Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7qKkS7wZ_eTe0RACoAak3wJwVxI.roa
File: 7qKkS7wZ_eTe0RACoAak3wJwVxI.roa (raw, json)
Hash identifier: Y4PLBgXKR6f3uvt6Pm9jjxc7yL19tx8DS3PEICOrgG4=
Subject key identifier: EE:A2:A4:4B:BC:19:FD:E4:DE:D1:10:02:A0:06:A4:DF:02:70:57:12
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01848B4D19389B013460FE8911876381B264
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7qKkS7wZ_eTe0RACoAak3wJwVxI.roa
Signing time: Fri 18 Nov 2022 15:13:16 +0000
ROA not before: Fri 18 Nov 2022 15:13:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8b:4d:19:38:9b:01:34:60:fe:89:11:87:63:81:b2:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 18 15:13:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=eea2a44bbc19fde4ded11002a006a4df02705712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:75:77:ff:eb:07:3a:a4:aa:e8:6d:0d:e9:be:
78:9e:0e:63:d4:95:4c:94:e5:6d:33:91:7a:0a:d1:
76:98:6a:a2:80:3e:88:ed:eb:8c:c3:bd:cb:66:e5:
58:2c:87:da:61:76:31:b7:ec:f4:c8:a5:a1:28:27:
1d:ca:b2:93:a3:d9:42:4e:f9:46:c3:b1:3d:d2:e4:
a6:d9:d7:2a:a6:cb:f5:39:ca:5d:ca:59:ac:c1:37:
60:00:83:5b:53:82:23:4c:ad:b4:2f:93:4e:01:5b:
39:72:f7:7b:81:8b:71:35:c4:30:c0:46:36:de:0c:
12:f6:63:31:e4:30:7e:31:3c:ea:15:0b:40:d0:9a:
20:14:60:a9:95:4c:9f:c5:31:0f:74:38:b2:b1:bb:
c0:56:3e:85:ef:42:3f:0f:6a:10:80:60:2c:07:18:
85:56:8b:d2:c1:fd:b8:7a:91:fb:74:ad:46:87:3d:
de:f1:45:da:04:88:d4:02:c3:23:d4:a5:99:51:4b:
e7:2b:7f:a7:f7:9f:a7:3c:e6:c7:31:03:a0:4d:21:
b9:7e:a9:ee:25:ac:1c:bc:65:86:5a:10:7a:8b:cc:
97:93:33:8f:69:ea:2d:f8:fa:76:dc:90:fa:f9:17:
e0:d2:63:33:3b:bc:86:90:50:98:95:58:c9:a9:26:
62:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:A2:A4:4B:BC:19:FD:E4:DE:D1:10:02:A0:06:A4:DF:02:70:57:12
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/7qKkS7wZ_eTe0RACoAak3wJwVxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.16.0/24
88.216.19.0/24
88.216.46.0/24
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
2b:94:2b:21:2f:3b:27:b7:9f:d1:48:8e:04:01:6d:db:c7:dc:
92:6d:3e:7b:b8:8d:2f:54:cf:3b:3b:a2:4b:78:a3:2f:13:e9:
09:be:44:07:6d:c2:fa:c7:36:86:13:9c:e5:a8:a9:5d:97:51:
d1:ba:86:22:cd:7b:cd:14:a3:16:bf:91:9a:62:b6:8c:18:72:
c0:bc:aa:b7:0b:d1:9c:92:a8:99:25:99:93:90:62:49:ca:ff:
b0:b5:f6:d0:73:33:d8:5d:a3:47:0a:35:eb:d8:65:e0:89:74:
61:83:b0:db:23:9c:6a:43:2c:ab:65:f4:0f:6a:34:42:8d:ee:
18:4b:a0:d9:e2:c0:56:8f:66:c0:04:ce:91:db:89:f7:99:27:
5e:e3:8b:f8:5a:07:d4:eb:a7:45:38:0b:75:a9:0e:6c:87:e6:
7d:09:1e:21:24:95:61:f7:f0:20:c2:56:95:77:19:b2:19:68:
90:45:39:66:1d:5e:65:d4:e2:69:f7:25:7e:2f:5b:4b:bd:96:
9f:e6:39:50:83:93:b9:7d:36:92:8f:6f:1e:a9:13:b3:d8:1d:
53:59:11:bf:8e:b7:4c:c5:e7:3d:3f:15:fc:07:c6:cb:d1:9d:
b1:43:2f:fa:aa:c0:66:cd:59:5f:d3:50:bf:dd:d9:e1:9d:e9:
fa:80:24:2a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYSLTRk4mwE0YP6JEYdjgbJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE4MTUxMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWEyYTQ0YmJjMTlmZGU0ZGVkMTEwMDJhMDA2YTRkZjAyNzA1NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnnV3/+sHOqSq6G0N6b54ng5j1JVM
lOVtM5F6CtF2mGqigD6I7euMw73LZuVYLIfaYXYxt+z0yKWhKCcdyrKTo9lCTvlG
w7E90uSm2dcqpsv1OcpdylmswTdgAINbU4IjTK20L5NOAVs5cvd7gYtxNcQwwEY2
3gwS9mMx5DB+MTzqFQtA0JogFGCplUyfxTEPdDiysbvAVj6F70I/D2oQgGAsBxiF
VovSwf24epH7dK1Ghz3e8UXaBIjUAsMj1KWZUUvnK3+n95+nPObHMQOgTSG5fqnu
JawcvGWGWhB6i8yXkzOPaeot+Pp23JD6+Rfg0mMzO7yGkFCYlVjJqSZiVwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFO6ipEu8Gf3k3tEQAqAGpN8CcFcSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvN3FLa1M3d1pfZVRlMFJBQ29BYWszd0p3VnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWNgQAwQA
WNgTAwQAWNguMAwDBABY2NEDBANY2NAwDQYJKoZIhvcNAQELBQADggEBACuUKyEv
Oye3n9FIjgQBbdvH3JJtPnu4jS9Uzzs7okt4oy8T6Qm+RAdtwvrHNoYTnOWoqV2X
UdG6hiLNe80Uoxa/kZpitowYcsC8qrcL0ZySqJklmZOQYknK/7C19tBzM9hdo0cK
NevYZeCJdGGDsNsjnGpDLKtl9A9qNEKN7hhLoNniwFaPZsAEzpHbifeZJ17ji/ha
B9Trp0U4C3WpDmyH5n0JHiEklWH38CDCVpV3GbIZaJBFOWYdXmXU4mn3JX4vW0u9
lp/mOVCDk7l9NpKPbx6pE7PYHVNZEb+Ot0zF5z0/FfwHxsvRnbFDL/qqwGbNWV/T
UL/d2eGd6fqAJCo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org