Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z8UAv6tHm99_wUFWaDdeqKSetaM.roa
File: z8UAv6tHm99_wUFWaDdeqKSetaM.roa (raw, json)
Hash identifier: 8JBqq6slwB1wKv3izddSFRx9Q1rnPcLiRvpjskfFRw0=
Subject key identifier: CF:C5:00:BF:AB:47:9B:DF:7F:C1:41:56:68:37:5E:A8:A4:9E:B5:A3
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41DF7EFDFC78BD136D717549056957
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z8UAv6tHm99_wUFWaDdeqKSetaM.roa
Signing time: Sun 01 Jan 2023 16:54:48 +0000
ROA not before: Sun 01 Jan 2023 16:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50667
IP address blocks: 188.214.156.0/24 maxlen: 24
185.99.89.0/24 maxlen: 24
185.99.88.0/24 maxlen: 24
188.240.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:df:7e:fd:fc:78:bd:13:6d:71:75:49:05:69:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfc500bfab479bdf7fc1415668375ea8a49eb5a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ae:8d:8a:c4:4f:de:32:da:d8:20:1f:19:12:
00:32:3f:f0:74:35:30:a5:70:ae:74:7c:e5:03:02:
a3:fa:d6:1e:ce:97:4d:9b:d2:8f:72:25:80:5e:0a:
76:be:a5:8b:07:62:e1:19:0e:47:7d:9e:e8:6f:cd:
3b:cb:1a:00:80:dc:6f:58:80:77:7d:18:2c:91:31:
cd:9b:15:f9:0a:58:59:8c:38:34:60:75:cb:16:d6:
9f:05:03:7e:46:eb:83:88:7c:19:df:9e:0e:03:99:
6d:bd:b2:17:5a:c7:19:dd:1e:4e:16:15:03:18:cd:
d0:41:7d:b3:5c:e4:5b:0f:a2:ba:87:e2:df:cc:36:
21:bf:f7:b0:f4:4f:7e:38:d2:4f:80:18:e7:d0:23:
46:61:52:c8:36:5c:97:6e:02:f3:30:27:4b:4d:06:
03:0f:fd:42:86:d7:f2:6a:bd:a5:7c:be:30:c1:dc:
c4:43:ff:61:f4:b2:3e:87:79:61:65:00:22:3c:fb:
84:54:02:55:82:d8:64:fa:d7:86:8d:08:1f:b3:9a:
e0:67:c1:06:dd:c2:7e:4a:dc:ab:af:42:da:03:89:
5a:0d:b7:dd:3f:1d:89:ae:94:93:21:82:0a:91:a3:
6e:c7:73:c6:05:28:02:73:f8:f4:d0:b0:d4:6c:03:
8d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C5:00:BF:AB:47:9B:DF:7F:C1:41:56:68:37:5E:A8:A4:9E:B5:A3
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/z8UAv6tHm99_wUFWaDdeqKSetaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.88.0/23
188.214.156.0/24
188.240.12.0/24
Signature Algorithm: sha256WithRSAEncryption
89:9d:fd:a4:f2:a1:a6:e4:66:f5:ab:d3:e6:74:3c:5a:d6:5d:
ac:84:0d:0f:b9:35:6f:e1:a3:20:c6:14:66:20:d7:41:a1:f6:
45:1a:f0:0a:47:82:dd:18:5a:21:ca:a0:3e:35:62:5f:b2:9c:
af:6f:cd:18:49:0c:2f:45:67:d8:90:49:4b:5a:6f:9b:d9:39:
92:37:15:0d:c7:5a:73:0a:3e:b5:d0:07:45:56:7c:c0:8f:8a:
4e:b4:79:9a:ad:2d:d2:2e:9d:4b:aa:22:7f:9d:6b:d5:84:7c:
8b:96:88:da:24:cd:0d:b7:7d:86:17:f3:54:07:9c:8a:a8:2e:
51:d6:c5:e3:8f:96:08:9a:ba:dd:85:e9:88:78:be:a5:33:c5:
16:36:11:5c:73:ba:a5:30:55:f1:a2:a3:3a:fd:62:f6:e0:55:
78:54:0a:54:39:1e:86:63:be:63:b6:d1:f1:c2:5d:fa:47:0d:
b8:10:70:5a:32:04:65:93:29:1d:d4:ea:5b:1a:77:7e:80:02:
70:78:d0:1b:ea:04:c4:e9:06:3e:25:7c:94:dc:43:54:32:a0:
60:2b:a4:a0:f2:74:30:40:40:a0:40:7b:01:3f:c5:9b:a1:d4:
6b:50:20:da:c0:7b:84:fa:b6:57:70:c1:7d:c2:1b:64:36:14:
9f:45:97:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVuQd9+/fx4vRNtcXVJBWlXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmM1MDBiZmFiNDc5YmRmN2ZjMTQxNTY2ODM3NWVhOGE0OWViNWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmK6NisRP3jLa2CAfGRIAMj/wdDUw
pXCudHzlAwKj+tYezpdNm9KPciWAXgp2vqWLB2LhGQ5HfZ7ob807yxoAgNxvWIB3
fRgskTHNmxX5ClhZjDg0YHXLFtafBQN+RuuDiHwZ354OA5ltvbIXWscZ3R5OFhUD
GM3QQX2zXORbD6K6h+LfzDYhv/ew9E9+ONJPgBjn0CNGYVLINlyXbgLzMCdLTQYD
D/1Chtfyar2lfL4wwdzEQ/9h9LI+h3lhZQAiPPuEVAJVgthk+teGjQgfs5rgZ8EG
3cJ+Styrr0LaA4laDbfdPx2JrpSTIYIKkaNux3PGBSgCc/j00LDUbAONjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM/FAL+rR5vff8FBVmg3XqiknrWjMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvejhVQXY2dEhtOTlfd1VGV2FEZGVxS1NldGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuWNYAwQA
vNacAwQAvPAMMA0GCSqGSIb3DQEBCwUAA4IBAQCJnf2k8qGm5Gb1q9PmdDxa1l2s
hA0PuTVv4aMgxhRmINdBofZFGvAKR4LdGFohyqA+NWJfspyvb80YSQwvRWfYkElL
Wm+b2TmSNxUNx1pzCj610AdFVnzAj4pOtHmarS3SLp1LqiJ/nWvVhHyLlojaJM0N
t32GF/NUB5yKqC5R1sXjj5YImrrdhemIeL6lM8UWNhFcc7qlMFXxoqM6/WL24FV4
VApUOR6GY75jttHxwl36Rw24EHBaMgRlkykd1OpbGnd+gAJweNAb6gTE6QY+JXyU
3ENUMqBgK6Sg8nQwQECgQHsBP8WbodRrUCDawHuE+rZXcMF9whtkNhSfRZeu
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:44:16 2025 by rpki-client