Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/fepmqJXr734Lxsbj5r-EA7gxQNk.roa
File: fepmqJXr734Lxsbj5r-EA7gxQNk.roa (raw, json)
Hash identifier: VFUsYyM5ZgT0h1ZZA5bkjprBgz+loHulCnPXRHEJyGs=
Subject key identifier: 7D:EA:66:A8:95:EB:EF:7E:0B:C6:C6:E3:E6:BF:84:03:B8:31:40:D9
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 0188F9A7171AC9BEAACE4C656F9585A0D2BE
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/fepmqJXr734Lxsbj5r-EA7gxQNk.roa
Signing time: Mon 26 Jun 2023 21:40:57 +0000
ROA not before: Mon 26 Jun 2023 21:40:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59711
IP address blocks: 88.218.206.0/24 maxlen: 24
2a09:b280:fe00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f9:a7:17:1a:c9:be:aa:ce:4c:65:6f:95:85:a0:d2:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jun 26 21:40:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7dea66a895ebef7e0bc6c6e3e6bf8403b83140d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:20:7d:9d:49:a7:a0:c8:cb:f1:39:d2:ba:db:
15:38:80:d5:ad:16:e1:1e:be:41:5c:14:8f:33:ad:
d5:3e:83:bd:a0:99:24:32:b4:e4:d0:08:3f:04:0b:
2b:bf:8a:37:d3:82:9b:e1:31:d7:cc:ce:9e:8d:a7:
cd:58:91:83:28:25:6a:2e:fb:44:a4:40:ee:58:d3:
6e:da:54:7e:98:12:a2:d1:cf:6c:2b:69:3a:8f:89:
0a:ae:1b:e2:5e:4a:e9:e2:6a:3a:63:fb:cf:cc:26:
c7:c7:02:62:cf:eb:eb:15:dc:bc:99:ba:a3:2f:12:
27:31:ab:5c:1c:65:cc:8b:d8:2b:cb:7f:54:ba:a0:
80:cd:22:12:fd:b2:20:e8:70:50:38:de:3d:ce:23:
0c:fc:be:22:57:f0:8c:79:7b:07:73:64:02:f5:38:
bb:35:8c:5e:aa:26:1a:fc:d8:23:89:cf:b2:6d:5e:
c9:fe:f7:81:ac:f3:91:a9:e7:cf:0b:2c:2b:67:8d:
a9:51:7e:92:1e:c3:2c:39:6b:c8:02:f5:ba:5e:4f:
70:f5:72:4c:3c:c1:de:54:b2:5d:b6:2a:d3:15:b3:
51:d2:9e:9e:52:71:ba:aa:17:73:08:6f:87:89:07:
bf:23:ee:1f:62:4a:c9:90:b2:e4:d3:bf:f8:14:62:
03:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:EA:66:A8:95:EB:EF:7E:0B:C6:C6:E3:E6:BF:84:03:B8:31:40:D9
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/fepmqJXr734Lxsbj5r-EA7gxQNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.206.0/24
IPv6:
2a09:b280:fe00::/48
Signature Algorithm: sha256WithRSAEncryption
69:1d:c9:28:bb:05:7a:2c:0b:a1:0f:5f:95:b0:7f:90:b7:cd:
8d:3c:ff:8b:8f:c1:d8:8a:10:db:61:30:86:c6:7b:a4:23:91:
5e:30:d5:24:58:5a:0b:7a:75:92:a0:68:d7:dd:b4:21:18:13:
d7:5e:13:69:7b:60:c2:48:02:cf:08:1a:72:63:b8:68:a8:dd:
ad:d0:eb:cb:c0:6f:3c:89:15:1e:58:9f:37:ac:c7:4a:9c:01:
b7:9c:85:b7:0c:39:80:c6:54:15:d6:58:aa:c4:46:59:0d:49:
cf:b8:c1:db:6b:88:22:4e:4f:7b:40:be:be:d5:d0:26:0d:3e:
d4:dd:90:17:42:4a:d5:6c:ba:23:66:aa:90:1e:6e:66:12:48:
35:66:ae:81:44:4a:65:fa:05:c6:1d:56:c8:05:be:c8:50:b3:
0d:16:5d:1b:ac:bc:e1:77:be:bd:3c:bd:6c:f6:60:51:12:27:
19:51:29:6d:4e:46:09:2f:fb:6b:9a:7a:1b:e3:77:1a:b7:e7:
51:0c:b9:d6:c9:a2:31:90:f2:fa:39:6f:8e:0c:9d:68:c2:a6:
ab:a1:9f:fa:4a:5d:66:01:27:e2:09:32:86:d9:2c:bf:87:51:
d3:9d:cc:9a:ad:f7:a3:e6:c5:27:83:3e:6e:45:1c:1f:d8:df:
4b:0a:ca:8a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYj5pxcayb6qzkxlb5WFoNK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNTA4ZmI3ODFjYTZkYmQ4MjIxZjJjMmY5NTRhM2E3NDQ2
YjJiNDIwHhcNMjMwNjI2MjE0MDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGVhNjZhODk1ZWJlZjdlMGJjNmM2ZTNlNmJmODQwM2I4MzE0MGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCB9nUmnoMjL8TnSutsVOIDVrRbh
Hr5BXBSPM63VPoO9oJkkMrTk0Ag/BAsrv4o304Kb4THXzM6ejafNWJGDKCVqLvtE
pEDuWNNu2lR+mBKi0c9sK2k6j4kKrhviXkrp4mo6Y/vPzCbHxwJiz+vrFdy8mbqj
LxInMatcHGXMi9gry39UuqCAzSIS/bIg6HBQON49ziMM/L4iV/CMeXsHc2QC9Ti7
NYxeqiYa/Ngjic+ybV7J/veBrPORqefPCywrZ42pUX6SHsMsOWvIAvW6Xk9w9XJM
PMHeVLJdtirTFbNR0p6eUnG6qhdzCG+HiQe/I+4fYkrJkLLk07/4FGIDmQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFH3qZqiV6+9+C8bG4+a/hAO4MUDZMB8GA1UdIwQY
MBaAFDJQj7eBym29giHywvlUo6dEaytCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDkt
YzEyMjE4NzY1MTU0LzEvZmVwbXFKWHI3MzRMeHNiajVyLUVBN2d4UU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82YzIwM2QtNjIyMS00NjBhLWFmNDktYzEyMjE4NzY1MTU0
LzEvTWxDUHQ0SEtiYjJDSWZMQy1WU2pwMFJySzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWNrOMA8E
AgACMAkDBwAqCbKA/gAwDQYJKoZIhvcNAQELBQADggEBAGkdySi7BXosC6EPX5Ww
f5C3zY08/4uPwdiKENthMIbGe6QjkV4w1SRYWgt6dZKgaNfdtCEYE9deE2l7YMJI
As8IGnJjuGio3a3Q68vAbzyJFR5Ynzesx0qcAbechbcMOYDGVBXWWKrERlkNSc+4
wdtriCJOT3tAvr7V0CYNPtTdkBdCStVsuiNmqpAebmYSSDVmroFESmX6BcYdVsgF
vshQsw0WXRusvOF3vr08vWz2YFESJxlRKW1ORgkv+2uaehvjdxq351EMudbJojGQ
8vo5b44MnWjCpquhn/pKXWYBJ+IJMobZLL+HUdOdzJqt96PmxSeDPm5FHB/Y30sK
yoo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:06 2025 by rpki-client