Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/88N6tTFm4FcHVBtTgPQ5Xx7096w.roa
File: 88N6tTFm4FcHVBtTgPQ5Xx7096w.roa (raw, json)
Hash identifier: 5kE7WIgo7LQoNdfPHsEyrDLi/44ZvhI50ie5jS77SRc=
Subject key identifier: F3:C3:7A:B5:31:66:E0:57:07:54:1B:53:80:F4:39:5F:1E:F4:F7:AC
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 38398842
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/88N6tTFm4FcHVBtTgPQ5Xx7096w.roa
Signing time: Sat 01 Jan 2022 10:03:45 +0000
ROA not before: Sat 01 Jan 2022 10:03:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 77.95.120.0/21 maxlen: 21
194.187.88.0/22 maxlen: 24
185.63.149.0/24 maxlen: 24
185.63.148.0/22 maxlen: 22
217.11.208.0/20 maxlen: 20
212.103.64.0/24 maxlen: 24
212.103.64.0/19 maxlen: 19
217.146.160.0/20 maxlen: 20
212.103.65.0/24 maxlen: 24
217.146.165.0/24 maxlen: 24
2a00:c38:1a5::/48 maxlen: 48
2a00:c38::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 943294530 (0x38398842)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 1 10:03:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3c37ab53166e05707541b5380f4395f1ef4f7ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:69:cb:d0:18:6a:d5:59:c1:fd:3a:f3:7e:10:
37:99:8e:cf:1a:8d:59:db:6b:e7:ab:a2:5d:7d:d0:
70:10:e2:57:42:c4:9a:74:0d:61:32:19:91:bd:f4:
b0:4f:f4:de:50:61:ef:9d:3c:6a:28:91:04:b2:e9:
9c:df:60:4b:4f:84:75:75:64:e0:23:c2:ac:df:99:
f8:23:3b:df:ac:6f:e3:ee:5b:8a:04:0e:db:12:4d:
ac:5b:24:35:02:5b:1a:05:fd:63:3a:3d:10:7d:bc:
03:27:18:9e:91:17:e5:d1:12:f1:f5:99:8e:52:ae:
3a:dd:a1:84:8d:d9:a6:cd:65:aa:9b:58:c3:b1:eb:
16:89:77:0d:65:18:d8:25:ce:db:92:36:0d:07:31:
a0:f0:6d:47:af:f0:4c:cb:42:86:10:62:15:b9:14:
82:ce:1b:05:5f:a5:59:b7:8c:64:4f:a1:19:d3:60:
4a:14:b8:9e:e5:95:53:6f:3d:d4:7e:6e:0f:3d:58:
6f:92:3f:48:8d:79:3b:4f:5e:ea:e9:a9:07:72:95:
53:db:e7:43:a1:07:fa:ef:47:85:57:49:6d:5d:7e:
75:bb:5f:5c:85:38:ee:6e:43:33:f4:9d:f1:b9:ec:
fd:4e:e9:54:d1:e9:23:5c:91:5f:44:2c:72:94:12:
78:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:C3:7A:B5:31:66:E0:57:07:54:1B:53:80:F4:39:5F:1E:F4:F7:AC
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/88N6tTFm4FcHVBtTgPQ5Xx7096w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/21
185.63.148.0/22
194.187.88.0/22
212.103.64.0/19
217.11.208.0/20
217.146.160.0/20
IPv6:
2a00:c38::/32
Signature Algorithm: sha256WithRSAEncryption
2f:24:59:dc:c1:4a:67:90:e0:1b:7a:e0:ee:c8:53:a3:c8:6b:
cd:37:36:77:93:54:85:6c:e3:9a:42:75:9d:98:57:98:18:fe:
