Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/2NjsBA0kxI4rYO-e6fNB1LijIyc.roa
File: 2NjsBA0kxI4rYO-e6fNB1LijIyc.roa (raw, json)
Hash identifier: OC91Fg+NextjuAB92atVd300vdxIzqjN4qd9j/FjzUg=
Subject key identifier: D8:D8:EC:04:0D:24:C4:8E:2B:60:EF:9E:E9:F3:41:D4:B8:A3:23:27
Certificate issuer: /CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Certificate serial: 018C396F26C30A1A4DBBB566622734EF9C02
Authority key identifier: BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/2NjsBA0kxI4rYO-e6fNB1LijIyc.roa
Signing time: Tue 05 Dec 2023 10:03:54 +0000
ROA not before: Tue 05 Dec 2023 10:03:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 30815
IP address blocks: 88.209.191.0/24 maxlen: 24
88.209.132.0/22 maxlen: 22
88.209.132.0/24 maxlen: 24
88.209.130.0/24 maxlen: 24
88.209.128.0/24 maxlen: 24
88.209.128.0/22 maxlen: 22
88.209.136.0/22 maxlen: 22
88.209.135.0/24 maxlen: 24
93.189.98.0/23 maxlen: 23
185.63.233.0/24 maxlen: 24
185.63.232.0/23 maxlen: 23
185.63.232.0/22 maxlen: 22
185.63.232.0/24 maxlen: 24
93.189.96.0/23 maxlen: 23
93.189.96.0/21 maxlen: 21
93.189.100.0/23 maxlen: 23
185.63.235.0/24 maxlen: 24
185.63.234.0/24 maxlen: 24
93.189.102.0/23 maxlen: 23
88.209.160.0/21 maxlen: 21
88.209.160.0/22 maxlen: 22
88.209.164.0/22 maxlen: 22
88.209.164.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:39:6f:26:c3:0a:1a:4d:bb:b5:66:62:27:34:ef:9c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baaa64cd29c94ccde14448f61a172c763b1e4050
Validity
Not Before: Dec 5 10:03:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8d8ec040d24c48e2b60ef9ee9f341d4b8a32327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:10:e8:2f:9d:3a:eb:7b:ba:6c:e1:b8:7a:9f:
c9:4c:91:8f:dc:e1:b8:e9:7f:89:c0:a5:36:a7:f3:
25:1b:19:21:b2:3a:df:6e:90:43:08:35:23:df:76:
fe:c6:e0:44:79:3e:04:d9:dd:d3:c3:f8:61:72:41:
43:af:3c:c7:c6:e5:b4:8d:ab:df:38:dd:cb:55:a0:
37:a3:31:d6:6b:43:26:90:d0:86:0f:d8:08:7a:73:
49:a9:bc:8d:71:e0:57:20:0b:a0:ab:3d:8f:35:b5:
fc:36:d5:fd:49:3f:cf:85:47:25:b6:b1:19:e1:9f:
4b:78:d6:ee:59:1e:fd:ad:4a:df:73:2a:81:23:82:
c3:d3:b6:78:ef:f8:14:e2:00:a1:78:4e:db:a9:5e:
8b:ff:68:d7:76:2b:d7:6f:ac:47:9d:c0:96:bf:98:
27:86:10:9e:0e:b9:c5:b4:01:9e:c7:93:43:91:d9:
2c:b7:bf:8c:92:ee:d5:13:19:38:25:32:70:28:40:
73:eb:6e:b5:a5:31:eb:46:4a:d1:1c:a2:08:29:dd:
2a:f1:dc:fa:f5:bc:16:f3:a7:b6:e6:d8:28:6d:85:
3e:0c:b1:59:42:88:75:58:a5:9a:51:4d:18:70:ce:
03:da:b1:42:db:fe:e2:34:6c:2d:8e:f5:f6:61:72:
57:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D8:EC:04:0D:24:C4:8E:2B:60:EF:9E:E9:F3:41:D4:B8:A3:23:27
X509v3 Authority Key Identifier:
