Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Bqt5paU6mE8r4RbUHIQBF-upiTs.roa
File: Bqt5paU6mE8r4RbUHIQBF-upiTs.roa (raw, json)
Hash identifier: vIjTZVhktczlPRr9W46Dq6oAqlfSix0c0L/harY/VyU=
Subject key identifier: 06:AB:79:A5:A5:3A:98:4F:2B:E1:16:D4:1C:84:01:17:EB:A9:89:3B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0122A305
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Bqt5paU6mE8r4RbUHIQBF-upiTs.roa
Signing time: Thu 19 May 2022 13:25:29 +0000
ROA not before: Thu 19 May 2022 13:25:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.180.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
84.32.84.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19047173 (0x122a305)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 19 13:25:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06ab79a5a53a984f2be116d41c840117eba9893b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ce:93:de:8e:c4:a7:f9:c0:64:c3:e9:02:6b:
cb:3e:73:1c:c7:cb:aa:8e:86:15:ce:6b:74:e6:99:
7f:57:f7:50:33:0d:f8:5f:5d:3a:d0:f4:74:fb:02:
3a:ec:e8:2d:dd:fc:c8:38:44:1e:13:5c:8e:48:b5:
20:d2:da:50:bd:5a:4f:fc:e2:d7:20:d2:c6:19:48:
c1:ca:59:db:15:d1:9e:ea:f8:d5:6b:31:67:2c:04:
25:f1:59:1c:fa:ab:70:0f:2f:8a:af:f0:29:98:b1:
ae:f8:df:26:6a:18:9f:c3:71:86:cd:b4:33:3d:a1:
ed:a8:1a:1c:0e:78:f9:bd:fe:79:75:aa:b9:81:19:
78:1c:26:cf:b1:be:b2:7a:b1:35:6c:18:fb:11:0c:
2a:62:76:46:68:b2:33:33:8d:76:8e:a1:90:c0:8f:
b8:3a:61:d4:86:41:25:04:98:3d:67:d4:f1:6d:37:
27:aa:4d:ab:7e:9e:33:83:d9:41:ea:d6:eb:3d:27:
c3:37:9b:3c:63:30:56:e2:ea:c4:e8:9a:ed:4f:1c:
e7:12:46:07:cc:b2:7b:20:8f:b1:0a:71:e2:2f:ca:
69:16:5e:43:38:41:03:1c:36:55:6d:79:35:d8:bf:
a7:67:30:4a:c3:aa:f0:c1:73:d4:99:81:98:ea:b6:
51:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:AB:79:A5:A5:3A:98:4F:2B:E1:16:D4:1C:84:01:17:EB:A9:89:3B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Bqt5paU6mE8r4RbUHIQBF-upiTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0-84.32.87.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/23
88.216.90.0/24
88.216.180.0/22
88.216.185.0/24
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
29:17:7d:c1:1a:fa:4d:3a:fc:14:d6:40:1e:9b:d3:a4:ad:6e:
25:e7:71:44:ed:90:2c:5f:0c:f7:aa:e0:c2:5c:82:e7:1c:f2:
bc:18:d2:0b:96:af:0f:ba:c8:28:e0:43:8d:97:8d:67:15:08:
47:42:84:f9:94:b4:fc:aa:d4:00:07:6a:19:b6:57:58:e3:19:
ec:08:fc:7f:2b:58:06:28:fe:b9:25:e5:96:fe:db:ed:9d:70:
ea:68:fe:9a:8f:ec:e1:f4:c3:ee:4b:e1:ec:b3:a7:15:1a:9b:
ab:3c:db:5c:f6:5a:c0:f8:e2:c1:c4:80:f8:81:a8:40:a5:ae:
d9:47:0d:03:69:e9:5f:3b:7b:49:41:56:9c:c0:fd:c6:d3:cc:
b7:c4:23:4f:2f:93:11:83:97:c7:58:60:4e:0c:2f:3c:df:a5:
d8:f6:53:f2:94:38:6d:7c:85:90:fc:80:eb:fb:61:06:c7:6d:
0c:76:66:a9:39:5c:05:be:50:ff:48:15:42:ad:d7:45:cb:2d:
7b:ac:3c:b2:c7:f9:a5:94:80:7f:6a:68:46:ad:80:e1:cc:5b:
39:e8:fc:1c:a2:43:8c:03:9f:d5:5e:d7:d6:fe:bf:12:9a:88:
90:f9:b8:2e:74:85:bb:a2:6d:c7:a2:45:68:53:d6:a5:15:e0:
36:b4:2f:c5
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEASKjBTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUx
OTEzMjUyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDZhYjc5YTVhNTNh
OTg0ZjJiZTExNmQ0MWM4NDAxMTdlYmE5ODkzYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJbOk96OxKf5wGTD6QJryz5zHMfLqo6GFc5rdOaZf1f3UDMN
+F9dOtD0dPsCOuzoLd38yDhEHhNcjki1INLaUL1aT/zi1yDSxhlIwcpZ2xXRnur4
1WsxZywEJfFZHPqrcA8viq/wKZixrvjfJmoYn8Nxhs20Mz2h7agaHA54+b3+eXWq
uYEZeBwmz7G+snqxNWwY+xEMKmJ2RmiyMzONdo6hkMCPuDph1IZBJQSYPWfU8W03
J6pNq36eM4PZQerW6z0nwzebPGMwVuLqxOia7U8c5xJGB8yyeyCPsQpx4i/KaRZe
QzhBAxw2VW15Ndi/p2cwSsOq8MFz1JmBmOq2URUCAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBQGq3mlpTqYTyvhFtQchAEX66mJOzAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0JxdDVwYVU2bUU4cjRSYlVISVFCRi11cGlUcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHowDAMEAlQgBAMEAlQgCAMEA1Qg
GAMEA1QgKAMEA1QgQDAMAwQBVCBSAwQDVCBQAwQCWNgAAwQAWNgQMAwDBABY2BMD
BANY2BADBABY2CADBAFY2C4DBABY2FoDBAJY2LQDBABY2LkDBAJY2MQwDAMEAFjY
0QMEA1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAKRd9wRr6TTr8FNZAHpvTpK1uJedx
RO2QLF8M96rgwlyC5xzyvBjSC5avD7rIKOBDjZeNZxUIR0KE+ZS0/KrUAAdqGbZX
WOMZ7Aj8fytYBij+uSXllv7b7Z1w6mj+mo/s4fTD7kvh7LOnFRqbqzzbXPZawPji
wcSA+IGoQKWu2UcNA2npXzt7SUFWnMD9xtPMt8QjTy+TEYOXx1hgTgwvPN+l2PZT
8pQ4bXyFkPyA6/thBsdtDHZmqTlcBb5Q/0gVQq3XRcste6w8ssf5pZSAf2poRq2A
4cxbOej8HKJDjAOf1V7X1v6/EpqIkPm4LnSFu6Jtx6JFaFPWpRXgNrQvxQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org