Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2kgai7xRadXLvkk42pphcfbIw0Q.roa
File: 2kgai7xRadXLvkk42pphcfbIw0Q.roa (raw, json)
Hash identifier: 6QRixyogDdNyFB49y74Qnao58eWf0B7KB8X0P71yEyg=
Subject key identifier: DA:48:1A:8B:BC:51:69:D5:CB:BE:49:38:DA:9A:61:71:F6:C8:C3:44
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018552E50FC7B8032B4E9F2085B5B2517EE1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2kgai7xRadXLvkk42pphcfbIw0Q.roa
Signing time: Tue 27 Dec 2022 09:23:41 +0000
ROA not before: Tue 27 Dec 2022 09:23:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.149.0/24 maxlen: 24
84.32.148.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:52:e5:0f:c7:b8:03:2b:4e:9f:20:85:b5:b2:51:7e:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 27 09:23:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da481a8bbc5169d5cbbe4938da9a6171f6c8c344
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:29:f1:48:1a:cd:68:cd:e8:30:bc:43:e3:c3:
86:77:28:39:45:9e:7e:69:5c:1a:79:76:09:0e:d4:
ca:46:03:7c:10:b6:01:7f:43:56:ce:af:fb:c6:1b:
9c:87:71:8b:93:b7:9f:e6:48:a7:00:df:11:8f:99:
83:54:6e:e2:5f:10:c2:97:e7:08:0e:3d:98:27:ea:
c5:4a:d0:8f:56:75:ee:11:bc:f2:16:91:42:9a:54:
c3:dd:29:07:5e:16:2c:6e:bd:08:43:96:f1:a3:56:
33:1c:d6:da:0b:f6:3e:ea:1d:76:a2:c4:16:f6:70:
16:b1:dd:5e:12:7d:6c:dd:0e:42:1a:d7:a8:43:29:
23:b8:88:3e:d8:7e:09:a6:11:6e:09:a3:a5:a6:c0:
6a:6a:ad:4f:78:fc:da:ac:da:81:88:24:e8:3a:a0:
de:af:a9:58:9b:49:95:2a:be:57:7f:00:e3:71:91:
a8:b8:29:48:0b:a4:18:38:52:97:bf:5d:0f:02:68:
5f:0e:3e:60:7e:f1:7e:8f:0a:a8:ef:5d:20:dd:4d:
f5:b6:d2:e0:9b:91:fe:2b:9e:7b:8b:44:e9:ce:45:
72:5a:0b:19:0c:4f:c3:57:bc:98:ff:2b:8c:46:de:
d2:e8:81:4d:c2:6b:15:9f:a7:05:8e:47:c2:dd:62:
7d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:48:1A:8B:BC:51:69:D5:CB:BE:49:38:DA:9A:61:71:F6:C8:C3:44
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2kgai7xRadXLvkk42pphcfbIw0Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.64.0/24
84.32.89.0/24
84.32.148.0/23
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.172.0/24
84.32.175.0-84.32.176.255
84.32.250.0/24
88.216.20.0/24
88.216.23.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.185.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
04:69:0a:ff:c7:e7:9f:79:e7:af:2f:c0:98:94:3d:ae:54:74:
ba:c8:82:80:4e:98:7a:90:26:c6:9f:64:b7:5e:df:5c:e9:f4:
e5:56:4c:49:73:60:77:4e:dc:a0:84:22:b1:56:31:a1:06:81:
dc:aa:55:37:d5:f5:ad:2f:a8:5c:b2:88:51:2a:0a:5a:b6:40:
ec:ea:b6:54:2b:a7:98:07:2a:f3:09:11:3f:a8:0c:13:eb:36:
6f:b4:d9:c5:1b:74:56:1a:0d:96:17:3a:c6:6a:dc:5a:c7:0a:
cf:5e:d8:50:66:bf:75:03:47:49:d6:41:ce:70:d2:e1:5b:c5:
01:15:1b:71:5e:25:04:50:4b:7e:e4:c0:9b:1f:8d:ad:89:d6:
24:42:c1:60:be:8f:29:4b:23:18:97:39:1b:96:83:81:07:6c:
e6:67:c8:8e:12:34:6b:56:23:18:4a:cd:71:89:c3:eb:58:7b:
b1:07:db:7d:62:45:f7:91:0a:45:99:34:c8:e9:e2:db:7c:b4:
d2:6e:26:07:93:bc:35:16:ca:18:6a:f2:b0:79:9a:d3:7d:04:
46:45:70:d2:02:b4:f3:93:f9:0f:e5:ad:df:cd:ee:46:18:db:
c4:b0:ba:95:82:ef:08:3f:b4:b2:4c:9d:87:8a:6f:df:46:82:
90:3c:ec:c4
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYVS5Q/HuAMrTp8ghbWyUX7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjI3MDkyMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTQ4MWE4YmJjNTE2OWQ1Y2JiZTQ5MzhkYTlhNjE3MWY2YzhjMzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSnxSBrNaM3oMLxD48OGdyg5RZ5+
aVwaeXYJDtTKRgN8ELYBf0NWzq/7xhuch3GLk7ef5kinAN8Rj5mDVG7iXxDCl+cI
Dj2YJ+rFStCPVnXuEbzyFpFCmlTD3SkHXhYsbr0IQ5bxo1YzHNbaC/Y+6h12osQW
9nAWsd1eEn1s3Q5CGteoQykjuIg+2H4JphFuCaOlpsBqaq1PePzarNqBiCToOqDe
r6lYm0mVKr5XfwDjcZGouClIC6QYOFKXv10PAmhfDj5gfvF+jwqo710g3U31ttLg
m5H+K557i0TpzkVyWgsZDE/DV7yY/yuMRt7S6IFNwmsVn6cFjkfC3WJ9hQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFNpIGou8UWnVy75JONqaYXH2yMNEMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMmtnYWk3eFJhZFhMdmtrNDJwcGhjZmJJdzBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAVCAf
AwQAVCBAAwQAVCBZAwQBVCCUMAwDBANUIJgDBABUIJoDBAJUIJwDBABUIKwwDAME
AFQgrwMEAFQgsAMEAFQg+gMEAFjYFAMEAFjYFwMEAVjYLDAMAwQDWNg4AwQBWNhA
AwQAWNi5AwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQAEaQr/x+efeeev
L8CYlD2uVHS6yIKATph6kCbGn2S3Xt9c6fTlVkxJc2B3TtyghCKxVjGhBoHcqlU3
1fWtL6hcsohRKgpatkDs6rZUK6eYByrzCRE/qAwT6zZvtNnFG3RWGg2WFzrGatxa
xwrPXthQZr91A0dJ1kHOcNLhW8UBFRtxXiUEUEt+5MCbH42tidYkQsFgvo8pSyMY
lzkbloOBB2zmZ8iOEjRrViMYSs1xicPrWHuxB9t9YkX3kQpFmTTI6eLbfLTSbiYH
k7w1FsoYavKweZrTfQRGRXDSArTzk/kP5a3fze5GGNvEsLqVgu8IP7SyTJ2Him/f
RoKQPOzE
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:23 2024 by rpki-client on console-ams.rpki-client.org