keyid:BA:AA:64:CD:29:C9:4C:CD:E1:44:48:F6:1A:17:2C:76:3B:1E:40:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqpkzSnJTM3hREj2GhcsdjseQFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/2NjsBA0kxI4rYO-e6fNB1LijIyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/71f439-2b1b-4ef0-b6a5-8fcaa6936c6c/1/uqpkzSnJTM3hREj2GhcsdjseQFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.128.0-88.209.139.255
88.209.160.0/21
88.209.191.0/24
93.189.96.0/21
185.63.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:ff:ac:4f:3b:92:b7:b3:23:d0:9b:1a:e6:7c:3d:a8:91:42:
02:f1:d9:7a:b5:e3:e1:84:33:76:cf:cd:8e:f1:3d:2c:e5:d6:
2f:44:a7:d4:30:99:c9:b3:0e:fa:7d:ab:57:1f:5a:b4:b7:68:
8b:69:61:e2:80:cd:68:26:d2:cf:4f:fc:df:86:c6:79:fd:85:
1b:48:8e:f7:5e:75:67:8f:d7:f8:fe:57:60:df:c7:09:ad:ad:
72:c2:16:f5:d8:eb:03:a9:9d:f3:41:7c:1f:b9:a5:a4:2a:04:
86:d2:b5:f9:d6:f4:e2:d5:c1:fc:83:98:62:69:ae:6f:50:b0:
a9:48:8b:83:30:79:e7:1a:44:2b:06:07:73:04:88:4a:42:ae:
88:f2:aa:bc:45:77:99:4f:f2:7b:b4:3d:04:9f:fa:e2:0f:eb:
7e:16:48:8f:6a:d0:d3:f2:4f:3a:2f:08:32:4a:6b:3b:1f:6e:
59:eb:14:d8:8e:a5:f8:43:88:81:e0:0f:f1:24:74:2f:b1:ee:
a2:fc:76:6a:6c:e5:73:77:e4:0a:49:d8:1a:da:51:71:21:9a:
76:ff:e7:b3:51:cb:c5:15:cb:89:4a:7d:18:0f:32:02:5c:01:
4a:83:b7:23:24:4b:14:9f:53:85:4b:03:a8:04:38:61:42:6d:
b9:d9:cc:8c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYw5bybDChpNu7VmYic075wCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYWE2NGNkMjljOTRjY2RlMTQ0NDhmNjFhMTcyYzc2M2Ix
ZTQwNTAwHhcNMjMxMjA1MTAwMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQ4ZWMwNDBkMjRjNDhlMmI2MGVmOWVlOWYzNDFkNGI4YTMyMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRDoL50663u6bOG4ep/JTJGP3OG4
6X+JwKU2p/MlGxkhsjrfbpBDCDUj33b+xuBEeT4E2d3Tw/hhckFDrzzHxuW0javf
ON3LVaA3ozHWa0MmkNCGD9gIenNJqbyNceBXIAugqz2PNbX8NtX9ST/PhUcltrEZ
4Z9LeNbuWR79rUrfcyqBI4LD07Z47/gU4gCheE7bqV6L/2jXdivXb6xHncCWv5gn
hhCeDrnFtAGex5NDkdkst7+Mku7VExk4JTJwKEBz6261pTHrRkrRHKIIKd0q8dz6
9bwW86e25tgobYU+DLFZQoh1WKWaUU0YcM4D2rFC2/7iNGwtjvX2YXJXiwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNjY7AQNJMSOK2DvnunzQdS4oyMnMB8GA1UdIwQY
MBaAFLqqZM0pyUzN4URI9hoXLHY7HkBQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUt
OGZjYWE2OTM2YzZjLzEvMk5qc0JBMGt4STRyWU8tZTZmTkIxTGlqSXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83MWY0MzktMmIxYi00ZWYwLWI2YTUtOGZjYWE2OTM2YzZj
LzEvdXFwa3pTbkpUTTNoUkVqMkdoY3NkanNlUUZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdY0YAD
BAJY0YgDBANY0aADBABY0b8DBANdvWADBAK5P+gwDQYJKoZIhvcNAQELBQADggEB
AI7/rE87krezI9CbGuZ8PaiRQgLx2Xq14+GEM3bPzY7xPSzl1i9Ep9QwmcmzDvp9
q1cfWrS3aItpYeKAzWgm0s9P/N+Gxnn9hRtIjvdedWeP1/j+V2DfxwmtrXLCFvXY
6wOpnfNBfB+5paQqBIbStfnW9OLVwfyDmGJprm9QsKlIi4MweecaRCsGB3MEiEpC
rojyqrxFd5lP8nu0PQSf+uIP634WSI9q0NPyTzovCDJKazsfblnrFNiOpfhDiIHg
D/EkdC+x7qL8dmps5XN35ApJ2BraUXEhmnb/57NRy8UVy4lKfRgPMgJcAUqDtyMk
SxSfU4VLA6gEOGFCbbnZzIw=
-----END CERTIFICATE-----
Generated at Sat Apr 19 06:46:44 2025 by rpki-client