Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5q61uaKfhQUl6DyDUZ--8XkOyhQ.roa
File: 5q61uaKfhQUl6DyDUZ--8XkOyhQ.roa (raw, json)
Hash identifier: ZY0waBlGAQ2DZTaG6EyI7IKRmhqmeHfBGWTtUGmmeF0=
Subject key identifier: E6:AE:B5:B9:A2:9F:85:05:25:E8:3C:83:51:9F:BE:F1:79:0E:CA:14
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 56B296
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5q61uaKfhQUl6DyDUZ--8XkOyhQ.roa
Signing time: Sun 20 Mar 2022 16:29:39 +0000
ROA not before: Sun 20 Mar 2022 16:29:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.33.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 5681814 (0x56b296)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 20 16:29:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e6aeb5b9a29f850525e83c83519fbef1790eca14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:38:d0:8c:a4:04:ec:c1:65:4e:de:87:8a:6b:
b8:e7:06:b3:7a:06:c5:4b:d4:62:dd:2f:06:d1:ec:
9d:ba:de:e8:ef:0e:96:b2:16:14:70:5a:14:88:9f:
72:19:e0:1a:e9:b5:c3:93:12:25:2f:04:cd:5b:2f:
80:4b:7d:7a:ba:df:c0:2c:28:34:99:68:62:ec:d6:
e0:c1:f7:0b:3e:55:90:8d:b0:dc:89:3c:c3:77:f6:
6c:86:0c:cb:64:c3:e7:ae:d6:7f:79:4c:ea:4a:8d:
68:e1:79:90:6a:92:9e:1b:94:c3:d0:8c:11:7f:f4:
be:2e:fb:4b:68:4d:a8:bc:99:d3:91:62:eb:82:7b:
f1:be:92:2d:76:5b:48:96:27:f6:83:0c:92:4b:e3:
2c:46:d6:a4:af:bc:74:b5:e5:4b:64:9d:09:a8:18:
6f:d7:d6:61:22:0f:80:97:ff:23:94:31:80:eb:30:
ed:89:a5:c2:0e:69:11:25:04:d4:9c:70:a6:6b:8c:
40:09:bd:3e:ab:51:9e:6a:b0:72:2f:dd:02:58:b6:
13:bf:eb:b5:97:ef:da:5b:80:27:62:11:3c:b1:3d:
1d:05:8c:94:36:2a:25:70:a4:f4:94:e0:40:3c:54:
3a:18:b3:89:db:c1:02:0e:23:9e:02:15:e2:c4:39:
33:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AE:B5:B9:A2:9F:85:05:25:E8:3C:83:51:9F:BE:F1:79:0E:CA:14
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5q61uaKfhQUl6DyDUZ--8XkOyhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/23
88.216.46.0/23
88.216.180.0/22
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
20:9b:7e:bf:32:28:f0:a6:d5:46:29:f1:1e:30:3e:9c:88:30:
af:c8:2b:eb:40:54:37:b1:0b:ec:21:42:7c:a3:c6:30:0c:90:
37:84:97:ee:0a:1b:ff:d9:27:1d:61:e8:1d:ce:0f:9c:cc:a1:
de:00:e1:c7:99:7d:c0:38:b6:8d:30:da:c5:01:e4:8a:63:2a:
8f:f4:4c:3b:9a:b2:ab:69:08:71:15:99:8d:da:79:fd:c3:cd:
f9:5f:86:2a:bd:33:3e:b2:3e:52:b3:63:d5:c7:07:a1:08:22:
a1:eb:28:b9:d8:eb:09:d7:ee:5d:bf:a9:76:2a:f5:81:50:8f:
57:c8:20:41:98:98:44:a9:b2:d8:70:05:2a:f9:2d:ff:10:d0:
0d:b8:6e:a2:53:e2:3d:b3:1f:ab:dd:13:6e:36:f4:36:5b:48:
d9:ac:20:80:43:ff:c0:de:c2:64:a0:34:c8:20:4a:a0:94:cb:
d9:41:fd:f4:5a:71:31:c0:7c:61:af:99:f9:8e:62:3a:c2:6c:
c4:93:54:94:9f:29:c8:6b:8b:e6:e5:34:9b:4c:74:f2:fe:51:
c6:06:b0:bb:8b:73:f3:35:36:c8:a8:2f:b8:4a:30:a2:7e:f4:
c5:40:fc:53:4d:fb:d5:d1:54:56:7d:e8:33:49:49:67:f4:3b:
3e:01:5b:38
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgIDVrKWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzIw
MTYyOTM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhlNmFlYjViOWEyOWY4
NTA1MjVlODNjODM1MTlmYmVmMTc5MGVjYTE0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArzjQjKQE7MFlTt6Himu45wazegbFS9Ri3S8G0eydut7o7w6W
shYUcFoUiJ9yGeAa6bXDkxIlLwTNWy+AS316ut/ALCg0mWhi7NbgwfcLPlWQjbDc
iTzDd/ZshgzLZMPnrtZ/eUzqSo1o4XmQapKeG5TD0IwRf/S+LvtLaE2ovJnTkWLr
gnvxvpItdltIlif2gwySS+MsRtakr7x0teVLZJ0JqBhv19ZhIg+Al/8jlDGA6zDt
iaXCDmkRJQTUnHCma4xACb0+q1GearByL90CWLYTv+u1l+/aW4AnYhE8sT0dBYyU
NiolcKT0lOBAPFQ6GLOJ28ECDiOeAhXixDkzJwIDAQABo4ICSTCCAkUwHQYDVR0O
BBYEFOautbmin4UFJeg8g1GfvvF5DsoUMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
NXE2MXVhS2ZoUVVsNkR5RFVaLS04WGtPeWhRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMF8G
CCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQCVCAEAwQAWNgQMAwDBABY2BMDBANY
2BADBAFY2CADBAFY2C4DBAJY2LQDBAJY2LwDBAJY2MQwDAMEAFjY0QMEA1jY0DAN
BgkqhkiG9w0BAQsFAAOCAQEAIJt+vzIo8KbVRinxHjA+nIgwr8gr60BUN7EL7CFC
fKPGMAyQN4SX7gob/9knHWHoHc4PnMyh3gDhx5l9wDi2jTDaxQHkimMqj/RMO5qy
q2kIcRWZjdp5/cPN+V+GKr0zPrI+UrNj1ccHoQgioesoudjrCdfuXb+pdir1gVCP
V8ggQZiYRKmy2HAFKvkt/xDQDbhuolPiPbMfq90Tbjb0NltI2awggEP/wN7CZKA0
yCBKoJTL2UH99FpxMcB8Ya+Z+Y5iOsJsxJNUlJ8pyGuL5uU0m0x08v5Rxgawu4tz
8zU2yKgvuEowon70xUD8U0371dFUVn3oM0lJZ/Q7PgFbOA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org