Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/88HipgsjUwFcH0XbSZBVRf0_MW0.roa
File: 88HipgsjUwFcH0XbSZBVRf0_MW0.roa (raw, json)
Hash identifier: wrXnDHttZsduUpnX+R7A17W16pEVKVnTiWqU1FjsZ/k=
Subject key identifier: F3:C1:E2:A6:0B:23:53:01:5C:1F:45:DB:49:90:55:45:FD:3F:31:6D
Certificate issuer: /CN=a316c7659af1d56bc718faf614f092758f5edc7f
Certificate serial: 0183A3E747F1B36C7A9AFE8D379EA560E3CD
Authority key identifier: A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/88HipgsjUwFcH0XbSZBVRf0_MW0.roa
Signing time: Tue 04 Oct 2022 16:49:46 +0000
ROA not before: Tue 04 Oct 2022 16:49:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206998
IP address blocks: 185.221.85.0/24 maxlen: 24
185.221.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:e7:47:f1:b3:6c:7a:9a:fe:8d:37:9e:a5:60:e3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a316c7659af1d56bc718faf614f092758f5edc7f
Validity
Not Before: Oct 4 16:49:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3c1e2a60b2353015c1f45db49905545fd3f316d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:09:83:9a:2e:bb:c4:94:34:78:41:5a:b6:6e:
37:15:c6:dc:46:ad:a1:6d:81:dd:d2:58:04:d7:f2:
a7:ed:fa:b3:78:02:be:fb:01:57:ff:47:2b:65:9b:
98:ac:fb:e2:f3:5d:6e:5a:35:a0:15:a9:f2:ef:0d:
90:09:ae:77:05:8c:a1:4c:f4:70:9a:69:d0:e8:80:
54:89:db:c8:b5:32:73:e7:1b:a6:ea:0f:10:23:b0:
61:5c:86:ce:84:be:c6:d6:7d:c9:62:73:21:9d:7e:
0d:cb:c2:cb:29:db:d9:79:a1:6d:3d:4d:7a:e8:b2:
48:3a:a8:6e:a7:04:d3:a0:95:23:17:f6:53:0f:ea:
5e:1a:82:15:84:35:35:49:c6:e7:b5:93:cb:38:41:
48:94:e6:7f:71:de:46:f6:a6:0e:b8:f0:cc:33:99:
f6:d1:42:bc:d7:fd:02:c1:43:70:39:74:65:12:34:
62:d1:95:a9:24:99:13:7e:83:5d:be:25:7a:18:43:
f9:81:6a:3b:72:5c:d0:d1:00:4a:22:32:71:30:89:
c3:b3:ed:ac:7b:4f:50:05:86:c9:40:37:ab:77:c1:
76:1d:5b:1f:0e:47:d2:26:c3:78:37:7e:8e:67:dc:
9a:3a:94:8a:9a:15:22:12:17:5e:53:d5:c4:2c:b3:
b5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C1:E2:A6:0B:23:53:01:5C:1F:45:DB:49:90:55:45:FD:3F:31:6D
X509v3 Authority Key Identifier:
keyid:A3:16:C7:65:9A:F1:D5:6B:C7:18:FA:F6:14:F0:92:75:8F:5E:DC:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxbHZZrx1WvHGPr2FPCSdY9e3H8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/88HipgsjUwFcH0XbSZBVRf0_MW0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/30d4e8-e090-4bf2-8185-3687c818ede5/1/oxbHZZrx1WvHGPr2FPCSdY9e3H8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.85.0-185.221.86.255
