Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uaOYyWVh34Ya4AFUwcvYYUlvr3o.roa
File: uaOYyWVh34Ya4AFUwcvYYUlvr3o.roa (raw, json)
Hash identifier: Qem3QxcAfrbuxJmPeV3dT8P/SAok0AQKUDFAbMv+1n0=
Subject key identifier: B9:A3:98:C9:65:61:DF:86:1A:E0:01:54:C1:CB:D8:61:49:6F:AF:7A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01891C33F836532FE16A65B670502E0CF723
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uaOYyWVh34Ya4AFUwcvYYUlvr3o.roa
Signing time: Mon 03 Jul 2023 14:41:55 +0000
ROA not before: Mon 03 Jul 2023 14:41:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.151.58.0/24 maxlen: 24
88.151.56.0/23 maxlen: 24
88.209.195.0/24 maxlen: 24
5.182.113.0/24 maxlen: 24
88.209.211.0/24 maxlen: 24
88.209.216.0/24 maxlen: 24
88.209.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1c:33:f8:36:53:2f:e1:6a:65:b6:70:50:2e:0c:f7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 3 14:41:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b9a398c96561df861ae00154c1cbd861496faf7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:44:7b:3c:58:80:9a:d0:a4:74:a4:9a:8e:a3:
49:70:9d:74:8d:7d:a7:e5:3e:54:a9:b5:72:ff:0f:
6a:c7:b4:ba:6f:0c:8e:e9:f4:e4:c1:ca:1b:78:c8:
73:03:c7:7e:ab:8e:ed:f8:ab:65:f4:e5:ee:50:f4:
53:e1:30:48:2f:bd:84:56:54:9d:b8:1d:eb:01:27:
e7:5e:4b:9f:6d:d2:69:f2:4f:99:9c:6f:88:eb:9c:
54:7f:a6:a6:86:0f:af:82:97:8c:00:8e:2e:5c:1d:
d0:b5:31:fd:aa:7b:b8:ac:6e:75:5c:70:c0:11:2e:
e5:a6:02:03:54:84:c9:6e:33:b1:57:ed:ee:f8:71:
a2:a1:b5:60:03:88:59:4f:ca:46:cb:e5:af:d8:f4:
40:21:a7:52:08:07:98:16:44:53:2c:8e:9a:d7:df:
2b:ae:82:4e:27:b8:5f:6c:ab:77:ae:e9:9a:f6:40:
77:83:dc:10:7f:4e:3f:54:7e:40:15:fb:55:0d:f3:
6a:dd:79:a5:86:e7:f4:dd:c2:1f:f1:94:97:d7:31:
f7:eb:f0:03:d2:45:a9:46:fb:09:d8:c8:fa:45:2e:
93:96:54:00:c1:c4:30:59:79:a5:6d:67:f7:69:db:
f0:78:a9:51:63:3f:e9:a4:82:66:c0:59:7b:e8:b5:
c9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:A3:98:C9:65:61:DF:86:1A:E0:01:54:C1:CB:D8:61:49:6F:AF:7A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/uaOYyWVh34Ya4AFUwcvYYUlvr3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.113.0/24
88.151.56.0-88.151.58.255
88.209.195.0/24
88.209.211.0/24
88.209.216.0/24
88.209.221.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:2a:d6:37:6e:b5:b5:60:54:9e:cc:92:d4:a4:ac:e5:65:ea:
00:8c:e8:7d:0f:e2:70:ee:96:7a:d7:2c:22:4c:62:c7:5b:b2:
78:50:b7:9d:13:42:0a:2c:f1:4f:b5:02:3e:d7:09:2b:ae:0a:
13:20:80:64:c1:a3:50:a1:e4:7b:83:6d:84:f7:8d:87:c1:af:
02:c1:4a:27:d6:55:f7:ee:d7:0b:44:56:ea:59:71:d4:49:51:
3a:81:98:2a:c1:63:dc:a2:7b:70:46:87:00:55:07:fc:3f:07:
7b:91:6b:1e:ba:d5:8b:38:cc:61:3e:0c:d1:06:32:68:dc:27:
d6:77:23:8b:48:1a:e1:22:10:a7:a1:07:8d:f6:d2:35:ba:3e:
cb:c3:3c:c7:08:2c:a3:fe:f3:9c:f9:f9:04:2f:cd:39:82:0b:
41:24:5c:8d:a5:69:54:a7:2a:0a:0f:de:ee:ff:7e:c5:a6:2d:
c0:f6:54:60:a9:c0:87:99:a3:d4:61:d4:2e:eb:6c:96:99:3e:
4e:c6:d3:51:e0:11:01:ce:6e:64:28:2a:32:76:4f:b6:cf:42:
dc:a8:8c:35:c6:b4:be:e4:fc:b2:5a:21:81:a5:6a:fc:83:eb:
e2:b9:7d:a5:d1:2a:74:f9:ea:77:77:a2:36:98:e0:89:46:1b:
b0:57:c9:b0
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYkcM/g2Uy/hamW2cFAuDPcjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjMwNzAzMTQ0MTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWEzOThjOTY1NjFkZjg2MWFlMDAxNTRjMWNiZDg2MTQ5NmZhZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgER7PFiAmtCkdKSajqNJcJ10jX2n
5T5UqbVy/w9qx7S6bwyO6fTkwcobeMhzA8d+q47t+Ktl9OXuUPRT4TBIL72EVlSd
uB3rASfnXkufbdJp8k+ZnG+I65xUf6amhg+vgpeMAI4uXB3QtTH9qnu4rG51XHDA
ES7lpgIDVITJbjOxV+3u+HGiobVgA4hZT8pGy+Wv2PRAIadSCAeYFkRTLI6a198r
roJOJ7hfbKt3ruma9kB3g9wQf04/VH5AFftVDfNq3Xmlhuf03cIf8ZSX1zH36/AD
0kWpRvsJ2Mj6RS6TllQAwcQwWXmlbWf3advweKlRYz/ppIJmwFl76LXJfQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLmjmMllYd+GGuABVMHL2GFJb696MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvdWFPWXlXVmgzNFlhNEFGVXdjdllZVWx2cjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQABbZxMAwD
BANYlzgDBABYlzoDBABY0cMDBABY0dMDBABY0dgDBABY0d0wDQYJKoZIhvcNAQEL
BQADggEBALEq1jdutbVgVJ7MktSkrOVl6gCM6H0P4nDulnrXLCJMYsdbsnhQt50T
Qgos8U+1Aj7XCSuuChMggGTBo1Ch5HuDbYT3jYfBrwLBSifWVffu1wtEVupZcdRJ
UTqBmCrBY9yie3BGhwBVB/w/B3uRax661Ys4zGE+DNEGMmjcJ9Z3I4tIGuEiEKeh
B4320jW6PsvDPMcILKP+85z5+QQvzTmCC0EkXI2laVSnKgoP3u7/fsWmLcD2VGCp
wIeZo9Rh1C7rbJaZPk7G01HgEQHObmQoKjJ2T7bPQtyojDXGtL7k/LJaIYGlavyD
6+K5faXRKnT56nd3ojaY4IlGG7BXybA=
-----END CERTIFICATE-----
Generated at Sun May 11 20:58:16 2025 by rpki-client