Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/oqGkVEexNXm-lyEcDzVuCpnSzE8.roa
File: oqGkVEexNXm-lyEcDzVuCpnSzE8.roa (raw, json)
Hash identifier: v1MF7IOkdOBzN8OiACir2tbl+ZOKbTph+3TxhS8vgj0=
Subject key identifier: A2:A1:A4:54:47:B1:35:79:BE:97:21:1C:0F:35:6E:0A:99:D2:CC:4F
Certificate issuer: /CN=9944f812a0e002c38e84e47628bdba038598090b
Certificate serial: 01856DCB07A5DDA3B2AF1966659111DCC853
Authority key identifier: 99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/oqGkVEexNXm-lyEcDzVuCpnSzE8.roa
Signing time: Sun 01 Jan 2023 14:45:00 +0000
ROA not before: Sun 01 Jan 2023 14:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212652
IP address blocks: 88.213.208.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:cb:07:a5:dd:a3:b2:af:19:66:65:91:11:dc:c8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9944f812a0e002c38e84e47628bdba038598090b
Validity
Not Before: Jan 1 14:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a2a1a45447b13579be97211c0f356e0a99d2cc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ff:9a:32:59:73:a7:8c:a9:da:1f:a3:99:2b:
4d:76:f5:d4:0d:53:30:55:a3:e7:00:e8:8d:43:5b:
cf:02:09:6c:27:9a:32:b3:02:f9:a6:1a:76:47:b2:
af:c7:f9:16:d6:59:23:11:46:fc:75:b1:84:f3:7a:
06:5b:e1:d3:92:b3:7b:5e:9c:3c:99:c9:e5:c2:b9:
37:93:3f:a6:3b:23:22:e4:eb:8e:50:5f:d6:9f:46:
2d:17:15:11:21:ea:47:2b:cf:5f:61:38:d0:36:d6:
a1:02:a4:2d:83:b8:2e:1a:9d:5f:7c:84:c6:a8:a0:
8f:f8:a4:39:62:66:37:0e:cd:51:11:80:90:f5:9a:
b5:64:da:7b:34:8f:3b:c7:6a:15:cc:a6:57:86:28:
93:f9:f9:1d:c9:30:a2:87:f8:9b:47:72:93:39:e3:
e8:f3:50:79:27:b5:fd:4a:34:a7:c0:2f:cc:16:ee:
09:e1:47:ba:48:e7:a8:c3:92:42:95:3e:25:89:09:
63:b9:23:53:3f:67:15:40:9d:af:45:37:fd:5c:49:
da:75:7a:4e:9e:ef:42:24:a0:89:da:79:22:e0:64:
8c:e7:54:a6:d2:05:f4:21:38:a3:29:1d:e9:f8:ea:
1b:19:3b:38:53:0d:13:a7:74:e4:70:84:bc:46:0a:
e6:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A1:A4:54:47:B1:35:79:BE:97:21:1C:0F:35:6E:0A:99:D2:CC:4F
X509v3 Authority Key Identifier:
keyid:99:44:F8:12:A0:E0:02:C3:8E:84:E4:76:28:BD:BA:03:85:98:09:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mUT4EqDgAsOOhOR2KL26A4WYCQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/oqGkVEexNXm-lyEcDzVuCpnSzE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3c6cb5-a72c-4701-ae6c-306c5651343e/1/mUT4EqDgAsOOhOR2KL26A4WYCQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.213.208.0/23
