Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/IjnF6BZGWvD0lYGPjX66GmWtLRQ.roa
File: IjnF6BZGWvD0lYGPjX66GmWtLRQ.roa (raw, json)
Hash identifier: Lxi/Xz8iRkqXZFX4vHiKWl0J7zPLcA9DLRMvwNqFz+I=
Subject key identifier: 22:39:C5:E8:16:46:5A:F0:F4:95:81:8F:8D:7E:BA:1A:65:AD:2D:14
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018BD84104F30F02346BDD97A1963C5215E6
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/IjnF6BZGWvD0lYGPjX66GmWtLRQ.roa
Signing time: Thu 16 Nov 2023 13:10:21 +0000
ROA not before: Thu 16 Nov 2023 13:10:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202561
IP address blocks: 188.125.161.0/24 maxlen: 24
188.125.167.0/24 maxlen: 24
188.125.169.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d8:41:04:f3:0f:02:34:6b:dd:97:a1:96:3c:52:15:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Nov 16 13:10:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2239c5e816465af0f495818f8d7eba1a65ad2d14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:b0:3d:fb:88:15:b8:64:99:e3:0e:0a:3d:2c:
da:fe:fc:ec:83:ce:be:e2:66:13:ba:f2:f0:fb:7a:
07:20:00:9a:f8:80:36:80:63:27:30:65:90:4a:6a:
68:18:54:f3:a4:5d:66:5b:52:49:32:0d:f5:19:0f:
a8:15:6e:aa:11:a7:bd:1a:b8:07:e2:ef:91:8d:8c:
7c:7c:e6:40:d7:74:75:7c:59:f5:eb:6a:d8:37:5a:
85:ac:33:11:87:3b:20:b4:5b:59:26:b2:3c:eb:2e:
23:0a:8c:3e:c5:94:6a:49:b8:b8:02:1a:64:60:d1:
f1:55:d1:d3:66:79:57:7c:de:d5:87:fe:ed:21:0f:
f3:49:c1:ea:11:61:17:b5:3b:7a:4e:7b:3e:cb:ea:
ca:c9:13:a2:4c:7e:da:8b:1b:81:92:1c:d9:f2:58:
1e:bc:60:3c:11:9e:78:e9:09:02:0c:c0:79:3e:d7:
bb:d6:f3:b5:be:1b:d9:81:84:22:c6:db:bd:d3:69:
21:46:a0:30:c6:b3:3d:03:13:0c:df:fd:5f:b9:3a:
7b:e1:da:82:bb:89:1c:16:18:7b:4b:86:f9:e6:ea:
02:58:7a:0a:14:b2:be:1a:09:27:69:3b:6e:8e:03:
45:c3:a2:f0:fe:5e:cb:9c:2b:86:62:19:57:09:82:
7f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:39:C5:E8:16:46:5A:F0:F4:95:81:8F:8D:7E:BA:1A:65:AD:2D:14
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/IjnF6BZGWvD0lYGPjX66GmWtLRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.161.0/24
188.125.167.0/24
188.125.169.0/24
Signature Algorithm: sha256WithRSAEncryption
24:25:a4:7d:03:41:83:03:40:a5:5b:36:48:04:4f:9c:17:41:
0a:bd:60:b3:88:97:86:7a:4b:cf:11:88:5b:80:c6:eb:64:5a:
20:5c:c2:ec:93:b2:1a:80:5b:32:f1:94:ea:9e:fe:c4:1e:c6:
5e:60:2e:cb:0b:53:27:09:ff:8f:17:f4:2a:07:fd:9c:11:21:
56:2c:17:ed:1f:4b:46:03:8a:c5:e6:69:15:62:64:32:fe:ca:
42:3f:20:8d:0c:4e:be:39:58:b0:06:1d:65:8c:94:31:ae:04:
00:d8:bf:01:3d:dc:e3:a7:c6:7f:77:9a:e1:2d:e8:bf:f2:56:
7b:73:52:85:31:5e:c4:04:18:9c:4b:b0:52:61:d0:d7:0f:07:
da:f1:f2:01:70:9f:c0:48:b2:ac:7c:7d:02:a6:2e:1a:5a:3b:
6d:70:c0:42:9b:b7:e3:b5:c1:9b:62:fb:4f:45:a6:02:d1:2e:
01:d6:c8:cf:85:fb:3f:a5:93:f3:91:4e:af:69:a1:54:66:94:
55:f3:95:68:e4:e8:6e:95:35:e4:77:39:fd:af:06:c1:5f:fe:
79:5f:eb:84:e2:43:4f:74:6f:d1:40:2c:b8:d8:e9:e8:e2:e2:
ed:e2:31:ab:d2:4e:d8:45:f3:99:9e:ee:7e:d7:4b:1a:d7:a7:
f0:ae:8e:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvYQQTzDwI0a92XoZY8UhXmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjMxMTE2MTMxMDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM5YzVlODE2NDY1YWYwZjQ5NTgxOGY4ZDdlYmExYTY1YWQyZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiLA9+4gVuGSZ4w4KPSza/vzsg86+
4mYTuvLw+3oHIACa+IA2gGMnMGWQSmpoGFTzpF1mW1JJMg31GQ+oFW6qEae9GrgH
4u+RjYx8fOZA13R1fFn162rYN1qFrDMRhzsgtFtZJrI86y4jCow+xZRqSbi4Ahpk
YNHxVdHTZnlXfN7Vh/7tIQ/zScHqEWEXtTt6Tns+y+rKyROiTH7aixuBkhzZ8lge
vGA8EZ546QkCDMB5Pte71vO1vhvZgYQixtu902khRqAwxrM9AxMM3/1fuTp74dqC
u4kcFhh7S4b55uoCWHoKFLK+GgknaTtujgNFw6Lw/l7LnCuGYhlXCYJ/2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCI5xegWRlrw9JWBj41+uhplrS0UMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvSWpuRjZCWkdXdkQwbFlHUGpYNjZHbVd0TFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAvH2hAwQA
vH2nAwQAvH2pMA0GCSqGSIb3DQEBCwUAA4IBAQAkJaR9A0GDA0ClWzZIBE+cF0EK
vWCziJeGekvPEYhbgMbrZFogXMLsk7IagFsy8ZTqnv7EHsZeYC7LC1MnCf+PF/Qq
B/2cESFWLBftH0tGA4rF5mkVYmQy/spCPyCNDE6+OViwBh1ljJQxrgQA2L8BPdzj
p8Z/d5rhLei/8lZ7c1KFMV7EBBicS7BSYdDXDwfa8fIBcJ/ASLKsfH0Cpi4aWjtt
cMBCm7fjtcGbYvtPRaYC0S4B1sjPhfs/pZPzkU6vaaFUZpRV85Vo5OhulTXkdzn9
rwbBX/55X+uE4kNPdG/RQCy42Ono4uLt4jGr0k7YRfOZnu5+10sa16fwro4/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:11 2025 by rpki-client