Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/4OSPzrXuYw8-J5FKgNP9QLpGyfE.roa
File: 4OSPzrXuYw8-J5FKgNP9QLpGyfE.roa (raw, json)
Hash identifier: CRS00l0pcw5atwMw1wRMl9XjSUf7p82FmLn5KZXCsSU=
Subject key identifier: E0:E4:8F:CE:B5:EE:63:0F:3E:27:91:4A:80:D3:FD:40:BA:46:C9:F1
Certificate issuer: /CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Certificate serial: 01850BAA658EFDD092ACB287FB9A8BEFC16E
Authority key identifier: AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/4OSPzrXuYw8-J5FKgNP9QLpGyfE.roa
Signing time: Tue 13 Dec 2022 13:26:34 +0000
ROA not before: Tue 13 Dec 2022 13:26:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212345
IP address blocks: 88.218.115.0/24 maxlen: 24
88.218.113.0/24 maxlen: 24
93.179.90.0/23 maxlen: 23
2a0f:52c1:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:aa:65:8e:fd:d0:92:ac:b2:87:fb:9a:8b:ef:c1:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab7aaabb23cd245bfa828fb02521d644c6d5b566
Validity
Not Before: Dec 13 13:26:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e0e48fceb5ee630f3e27914a80d3fd40ba46c9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ed:8c:68:8c:d8:f9:62:62:ea:6b:4a:75:c7:
09:ed:a7:2d:b1:33:72:f3:ba:7e:6b:f0:4f:ab:fa:
dd:23:c0:7d:58:09:c4:74:2f:ef:f4:f4:04:6f:50:
ae:99:fd:10:32:b1:4b:44:20:67:6a:f5:b2:e8:cb:
6f:9c:6b:29:bb:7d:05:fe:91:64:46:82:47:45:a7:
1f:92:3d:2d:bc:a8:d5:18:fc:63:8e:c6:4c:3c:e9:
3c:ed:63:ef:ad:6a:3c:c0:a1:34:fd:1e:38:7e:89:
da:27:a2:38:5a:42:5d:60:18:a1:98:c2:98:3c:66:
82:eb:7e:60:a3:66:e3:10:81:d2:56:d1:7f:ae:ef:
23:e1:2e:19:c4:c3:46:66:03:c6:92:b2:47:ce:bf:
12:2c:6e:09:2f:c2:50:d8:ef:6a:bc:ee:d2:9b:ad:
f7:9c:ba:2a:79:f2:2c:58:75:40:61:55:2e:cc:16:
e6:55:92:97:87:b4:f4:20:91:7b:1f:77:35:98:a0:
cc:a5:34:50:f1:46:6e:51:51:5a:f3:81:b3:21:83:
46:9c:09:71:14:08:03:73:1e:6f:e7:00:cf:a4:e1:
86:1e:7c:17:1e:ef:fb:0c:16:b6:23:13:86:6d:cd:
05:65:24:79:92:d2:13:13:f4:6b:5c:76:9f:b5:3f:
59:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E4:8F:CE:B5:EE:63:0F:3E:27:91:4A:80:D3:FD:40:BA:46:C9:F1
X509v3 Authority Key Identifier:
keyid:AB:7A:AA:BB:23:CD:24:5B:FA:82:8F:B0:25:21:D6:44:C6:D5:B5:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q3qquyPNJFv6go-wJSHWRMbVtWY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/4OSPzrXuYw8-J5FKgNP9QLpGyfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/46dec5-c38d-4c1d-9cec-9ead81da2e44/1/q3qquyPNJFv6go-wJSHWRMbVtWY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.113.0/24
88.218.115.0/24
