Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/Gn3JY42NRJkOuE1nwlSrjbVQYgc.roa
File: Gn3JY42NRJkOuE1nwlSrjbVQYgc.roa (raw, json)
Hash identifier: trZit8mFPg1G/BWQan6k0nDaF3sL5qY7n18mgPTZ26o=
Subject key identifier: 1A:7D:C9:63:8D:8D:44:99:0E:B8:4D:67:C2:54:AB:8D:B5:50:62:07
Certificate issuer: /CN=4732d0fce83fb67382ceace3756c8b13c0a95c98
Certificate serial: 01857270F4B9177E371B927183AF57E66F21
Authority key identifier: 47:32:D0:FC:E8:3F:B6:73:82:CE:AC:E3:75:6C:8B:13:C0:A9:5C:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/Gn3JY42NRJkOuE1nwlSrjbVQYgc.roa
Signing time: Mon 02 Jan 2023 12:24:43 +0000
ROA not before: Mon 02 Jan 2023 12:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213193
IP address blocks: 88.218.157.0/24 maxlen: 24
88.218.158.0/24 maxlen: 24
88.218.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f4:b9:17:7e:37:1b:92:71:83:af:57:e6:6f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4732d0fce83fb67382ceace3756c8b13c0a95c98
Validity
Not Before: Jan 2 12:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1a7dc9638d8d44990eb84d67c254ab8db5506207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:90:cc:ba:17:fc:f4:c2:52:2d:dd:12:f5:a2:
3d:ae:c7:99:f9:55:78:e5:75:ee:b6:68:a9:1a:a9:
1d:59:c8:1b:70:0b:4a:64:47:ea:9e:bd:22:3b:4b:
c4:9d:6c:e4:c6:12:22:2a:45:95:e3:ab:05:33:2e:
0c:35:f4:1d:32:da:8c:a0:b1:82:93:5f:51:70:5b:
27:63:43:20:1c:30:44:1e:da:b4:aa:ef:50:97:54:
e2:78:2e:31:82:ab:18:13:7b:7a:40:4a:62:8e:66:
58:6f:0a:56:ac:87:ee:ff:2f:03:2a:cf:7a:c4:a9:
69:81:b5:0e:e0:f7:a1:0d:25:8a:c8:c1:2c:28:33:
9d:f8:31:17:58:9e:1c:24:08:62:a0:51:4b:6e:ac:
31:fe:c0:62:3b:61:96:47:26:51:e2:de:49:58:25:
58:1c:0f:61:45:a8:8b:70:e2:d5:af:37:ff:a3:4b:
30:2f:1c:f7:b4:13:51:b2:5a:6b:2f:1d:4f:2f:35:
ef:b0:71:17:50:cc:e3:e9:02:85:39:d2:cf:4f:b0:
50:5c:a7:e9:ba:4e:b1:0a:d4:29:5f:f3:00:a0:77:
e3:a1:21:f8:d7:03:8b:fb:bc:53:c4:cf:06:04:3f:
b1:5b:4f:37:f3:d9:75:7b:31:5b:38:bc:2c:3d:99:
db:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:7D:C9:63:8D:8D:44:99:0E:B8:4D:67:C2:54:AB:8D:B5:50:62:07
X509v3 Authority Key Identifier:
keyid:47:32:D0:FC:E8:3F:B6:73:82:CE:AC:E3:75:6C:8B:13:C0:A9:5C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/Gn3JY42NRJkOuE1nwlSrjbVQYgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/dcacd2-d780-46f7-a5b6-79cc7a14bf9a/1/RzLQ_Og_tnOCzqzjdWyLE8CpXJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.156.0-88.218.158.255
Signature Algorithm: sha256WithRSAEncryption