Signature Algorithm: sha256WithRSAEncryption
25:21:cb:7f:52:f4:e6:f4:e1:1f:91:5a:96:e9:21:2a:2d:d9:
df:97:13:e2:60:ee:8e:46:7c:c8:3f:83:c6:89:30:0c:45:4e:
0d:35:a6:28:c8:ad:6a:a6:0a:79:44:d4:4a:96:ce:6c:1d:c6:
b0:0a:5d:3b:b0:ae:8c:fe:54:ee:21:35:b7:50:9c:72:6a:92:
ea:97:17:40:e4:38:ab:17:67:78:cb:73:ab:6d:48:56:c5:2b:
7d:e6:7e:2b:f9:82:c4:71:81:71:dc:5d:32:b6:5e:0a:32:0e:
b5:77:d4:97:c8:a1:65:2a:43:91:45:05:29:22:dd:29:5f:2f:
54:23:c5:35:a7:f3:88:bc:6f:ca:41:dd:56:86:bf:cb:dc:c3:
5b:73:b6:d3:c2:54:01:a0:30:54:09:98:5d:f7:ab:a7:84:c5:
62:1c:7e:ae:66:2a:4e:d0:00:38:72:ae:54:14:f2:8d:11:3b:
ea:1d:7c:92:1b:ba:fa:94:68:1d:c2:dc:6e:14:91:5e:9e:c6:
a6:2f:6b:ad:0c:48:cc:17:ce:d0:44:89:cc:87:c9:04:1b:98:
d7:ad:56:a9:5f:8f:b0:6e:73:51:b1:36:a8:eb:bf:a4:a3:5e:
55:8c:39:91:07:a4:59:af:24:4b:74:ff:1c:ef:9d:d4:20:6c:
e0:f8:79:93
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYOj50fxs2x6mv6NN56lYOPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTZjNzY1OWFmMWQ1NmJjNzE4ZmFmNjE0ZjA5Mjc1OGY1
ZWRjN2YwHhcNMjIxMDA0MTY0OTQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2MxZTJhNjBiMjM1MzAxNWMxZjQ1ZGI0OTkwNTU0NWZkM2YzMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigmDmi67xJQ0eEFatm43FcbcRq2h
bYHd0lgE1/Kn7fqzeAK++wFX/0crZZuYrPvi811uWjWgFany7w2QCa53BYyhTPRw
mmnQ6IBUidvItTJz5xum6g8QI7BhXIbOhL7G1n3JYnMhnX4Ny8LLKdvZeaFtPU16
6LJIOqhupwTToJUjF/ZTD+peGoIVhDU1ScbntZPLOEFIlOZ/cd5G9qYOuPDMM5n2
0UK81/0CwUNwOXRlEjRi0ZWpJJkTfoNdviV6GEP5gWo7clzQ0QBKIjJxMInDs+2s
e09QBYbJQDerd8F2HVsfDkfSJsN4N36OZ9yaOpSKmhUiEhdeU9XELLO1UwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFPPB4qYLI1MBXB9F20mQVUX9PzFtMB8GA1UdIwQY
MBaAFKMWx2Wa8dVrxxj69hTwknWPXtx/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUt
MzY4N2M4MThlZGU1LzEvODhIaXBnc2pVd0ZjSDBYYlNaQlZSZjBfTVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8zMGQ0ZTgtZTA5MC00YmYyLTgxODUtMzY4N2M4MThlZGU1
LzEvb3hiSFpacngxV3ZIR1ByMkZQQ1NkWTllM0g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC53VUD
BAC53VYwDQYJKoZIhvcNAQELBQADggEBACUhy39S9Ob04R+RWpbpISot2d+XE+Jg
7o5GfMg/g8aJMAxFTg01pijIrWqmCnlE1EqWzmwdxrAKXTuwroz+VO4hNbdQnHJq
kuqXF0DkOKsXZ3jLc6ttSFbFK33mfiv5gsRxgXHcXTK2XgoyDrV31JfIoWUqQ5FF
BSki3SlfL1QjxTWn84i8b8pB3VaGv8vcw1tzttPCVAGgMFQJmF33q6eExWIcfq5m
Kk7QADhyrlQU8o0RO+odfJIbuvqUaB3C3G4UkV6exqYva60MSMwXztBEicyHyQQb
mNetVqlfj7Buc1GxNqjrv6SjXlWMOZEHpFmvJEt0/xzvndQgbOD4eZM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:06 2024 by rpki-client on console-fra.rpki-client.org