93.179.90.0/23
IPv6:
2a0f:52c1:1::/48
Signature Algorithm: sha256WithRSAEncryption
35:ae:a8:79:8b:c1:a3:6a:e6:cf:70:39:8a:7d:97:d2:2f:6a:
99:b9:fb:71:12:ce:64:ce:8e:13:97:ad:0d:44:8b:b3:26:4d:
23:dc:9f:b0:48:8c:64:19:a3:94:09:f1:1f:5d:d7:e0:26:cc:
8e:4d:30:eb:b5:a5:cd:a2:7c:29:63:16:7a:b6:62:67:c1:0a:
76:c0:fe:98:d3:b5:9e:0e:34:33:1f:d4:dc:26:ff:16:9c:76:
5a:47:13:b3:a4:56:e2:5d:0c:18:85:8f:19:6a:c1:6b:e3:e5:
f9:2e:58:58:25:15:d3:b3:81:22:57:59:bd:e5:9a:63:5f:8d:
c1:5b:1c:80:ff:17:c9:e6:76:b1:8f:b6:4d:48:83:97:dd:3a:
c8:ef:f5:b2:20:2e:5c:f0:e5:d5:f1:e4:7a:8e:27:cb:e2:f6:
88:d0:ab:5d:37:4d:1e:c9:47:8a:16:1b:c3:4f:b7:ba:a8:ea:
89:5a:b2:c2:35:8a:e6:5d:dd:f0:f0:31:a2:c5:5d:e6:fb:8d:
b9:15:ec:75:a3:1f:57:d4:34:25:b2:b4:8a:6c:da:6e:c5:83:
f3:98:d4:8f:74:7a:3b:cd:25:25:97:d4:88:62:9a:39:59:7f:
73:17:4d:e5:1f:8d:c1:c4:32:cb:5e:97:49:4a:f1:f7:32:27:
12:94:e4:ba
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYULqmWO/dCSrLKH+5qL78FuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiN2FhYWJiMjNjZDI0NWJmYTgyOGZiMDI1MjFkNjQ0YzZk
NWI1NjYwHhcNMjIxMjEzMTMyNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU0OGZjZWI1ZWU2MzBmM2UyNzkxNGE4MGQzZmQ0MGJhNDZjOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+2MaIzY+WJi6mtKdccJ7actsTNy
87p+a/BPq/rdI8B9WAnEdC/v9PQEb1Cumf0QMrFLRCBnavWy6MtvnGspu30F/pFk
RoJHRacfkj0tvKjVGPxjjsZMPOk87WPvrWo8wKE0/R44fonaJ6I4WkJdYBihmMKY
PGaC635go2bjEIHSVtF/ru8j4S4ZxMNGZgPGkrJHzr8SLG4JL8JQ2O9qvO7Sm633
nLoqefIsWHVAYVUuzBbmVZKXh7T0IJF7H3c1mKDMpTRQ8UZuUVFa84GzIYNGnAlx
FAgDcx5v5wDPpOGGHnwXHu/7DBa2IxOGbc0FZSR5ktITE/RrXHaftT9Z4QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFODkj8617mMPPieRSoDT/UC6RsnxMB8GA1UdIwQY
MBaAFKt6qrsjzSRb+oKPsCUh1kTG1bVmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMt
OWVhZDgxZGEyZTQ0LzEvNE9TUHpyWHVZdzgtSjVGS2dOUDlRTHBHeWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80NmRlYzUtYzM4ZC00YzFkLTljZWMtOWVhZDgxZGEyZTQ0
LzEvcTNxcXV5UE5KRnY2Z28td0pTSFdSTWJWdFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAWNpxAwQA
WNpzAwQBXbNaMA8EAgACMAkDBwAqD1LBAAEwDQYJKoZIhvcNAQELBQADggEBADWu
qHmLwaNq5s9wOYp9l9Ivapm5+3ESzmTOjhOXrQ1Ei7MmTSPcn7BIjGQZo5QJ8R9d
1+AmzI5NMOu1pc2ifCljFnq2YmfBCnbA/pjTtZ4ONDMf1Nwm/xacdlpHE7OkVuJd
DBiFjxlqwWvj5fkuWFglFdOzgSJXWb3lmmNfjcFbHID/F8nmdrGPtk1Ig5fdOsjv
9bIgLlzw5dXx5HqOJ8vi9ojQq103TR7JR4oWG8NPt7qo6olassI1iuZd3fDwMaLF
Xeb7jbkV7HWjH1fUNCWytIps2m7Fg/OY1I90ejvNJSWX1IhimjlZf3MXTeUfjcHE
Mstel0lK8fcyJxKU5Lo=
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:23:17 2025 by rpki-client