6d:36:b0:c9:13:f0:e7:73:f7:3e:2d:9d:e2:07:a3:db:fe:79:
78:81:6f:f1:70:35:93:9a:66:10:d8:9d:00:62:f5:d7:e4:a0:
53:38:18:4a:7d:be:67:95:d2:e2:ce:5f:91:ec:9b:35:55:78:
1c:29:aa:bf:9b:1e:2b:f7:fa:d0:19:fd:7f:11:f1:24:df:1f:
68:8f:a9:ff:57:0a:bf:5a:d9:ea:4d:e9:99:20:9d:54:ee:c0:
29:71:2a:1a:46:e8:7d:1b:6d:ba:ba:94:45:cc:cd:dd:ca:f1:
90:3e:b8:ea:15:ba:b4:7d:38:bc:95:6b:e6:87:fa:62:53:f7:
dd:63:fd:84:83:8f:04:bb:04:5b:38:81:01:5a:30:2d:52:07:
fe:90:2f:ed:67:2f:76:f7:71:20:e7:8c:6e:65:d6:7f:ae:57:
8d:49:2b:af:69:f4:39:0f:bc:d3:91:d3:bb:e3:90:34:cb:2c:
7c:2f:01:32:6a:f1:2d:b8:48:8c:ce:44:32:37:c0:82:fe:65:
16:c2:86:d0:f3:5e:8e:84:d3:8f:35:79:56:c4:27:85:a6:01:
46:b1:fb:f4
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEODmIQjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ODAxNWNjOGRhMWYxYmJmMzQzZTI2YWIyMDhkZjhiYjI2ZmQ1M2FlMB4XDTIyMDEw
MTEwMDM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjNjMzdhYjUzMTY2
ZTA1NzA3NTQxYjUzODBmNDM5NWYxZWY0ZjdhYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJVpy9AYatVZwf06834QN5mOzxqNWdtr56uiXX3QcBDiV0LE
mnQNYTIZkb30sE/03lBh7508aiiRBLLpnN9gS0+EdXVk4CPCrN+Z+CM736xv4+5b
igQO2xJNrFskNQJbGgX9Yzo9EH28AycYnpEX5dES8fWZjlKuOt2hhI3Zps1lqptY
w7HrFol3DWUY2CXO25I2DQcxoPBtR6/wTMtChhBiFbkUgs4bBV+lWbeMZE+hGdNg
ShS4nuWVU2891H5uDz1Yb5I/SI15O09e6umpB3KVU9vnQ6EH+u9HhVdJbV1+dbtf
XIU47m5DM/Sd8bns/U7pVNHpI1yRX0QscpQSeIsCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTzw3q1MWbgVwdUG1OA9DlfHvT3rDAfBgNVHSMEGDAWgBRYAVzI2h8bvzQ+
Jqsgjfi7Jv1TrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dBRmN5Tm9mRzc4MFBpYXJJSTM0dXliOVU2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZDQxNzVkLTE5MmMtNDE4Yy05NzJmLThlZTIxYjc0ZGQ1Ni8x
Lzg4TjZ0VEZtNEZjSFZCdFRnUFE1WHg3MDk2dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZDQxNzVkLTE5MmMtNDE4Yy05NzJmLThlZTIxYjc0ZGQ1Ni8xL1dBRmN5Tm9mRzc4
MFBpYXJJSTM0dXliOVU2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA01feAMEArk/lAMEAsK7WAMEBdRn
QAMEBNkL0AMEBNmSoDANBAIAAjAHAwUAKgAMODANBgkqhkiG9w0BAQsFAAOCAQEA
LyRZ3MFKZ5DgG3rg7shTo8hrzTc2d5NUhWzjmkJ1nZhXmBj+bTawyRPw53P3Pi2d
4gej2/55eIFv8XA1k5pmENidAGL11+SgUzgYSn2+Z5XS4s5fkeybNVV4HCmqv5se
K/f60Bn9fxHxJN8faI+p/1cKv1rZ6k3pmSCdVO7AKXEqGkbofRtturqURczN3crx
kD646hW6tH04vJVr5of6YlP33WP9hIOPBLsEWziBAVowLVIH/pAv7WcvdvdxIOeM
bmXWf65XjUkrr2n0OQ+805HTu+OQNMssfC8BMmrxLbhIjM5EMjfAgv5lFsKG0PNe
joTTjzV5VsQnhaYBRrH79A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:43 2024 by rpki-client on console-ams.rpki-client.org