Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/I4g6pPtz7scmSf8kTyMRU2fgcyA.roa
File: I4g6pPtz7scmSf8kTyMRU2fgcyA.roa (raw, json)
Hash identifier: RCT/oSE/q7o3z2t1gxO4CYxRBUMNWw2HAL5poQQcyFA=
Subject key identifier: 23:88:3A:A4:FB:73:EE:C7:26:49:FF:24:4F:23:11:53:67:E0:73:20
Certificate issuer: /CN=9d3b3ff93b833735cacd652ce349fa323402432b
Certificate serial: 0185708CD50234CFB5398E6CDE0F3B17C5DB
Authority key identifier: 9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/I4g6pPtz7scmSf8kTyMRU2fgcyA.roa
Signing time: Mon 02 Jan 2023 03:35:55 +0000
ROA not before: Mon 02 Jan 2023 03:35:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15576
IP address blocks: 217.197.128.0/21 maxlen: 21
88.214.4.0/22 maxlen: 22
2a03:580::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:d5:02:34:cf:b5:39:8e:6c:de:0f:3b:17:c5:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3b3ff93b833735cacd652ce349fa323402432b
Validity
Not Before: Jan 2 03:35:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23883aa4fb73eec72649ff244f23115367e07320
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:53:69:14:fb:d9:84:2b:77:b8:0d:e0:0d:c2:
88:d8:40:c3:0f:91:5f:12:7b:31:6f:e1:83:20:10:
a3:a0:42:07:67:3e:38:fd:78:f0:bc:97:bc:ef:3e:
7c:a4:98:0b:4b:4b:d0:d2:9c:20:46:32:d8:35:70:
97:a0:01:7b:4a:5f:71:22:af:4c:bf:57:f8:cc:bf:
d9:59:20:ad:51:c8:ae:e9:a0:42:3c:58:24:27:c4:
ed:be:0c:28:e2:8d:2d:cf:0e:b3:09:66:01:ce:2b:
96:11:26:ef:3b:32:6a:8f:81:ae:ff:e0:14:6c:59:
b7:a6:8f:78:0e:b1:d7:fa:90:02:aa:81:d6:e8:31:
3f:4c:2f:59:b8:47:6c:1f:de:bd:5e:fe:53:29:ab:
ab:34:d9:21:b2:5f:df:d8:1b:e6:f1:05:6f:21:d4:
8c:06:20:32:43:62:a6:f3:ed:73:e7:b6:c6:e7:4b:
6d:77:f1:72:36:63:9c:33:c1:7d:a6:00:13:02:dc:
4b:a0:12:1c:c4:1e:ef:1d:31:3c:9f:64:db:8d:a6:
07:cb:5f:28:eb:7d:b7:8f:46:12:61:0a:49:c3:0a:
a6:da:98:49:ac:0a:9e:24:0f:7b:4e:21:8c:65:a1:
70:d1:c6:f9:b3:1e:cc:5c:4d:fe:5f:1a:08:5a:7c:
17:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:88:3A:A4:FB:73:EE:C7:26:49:FF:24:4F:23:11:53:67:E0:73:20
X509v3 Authority Key Identifier:
keyid:9D:3B:3F:F9:3B:83:37:35:CA:CD:65:2C:E3:49:FA:32:34:02:43:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nTs_-TuDNzXKzWUs40n6MjQCQys.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/I4g6pPtz7scmSf8kTyMRU2fgcyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c5d4b2-b57f-4562-aabe-c8ceab8bc050/1/nTs_-TuDNzXKzWUs40n6MjQCQys.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.4.0/22
217.197.128.0/21
IPv6:
2a03:580::/32
Signature Algorithm: sha256WithRSAEncryption
09:9f:50:ac:5a:9f:be:4e:30:b1:0c:f1:44:1f:84:1e:03:4c:
0e:5b:be:6c:a1:d0:be:e7:9a:bf:be:81:4d:ef:d5:f5:40:8c:
33:75:98:9f:0d:c6:82:72:ad:3e:89:08:97:cf:0b:27:ef:2f:
19:16:7b:6b:79:f8:e7:ec:52:40:6d:30:7b:0e:40:fb:58:0f:
af:e5:52:1f:cb:a8:de:8c:f6:36:cc:a8:78:48:15:80:c3:59:
f9:df:2f:75:d9:3e:33:68:2b:23:30:8b:c0:46:2a:9f:e3:2a:
8b:18:a3:b9:f2:73:ff:6b:04:95:de:9f:44:f0:a5:52:dd:b4:
7e:7d:81:6a:8d:ba:cc:84:71:83:18:08:db:63:93:b5:4d:de:
cb:64:51:3f:0c:ea:24:c9:3a:45:b0:37:23:5b:02:a7:36:89:
fa:f1:ef:65:11:fd:c0:bb:20:4f:07:04:a3:f0:f8:ba:25:ac:
1d:db:34:bc:9d:8d:8d:35:75:89:19:88:be:e1:b7:2d:4b:96:
d8:81:11:f7:20:b2:e9:1d:b0:59:4d:10:26:ad:27:92:64:3e:
f2:bb:1b:f8:53:e3:f7:84:12:62:55:f8:b9:5f:ad:5b:fb:92:
f6:5d:47:a2:89:1a:9b:e3:d8:21:67:2e:41:ef:d1:e8:7e:25:
eb:b1:0c:e7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwjNUCNM+1OY5s3g87F8XbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkM2IzZmY5M2I4MzM3MzVjYWNkNjUyY2UzNDlmYTMyMzQw
MjQzMmIwHhcNMjMwMTAyMDMzNTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzg4M2FhNGZiNzNlZWM3MjY0OWZmMjQ0ZjIzMTE1MzY3ZTA3MzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFNpFPvZhCt3uA3gDcKI2EDDD5Ff
Ensxb+GDIBCjoEIHZz44/XjwvJe87z58pJgLS0vQ0pwgRjLYNXCXoAF7Sl9xIq9M
v1f4zL/ZWSCtUciu6aBCPFgkJ8Ttvgwo4o0tzw6zCWYBziuWESbvOzJqj4Gu/+AU
bFm3po94DrHX+pACqoHW6DE/TC9ZuEdsH969Xv5TKaurNNkhsl/f2Bvm8QVvIdSM
BiAyQ2Km8+1z57bG50ttd/FyNmOcM8F9pgATAtxLoBIcxB7vHTE8n2TbjaYHy18o
6323j0YSYQpJwwqm2phJrAqeJA97TiGMZaFw0cb5sx7MXE3+XxoIWnwXwwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCOIOqT7c+7HJkn/JE8jEVNn4HMgMB8GA1UdIwQY
MBaAFJ07P/k7gzc1ys1lLONJ+jI0AkMrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUt
YzhjZWFiOGJjMDUwLzEvSTRnNnBQdHo3c2NtU2Y4a1R5TVJVMmZnY3lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNWQ0YjItYjU3Zi00NTYyLWFhYmUtYzhjZWFiOGJjMDUw
LzEvblRzXy1UdUROelhLeldVczQwbjZNalFDUXlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWNYEAwQD
2cWAMA0EAgACMAcDBQAqAwWAMA0GCSqGSIb3DQEBCwUAA4IBAQAJn1CsWp++TjCx
DPFEH4QeA0wOW75sodC+55q/voFN79X1QIwzdZifDcaCcq0+iQiXzwsn7y8ZFntr
efjn7FJAbTB7DkD7WA+v5VIfy6jejPY2zKh4SBWAw1n53y912T4zaCsjMIvARiqf
4yqLGKO58nP/awSV3p9E8KVS3bR+fYFqjbrMhHGDGAjbY5O1Td7LZFE/DOokyTpF
sDcjWwKnNon68e9lEf3AuyBPBwSj8Pi6Jawd2zS8nY2NNXWJGYi+4bctS5bYgRH3
ILLpHbBZTRAmrSeSZD7yuxv4U+P3hBJiVfi5X61b+5L2XUeiiRqb49ghZy5B79Ho
fiXrsQzn
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:39:10 2025 by rpki-client