Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QSjXSS3KjwSs0YecRW84heNr-M.roa
File: 1-QSjXSS3KjwSs0YecRW84heNr-M.roa (raw, json)
Hash identifier: o/T9sAUypN2RSbOEL8k7uu+6crbHhTQgqD2P7ygu5Js=
Subject key identifier: F9:04:A3:5D:24:B7:2A:3C:12:B3:46:1E:71:15:BC:E2:17:8D:AF:E3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184AF37A8CC6E5873990A3CE8D634D2CA08
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QSjXSS3KjwSs0YecRW84heNr-M.roa
Signing time: Fri 25 Nov 2022 14:36:11 +0000
ROA not before: Fri 25 Nov 2022 14:36:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 88.216.0.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:37:a8:cc:6e:58:73:99:0a:3c:e8:d6:34:d2:ca:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 25 14:36:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f904a35d24b72a3c12b3461e7115bce2178dafe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:7d:bb:22:af:3a:37:63:c8:e4:7f:ff:45:9f:
9d:7a:94:47:cd:7c:5c:3e:b4:c9:76:02:ab:64:c0:
32:b8:9f:ec:7d:68:c1:d5:c1:27:e7:18:a8:d2:ba:
1b:46:63:42:ea:e7:31:44:b8:94:f5:c9:e5:4f:4e:
f2:57:ba:57:d9:ef:14:f3:0c:8b:35:9d:1e:6e:c2:
da:40:ec:81:f6:f6:32:a3:f9:20:de:a0:e3:bd:e6:
c7:f2:d4:8a:91:e8:43:78:0c:47:0c:33:35:5c:b5:
a7:df:e2:5f:55:7f:a3:a7:ba:ae:ba:05:e6:a2:04:
42:69:72:4f:b2:e6:7c:d1:5e:ed:c1:ae:cd:65:54:
b7:bd:75:bb:a4:0d:aa:45:f3:3e:74:2f:f5:ae:a5:
5f:23:02:26:7e:8e:d9:19:dc:f1:2d:b8:37:fe:f2:
4c:11:d6:68:e5:be:42:d4:82:75:1b:10:f5:01:46:
ca:04:40:54:29:44:98:95:78:03:f9:13:db:87:18:
cc:3d:f0:54:1b:fa:6d:15:70:df:d5:a6:2c:7c:8e:
6b:39:d8:f2:a8:4e:b7:32:b2:5d:a2:62:1e:5f:65:
e7:91:62:50:07:e9:95:20:61:81:64:88:3e:c9:f4:
f0:2b:1d:b3:e9:b9:3d:3f:4c:4b:49:ad:a8:8f:22:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:04:A3:5D:24:B7:2A:3C:12:B3:46:1E:71:15:BC:E2:17:8D:AF:E3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-QSjXSS3KjwSs0YecRW84heNr-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.0.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
88:ad:0f:09:bb:b1:ea:dc:b4:40:74:85:69:08:f2:26:b6:5d:
ea:19:cb:0e:26:f2:3f:c8:43:c4:03:fd:86:5f:6f:dd:90:4a:
bf:66:ab:4c:f3:a8:4f:03:ba:69:86:08:9f:1e:1b:b7:36:54:
21:b1:1b:28:93:50:59:72:b9:b4:d5:7c:67:92:e4:af:8c:e6:
30:aa:9c:ce:3b:49:05:ae:b2:ee:41:cf:5b:7f:77:83:cf:c6:
64:0e:fc:2d:8e:6d:ea:3a:77:1c:72:4b:c6:c5:61:26:ac:6b:
7f:0b:11:b6:09:f9:26:d2:f7:7f:fe:cc:16:01:c6:c8:a2:66:
b0:d1:61:d3:93:47:df:47:09:84:38:ac:45:99:91:54:9c:28:
e7:47:66:bb:dc:3a:30:9d:47:ef:41:78:c3:83:57:82:dd:04:
2a:b7:59:04:44:d6:03:05:fa:b5:4f:64:92:d5:04:52:87:d1:
c0:17:73:8d:5f:2e:b8:f6:b5:25:18:d3:6c:f7:16:c9:b4:71:
a5:c4:20:0f:65:ba:37:0c:fa:c8:d8:ab:5d:ed:cd:d9:c3:e4:
a4:4e:05:4c:8d:e4:34:3e:0f:57:1f:6f:7f:44:03:7c:6a:5d:
fe:ee:34:03:19:04:f2:a9:77:31:21:2a:71:1f:5d:a0:c5:47:
66:eb:49:60
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYSvN6jMblhzmQo86NY00soIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI1MTQzNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTA0YTM1ZDI0YjcyYTNjMTJiMzQ2MWU3MTE1YmNlMjE3OGRhZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoH27Iq86N2PI5H//RZ+depRHzXxc
PrTJdgKrZMAyuJ/sfWjB1cEn5xio0robRmNC6ucxRLiU9cnlT07yV7pX2e8U8wyL
NZ0ebsLaQOyB9vYyo/kg3qDjvebH8tSKkehDeAxHDDM1XLWn3+JfVX+jp7quugXm
ogRCaXJPsuZ80V7twa7NZVS3vXW7pA2qRfM+dC/1rqVfIwImfo7ZGdzxLbg3/vJM
EdZo5b5C1IJ1GxD1AUbKBEBUKUSYlXgD+RPbhxjMPfBUG/ptFXDf1aYsfI5rOdjy
qE63MrJdomIeX2XnkWJQB+mVIGGBZIg+yfTwKx2z6bk9P0xLSa2ojyJpEwIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFPkEo10ktyo8ErNGHnEVvOIXja/jMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1RU2pYU1MzS2p3U3MwWWVjUlc4NGhlTnItTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAlBggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFjYAAME
AFjY3jANBgkqhkiG9w0BAQsFAAOCAQEAiK0PCbux6ty0QHSFaQjyJrZd6hnLDiby
P8hDxAP9hl9v3ZBKv2arTPOoTwO6aYYInx4btzZUIbEbKJNQWXK5tNV8Z5Lkr4zm
MKqczjtJBa6y7kHPW393g8/GZA78LY5t6jp3HHJLxsVhJqxrfwsRtgn5JtL3f/7M
FgHGyKJmsNFh05NH30cJhDisRZmRVJwo50dmu9w6MJ1H70F4w4NXgt0EKrdZBETW
AwX6tU9kktUEUofRwBdzjV8uuPa1JRjTbPcWybRxpcQgD2W6Nwz6yNirXe3N2cPk
pE4FTI3kND4PVx9vf0QDfGpd/u40AxkE8ql3MSEqcR9doMVHZutJYA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org