Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2AkGqkI0qSlvLXEGcjh5bIRTQCk.roa
File: 2AkGqkI0qSlvLXEGcjh5bIRTQCk.roa (raw, json)
Hash identifier: qhL5bBUcqFqjNssTW+R6+z4ltWdgN+fUUwvdEmT+bpY=
Subject key identifier: D8:09:06:AA:42:34:A9:29:6F:2D:71:06:72:38:79:6C:84:53:40:29
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0119EFD0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2AkGqkI0qSlvLXEGcjh5bIRTQCk.roa
Signing time: Mon 16 May 2022 21:53:29 +0000
ROA not before: Mon 16 May 2022 21:53:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.180.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
84.32.84.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.20.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 18477008 (0x119efd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 16 21:53:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d80906aa4234a9296f2d71067238796c84534029
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:69:27:2d:dd:3e:00:ad:7b:b7:dc:fb:a5:8c:
97:14:91:2a:12:a2:ee:8d:c4:a9:c6:85:33:c1:16:
00:72:73:a2:3a:81:b1:16:54:a1:17:3a:f5:30:b1:
e7:d1:64:01:3a:47:87:cf:13:f7:63:4f:ed:9e:bc:
bb:ce:dd:82:78:46:17:4b:51:4a:45:c5:ee:17:1c:
cd:e6:a2:69:ab:ba:b6:a8:2c:ee:7b:09:de:df:ba:
02:be:50:7e:69:7d:88:aa:91:a8:f9:77:df:91:2c:
8c:e4:ac:8a:36:85:6d:94:6a:0e:56:45:c4:e7:fc:
10:eb:10:96:9c:b7:7f:0f:21:a8:c7:84:ca:3d:6b:
c9:69:08:e6:f7:bd:df:f5:1d:6f:e7:fd:d4:8a:21:
8e:e2:7e:f0:15:f0:3d:b3:44:4e:a1:96:88:d0:0e:
7c:dc:68:39:c8:d9:7e:65:e6:cc:0e:97:32:d3:c6:
ac:91:65:1c:e4:84:7a:b2:1f:01:06:e5:fd:e2:0c:
a6:33:88:2a:7a:4a:20:3c:e0:3c:16:e6:65:c2:62:
d0:b0:41:02:f5:56:bb:95:91:19:8a:82:e2:c2:55:
a7:0d:b9:be:bd:de:14:44:15:f6:17:2f:cc:23:15:
83:c4:11:73:2c:6b:d7:45:6e:32:c9:5b:aa:64:73:
99:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:09:06:AA:42:34:A9:29:6F:2D:71:06:72:38:79:6C:84:53:40:29
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2AkGqkI0qSlvLXEGcjh5bIRTQCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0-84.32.87.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/23
88.216.90.0/24
88.216.180.0/22
88.216.185.0/24
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
50:cf:7a:47:85:b0:2d:8f:c2:21:7d:8d:3f:d9:b9:c6:54:06:
a3:09:6e:b0:51:db:58:3d:25:c9:95:bd:95:1a:d0:d0:ef:6e:
0b:41:b3:6a:cc:21:58:7f:25:ac:ad:70:07:24:35:f2:50:16:
8a:92:f3:38:a7:16:22:1a:ad:cd:f8:84:c4:0b:a1:53:a2:5c:
5e:26:de:c3:f8:a7:ae:70:c3:92:41:1b:db:a8:d9:11:e0:98:
00:d3:06:d8:6e:2b:a3:c5:6b:ba:d8:4b:7c:7e:9d:a7:db:70:
71:0e:5e:5d:86:b7:f6:90:e7:be:62:f5:ca:b4:57:04:e2:e6:
7c:2d:82:22:7e:03:2b:79:1e:fa:c9:a3:ba:e0:2f:1c:1f:80:
4f:1a:18:1f:17:04:57:74:4a:c2:37:ec:f2:62:a2:a4:c6:8f:
f3:48:1d:43:1f:8d:53:58:70:f0:e4:da:88:87:cf:c9:13:7f:
ad:71:27:bf:bc:91:1a:51:82:0d:ff:6a:46:0b:56:a6:e1:a7:
10:76:73:b8:c1:49:aa:23:33:4e:cd:31:2b:58:f8:c1:70:52:
b1:4c:45:36:77:46:28:6d:29:ef:33:ff:7c:48:e0:3d:12:10:
35:3f:f4:b0:a1:3b:9b:20:84:f8:3b:fb:00:f2:2d:ef:09:61:
a3:dd:00:bb
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEARnv0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUx
NjIxNTMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDgwOTA2YWE0MjM0
YTkyOTZmMmQ3MTA2NzIzODc5NmM4NDUzNDAyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhpJy3dPgCte7fc+6WMlxSRKhKi7o3EqcaFM8EWAHJzojqB
sRZUoRc69TCx59FkATpHh88T92NP7Z68u87dgnhGF0tRSkXF7hcczeaiaau6tqgs
7nsJ3t+6Ar5Qfml9iKqRqPl335EsjOSsijaFbZRqDlZFxOf8EOsQlpy3fw8hqMeE
yj1ryWkI5ve93/Udb+f91IohjuJ+8BXwPbNETqGWiNAOfNxoOcjZfmXmzA6XMtPG
rJFlHOSEerIfAQbl/eIMpjOIKnpKIDzgPBbmZcJi0LBBAvVWu5WRGYqC4sJVpw25
vr3eFEQV9hcvzCMVg8QRcyxr10VuMslbqmRzmR8CAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBTYCQaqQjSpKW8tcQZyOHlshFNAKTAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzJBa0dxa0kwcVNsdkxYRUdjamg1YklSVFFDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHowDAMEAlQgBAMEAlQgCAMEA1Qg
GAMEA1QgKAMEA1QgQDAMAwQBVCBSAwQDVCBQAwQCWNgAAwQAWNgQMAwDBABY2BMD
BANY2BADBABY2CADBAFY2C4DBABY2FoDBAJY2LQDBABY2LkDBAJY2MQwDAMEAFjY
0QMEA1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAUM96R4WwLY/CIX2NP9m5xlQGowlu
sFHbWD0lyZW9lRrQ0O9uC0GzaswhWH8lrK1wByQ18lAWipLzOKcWIhqtzfiExAuh
U6JcXibew/inrnDDkkEb26jZEeCYANMG2G4ro8VruthLfH6dp9twcQ5eXYa39pDn
vmL1yrRXBOLmfC2CIn4DK3ke+smjuuAvHB+ATxoYHxcEV3RKwjfs8mKipMaP80gd
Qx+NU1hw8OTaiIfPyRN/rXEnv7yRGlGCDf9qRgtWpuGnEHZzuMFJqiMzTs0xK1j4
wXBSsUxFNndGKG0p7zP/fEjgPRIQNT/0sKE7myCE+Dv7APIt7wlho90Auw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org