:D6:BD:86:72:3A:B3:F6:1E:57:CC
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/YpRJCgKsREEnE9a9hnI6s_YeV8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.220.107.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:26:57:31:41:45:3b:8f:75:5c:13:30:69:d0:2e:fe:e1:64:
d6:57:e4:a4:13:8a:45:01:78:90:2f:eb:f7:c1:9e:a8:69:32:
b4:b6:61:7e:aa:eb:a1:61:96:b9:fe:8e:db:db:cc:b0:1b:59:
1d:0f:2d:44:7d:17:bf:e4:39:5d:d6:6f:6d:5e:c4:75:2a:66:
6f:4a:ca:05:d1:c6:58:09:b0:e6:df:e1:31:0c:b8:7a:15:2e:
ee:2e:1e:87:69:09:90:89:95:e4:bf:6e:cb:17:2b:b2:5f:76:
50:b4:c3:15:b7:98:fd:e2:c9:bc:c3:ed:31:9a:f2:e0:cb:dc:
29:ec:87:e9:a6:64:9f:73:07:fb:1d:db:88:78:69:bb:0f:16:
c5:62:75:5a:a3:8f:e1:86:e1:b6:62:b7:0a:7d:28:28:12:47:
dd:c6:7a:41:49:2f:ba:b4:cf:c3:e8:d7:1c:2c:09:07:d6:d0:
da:f0:e1:f7:fa:ee:28:c5:c0:6c:8d:3e:93:7b:d7:35:c3:57:
aa:ea:c8:87:df:ab:1e:96:7f:c9:da:c4:13:68:6d:34:bf:b3:
19:92:fa:df:bc:7d:e4:d1:42:21:7e:db:3b:94:04:f6:5c:0c:
df:6b:e5:39:34:e8:d5:e1:7a:52:41:7d:94:7d:65:22:da:33:
8c:1a:a1:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYb9+CxBnEJsWdapKSzu6J7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjMwMzIwMDc0MjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Mjk0NDkwYTAyYWM0NDQxMjcxM2Q2YmQ4NjcyM2FiM2Y2MWU1N2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0TUAuAnT3ooMBMmj+pLCnoeInwS
AkcDli40JqZ75Cn8wrByH5FloQMtO1Oit4zmAu6phAT00TeIguqcmGECSL92BZ1F
xJPcc7zE9PGK6qz3izbE2mbL9USizJ6oixqy+VPAW2Zuy2tAWpHyujOVSvsUBaFQ
22tCQxfaHoVv+4ggP264rupvUzd2C8PNKxA3553NX6SMni0RZIFvyR1nnnyy8GdC
axhdcFLO58Na86vWDHsrprkSA/AzGWdMAbeunVaoDpJpWgQaeNCl+NoIlOMGWXHs
BfYtXbeGIPP1l7cxM2W+Z3zVSlb70mcBUPoEBSQNrbDirqPx9OGSvbFmUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKUSQoCrERBJxPWvYZyOrP2HlfMMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvWXBSSkNnS3NSRUVuRTlhOWhuSTZzX1llVjh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNxrMA0G
CSqGSIb3DQEBCwUAA4IBAQAMJlcxQUU7j3VcEzBp0C7+4WTWV+SkE4pFAXiQL+v3
wZ6oaTK0tmF+quuhYZa5/o7b28ywG1kdDy1EfRe/5Dld1m9tXsR1KmZvSsoF0cZY
CbDm3+ExDLh6FS7uLh6HaQmQiZXkv27LFyuyX3ZQtMMVt5j94sm8w+0xmvLgy9wp
7IfppmSfcwf7HduIeGm7DxbFYnVao4/hhuG2YrcKfSgoEkfdxnpBSS+6tM/D6Ncc
LAkH1tDa8OH3+u4oxcBsjT6Te9c1w1eq6siH36seln/J2sQTaG00v7MZkvrfvH3k
0UIhfts7lAT2XAzfa+U5NOjV4XpSQX2UfWUi2jOMGqGa
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:33 2025 by rpki-client