94:c5:3a:a0:dd:b4:f4:62:c9:40:f1:b0:aa:e0:f8:87:1a:ca:
21:7c:8b:72:09:71:be:93:42:a7:b4:aa:65:d4:27:94:80:ec:
a4:3b:c9:ef:b5:72:1e:db:a9:a9:d7:e0:8b:60:d8:63:4d:84:
fa:79:cd:dd:45:59:35:5c:c3:10:27:b8:ba:4d:cf:8e:da:64:
05:30:ac:4e:3d:ae:64:e8:5b:d6:b7:fe:8e:30:54:c4:f1:04:
8a:b5:88:33:95:4c:bf:5a:56:e1:5d:54:7b:03:9a:15:8a:ac:
63:0c:74:cf:ca:cf:2d:e4:56:b7:30:5e:49:84:d3:42:42:55:
83:88:d0:91:f2:f1:6c:75:d7:94:8d:fa:3a:29:56:a8:72:f5:
de:1b:18:a3:80:79:e1:c9:a3:13:96:ea:8b:d6:13:55:3a:c5:
65:91:98:0b:1a:0d:d7:4e:c5:c8:b2:23:e2:30:d1:32:d3:92:
99:f9:59:fb:af:fb:4a:a4:0d:7a:42:ca:46:cd:95:15:5d:ad:
b9:2a:d5:1f:29:fe:e1:3c:79:7a:f2:50:34:c6:f9:22:2a:89:
5b:33:2d:c2:4a:55:29:ab:c2:38:7c:0a:e4:72:17:b4:15:fb:
fe:47:4a:b1:24:f5:5a:a0:ea:5c:bc:e2:bf:57:ae:9c:a9:fa:
76:0b:76:21
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVycPS5F343G5Jxg69X5m8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MzJkMGZjZTgzZmI2NzM4MmNlYWNlMzc1NmM4YjEzYzBh
OTVjOTgwHhcNMjMwMTAyMTIyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTdkYzk2MzhkOGQ0NDk5MGViODRkNjdjMjU0YWI4ZGI1NTA2MjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkJDMuhf89MJSLd0S9aI9rseZ+VV4
5XXutmipGqkdWcgbcAtKZEfqnr0iO0vEnWzkxhIiKkWV46sFMy4MNfQdMtqMoLGC
k19RcFsnY0MgHDBEHtq0qu9Ql1TieC4xgqsYE3t6QEpijmZYbwpWrIfu/y8DKs96
xKlpgbUO4PehDSWKyMEsKDOd+DEXWJ4cJAhioFFLbqwx/sBiO2GWRyZR4t5JWCVY
HA9hRaiLcOLVrzf/o0swLxz3tBNRslprLx1PLzXvsHEXUMzj6QKFOdLPT7BQXKfp
uk6xCtQpX/MAoHfjoSH41wOL+7xTxM8GBD+xW08389l1ezFbOLwsPZnbAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBp9yWONjUSZDrhNZ8JUq421UGIHMB8GA1UdIwQY
MBaAFEcy0PzoP7Zzgs6s43VsixPAqVyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnpMUV9PZ190bk9DenF6amRXeUxFOENwWEpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kY2FjZDItZDc4MC00NmY3LWE1YjYt
NzljYzdhMTRiZjlhLzEvR24zSlk0Mk5SSmtPdUUxbndsU3JqYlZRWWdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kY2FjZDItZDc4MC00NmY3LWE1YjYtNzljYzdhMTRiZjlh
LzEvUnpMUV9PZ190bk9DenF6amRXeUxFOENwWEpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJY2pwD
BABY2p4wDQYJKoZIhvcNAQELBQADggEBAJTFOqDdtPRiyUDxsKrg+IcayiF8i3IJ
cb6TQqe0qmXUJ5SA7KQ7ye+1ch7bqanX4Itg2GNNhPp5zd1FWTVcwxAnuLpNz47a
ZAUwrE49rmToW9a3/o4wVMTxBIq1iDOVTL9aVuFdVHsDmhWKrGMMdM/Kzy3kVrcw
XkmE00JCVYOI0JHy8Wx115SN+jopVqhy9d4bGKOAeeHJoxOW6ovWE1U6xWWRmAsa
DddOxciyI+Iw0TLTkpn5Wfuv+0qkDXpCykbNlRVdrbkq1R8p/uE8eXryUDTG+SIq
iVszLcJKVSmrwjh8CuRyF7QV+/5HSrEk9Vqg6ly84r9Xrpyp+nYLdiE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:25 2025 by rpki-client