Signature Algorithm: sha256WithRSAEncryption
48:a6:81:6e:87:50:c0:90:53:74:73:1a:21:c5:f3:bd:24:f3:
20:0c:c0:d9:96:21:94:6f:2f:c5:81:9f:76:15:73:a8:bc:21:
de:e9:69:ca:80:34:33:87:e5:0d:32:ef:f2:05:76:0f:9e:04:
b4:de:79:fa:d1:06:73:ee:a9:09:94:c6:61:4f:2a:61:83:49:
54:66:1a:5f:4a:75:2d:51:52:dd:85:37:62:bd:a8:d3:d4:52:
5b:76:59:25:d0:a6:b2:13:eb:55:36:ef:be:19:70:a1:b1:00:
34:db:37:53:11:96:7c:8f:63:e4:cf:74:32:e8:58:23:28:09:
dd:01:71:ba:23:ce:a3:e1:49:bb:89:8f:be:55:09:f2:83:8e:
68:52:b1:66:5f:a3:01:7f:1f:51:63:0a:04:58:cd:90:d1:3b:
f1:7b:42:a3:2c:6d:f7:5a:ac:f6:20:ae:f9:99:2f:f9:f9:6b:
3c:3d:36:c4:fa:b2:c8:b0:bc:84:cd:81:4c:40:6a:e8:ae:82:
bc:13:96:46:3a:0d:94:0f:1d:89:28:0c:f0:00:8e:87:c5:58:
5b:5c:f3:93:7d:71:1c:77:fd:bc:4a:75:b3:e2:b8:7b:85:d0:
92:ca:ac:1d:be:bf:e3:6a:07:72:ce:8d:89:57:ab:47:53:cb:
71:d6:8a:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtywel3aOyrxlmZZER3MhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NDRmODEyYTBlMDAyYzM4ZTg0ZTQ3NjI4YmRiYTAzODU5
ODA5MGIwHhcNMjMwMTAxMTQ0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmExYTQ1NDQ3YjEzNTc5YmU5NzIxMWMwZjM1NmUwYTk5ZDJjYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiP+aMllzp4yp2h+jmStNdvXUDVMw
VaPnAOiNQ1vPAglsJ5oyswL5php2R7Kvx/kW1lkjEUb8dbGE83oGW+HTkrN7Xpw8
mcnlwrk3kz+mOyMi5OuOUF/Wn0YtFxURIepHK89fYTjQNtahAqQtg7guGp1ffITG
qKCP+KQ5YmY3Ds1REYCQ9Zq1ZNp7NI87x2oVzKZXhiiT+fkdyTCih/ibR3KTOePo
81B5J7X9SjSnwC/MFu4J4Ue6SOeow5JClT4liQljuSNTP2cVQJ2vRTf9XEnadXpO
nu9CJKCJ2nki4GSM51Sm0gX0ITijKR3p+OobGTs4Uw0Tp3TkcIS8RgrmPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKhpFRHsTV5vpchHA81bgqZ0sxPMB8GA1UdIwQY
MBaAFJlE+BKg4ALDjoTkdii9ugOFmAkLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMt
MzA2YzU2NTEzNDNlLzEvb3FHa1ZFZXhOWG0tbHlFY0R6VnVDcG5TekU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zYzZjYjUtYTcyYy00NzAxLWFlNmMtMzA2YzU2NTEzNDNl
LzEvbVVUNEVxRGdBc09PaE9SMktMMjZBNFdZQ1FzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWNXQMA0G
CSqGSIb3DQEBCwUAA4IBAQBIpoFuh1DAkFN0cxohxfO9JPMgDMDZliGUby/FgZ92
FXOovCHe6WnKgDQzh+UNMu/yBXYPngS03nn60QZz7qkJlMZhTyphg0lUZhpfSnUt
UVLdhTdivajT1FJbdlkl0KayE+tVNu++GXChsQA02zdTEZZ8j2Pkz3Qy6FgjKAnd
AXG6I86j4Um7iY++VQnyg45oUrFmX6MBfx9RYwoEWM2Q0Tvxe0KjLG33Wqz2IK75
mS/5+Ws8PTbE+rLIsLyEzYFMQGroroK8E5ZGOg2UDx2JKAzwAI6HxVhbXPOTfXEc
d/28SnWz4rh7hdCSyqwdvr/jagdyzo2JV6tHU8tx1ork
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:33 2025 by rpki-client