Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/3wGOZPrAfa4YB7gzBqf0tE8wwqc.roa
File: 3wGOZPrAfa4YB7gzBqf0tE8wwqc.roa (raw, json)
Hash identifier: EWg1a1IzcBk2z0z9/ZhLBw71DWTcfy3zFDZLApoNz4c=
Subject key identifier: DF:01:8E:64:FA:C0:7D:AE:18:07:B8:33:06:A7:F4:B4:4F:30:C2:A7
Certificate issuer: /CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Certificate serial: 018246F205A1E7132A16A3E575FF927C1155
Authority key identifier: 1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/3wGOZPrAfa4YB7gzBqf0tE8wwqc.roa
Signing time: Thu 28 Jul 2022 22:34:02 +0000
ROA not before: Thu 28 Jul 2022 22:34:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200706
IP address blocks: 185.88.16.0/24 maxlen: 24
185.88.17.0/24 maxlen: 24
185.88.16.0/22 maxlen: 22
185.88.19.0/24 maxlen: 24
185.88.18.0/24 maxlen: 24
185.88.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:46:f2:05:a1:e7:13:2a:16:a3:e5:75:ff:92:7c:11:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Validity
Not Before: Jul 28 22:34:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df018e64fac07dae1807b83306a7f4b44f30c2a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:dd:e9:46:ef:45:72:f4:40:3a:47:41:02:3d:
65:87:98:5f:33:83:70:8d:dd:c8:79:64:56:e2:cf:
7c:fc:4a:01:6e:36:44:88:eb:ea:a4:ac:56:35:fb:
06:d7:d0:44:0b:0b:5d:47:23:ce:8a:af:0d:3f:ba:
f7:f1:2a:3b:4f:72:d1:91:67:d7:a3:2d:b6:f4:2f:
39:99:31:0f:d7:17:95:71:ee:75:0c:69:94:09:3d:
41:93:6e:ff:37:b2:22:59:aa:f6:cf:91:74:dc:68:
bd:d0:a2:de:fb:35:1f:ef:59:ae:b0:db:1d:4c:20:
7a:08:0c:1b:dc:d5:b0:4b:ef:4a:bb:31:d6:1f:13:
b4:84:7e:62:c2:34:69:2c:3a:46:c3:26:66:b9:5c:
76:ac:61:91:a1:80:3c:f8:ad:56:25:2e:ba:1e:37:
5b:d5:e7:fe:07:ec:52:ee:f3:32:1c:31:2f:1f:72:
96:e6:0b:0b:c1:de:90:95:97:d2:6d:1f:7a:99:f0:
47:61:44:0c:59:ff:a1:2d:31:82:6e:20:3a:f4:48:
e0:2c:23:5a:a1:79:93:81:94:7d:e6:9a:ac:23:0b:
0f:e6:51:ba:13:3f:74:9f:08:51:09:34:b7:e4:b9:
c8:c7:b0:a9:4c:fd:e7:3c:1d:6f:92:b2:2e:c8:0a:
6d:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:01:8E:64:FA:C0:7D:AE:18:07:B8:33:06:A7:F4:B4:4F:30:C2:A7
X509v3 Authority Key Identifier:
keyid:1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/3wGOZPrAfa4YB7gzBqf0tE8wwqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.16.0/22
Signature Algorithm: sha256WithRSAEncryption
59:15:87:63:e0:dd:c4:76:e6:15:29:ae:66:13:73:7f:83:83:
ec:33:08:4c:69:49:b6:f4:8f:c5:f5:c3:6b:ef:08:43:d4:6a:
da:5c:85:74:1e:51:fe:a3:53:d4:d0:2a:ba:af:24:88:05:88:
6f:d2:a7:8e:3c:41:cb:fc:6b:64:8b:28:19:d1:33:ec:00:7b:
37:4e:7b:ce:71:ba:ca:f5:bf:d0:d0:e5:60:0e:1e:1f:df:71:
d3:1f:a2:96:8c:04:c2:56:81:a6:8d:dc:75:03:94:4c:db:e6:
9e:e9:7e:33:e6:a5:80:68:82:8f:16:a1:b3:f4:64:09:e1:b8:
45:8b:b8:3c:59:39:5c:19:9a:1c:81:fd:e7:b7:33:de:85:a1:
4b:64:4c:66:40:d1:ef:e9:70:6c:42:61:d1:81:55:bf:b2:5a:
a1:9e:22:e7:b4:3d:5b:a8:d4:1c:24:dd:be:13:b9:29:a1:a8:
d7:74:19:36:b7:00:c1:57:f8:85:62:60:e3:cc:84:1d:dd:53:
80:dd:40:de:1e:41:f6:d7:4c:33:5c:45:2a:d0:22:22:5d:69:
6e:5b:df:88:58:53:8b:27:76:f0:9b:27:ee:b4:0c:cc:24:67:
02:90:9b:f3:a3:48:27:83:8f:ea:48:cb:82:a9:03:5d:d3:35:
40:39:ba:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJG8gWh5xMqFqPldf+SfBFVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmI2YjZhNTA2MWE0MTE1ZDUzMDQwY2ZmZGM2NGIzYjBk
NzFhNzgwHhcNMjIwNzI4MjIzNDAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjAxOGU2NGZhYzA3ZGFlMTgwN2I4MzMwNmE3ZjRiNDRmMzBjMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApt3pRu9FcvRAOkdBAj1lh5hfM4Nw
jd3IeWRW4s98/EoBbjZEiOvqpKxWNfsG19BECwtdRyPOiq8NP7r38So7T3LRkWfX
oy229C85mTEP1xeVce51DGmUCT1Bk27/N7IiWar2z5F03Gi90KLe+zUf71musNsd
TCB6CAwb3NWwS+9KuzHWHxO0hH5iwjRpLDpGwyZmuVx2rGGRoYA8+K1WJS66Hjdb
1ef+B+xS7vMyHDEvH3KW5gsLwd6QlZfSbR96mfBHYUQMWf+hLTGCbiA69EjgLCNa
oXmTgZR95pqsIwsP5lG6Ez90nwhRCTS35LnIx7CpTP3nPB1vkrIuyAptlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN8BjmT6wH2uGAe4Mwan9LRPMMKnMB8GA1UdIwQY
MBaAFB1ra2pQYaQRXVMEDP/cZLOw1xp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTkt
YmZhZmQ2MjJlODlmLzEvM3dHT1pQckFmYTRZQjdnekJxZjB0RTh3d3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTktYmZhZmQ2MjJlODlm
LzEvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBZFYdj4N3EduYVKa5mE3N/g4PsMwhMaUm29I/F9cNr
7whD1GraXIV0HlH+o1PU0Cq6rySIBYhv0qeOPEHL/GtkiygZ0TPsAHs3TnvOcbrK
9b/Q0OVgDh4f33HTH6KWjATCVoGmjdx1A5RM2+ae6X4z5qWAaIKPFqGz9GQJ4bhF
i7g8WTlcGZocgf3ntzPehaFLZExmQNHv6XBsQmHRgVW/slqhniLntD1bqNQcJN2+
E7kpoajXdBk2twDBV/iFYmDjzIQd3VOA3UDeHkH210wzXEUq0CIiXWluW9+IWFOL
J3bwmyfutAzMJGcCkJvzo0gng4/qSMuCqQNd0zVAObq6
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:19:14 2025 by rpki-client