Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BtMm_7MwoASuMbjluyQcin8swAQ.roa
File: BtMm_7MwoASuMbjluyQcin8swAQ.roa (raw, json)
Hash identifier: gel7MtRPX1XLa3llS95pymM0emIEGqfOVvFtn9uLfBc=
Subject key identifier: 06:D3:26:FF:B3:30:A0:04:AE:31:B8:E5:BB:24:1C:8A:7F:2C:C0:04
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 633E9E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BtMm_7MwoASuMbjluyQcin8swAQ.roa
Signing time: Wed 23 Mar 2022 15:24:54 +0000
ROA not before: Wed 23 Mar 2022 15:24:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.33.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6504094 (0x633e9e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 23 15:24:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=06d326ffb330a004ae31b8e5bb241c8a7f2cc004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ee:4e:2b:09:97:07:25:e5:ff:b4:8f:42:b9:
d8:a0:1e:c2:61:06:a4:4d:8d:00:87:9a:3f:3d:11:
4e:7b:70:30:3b:a3:a6:f2:13:c3:86:80:9d:1e:4b:
4e:d7:17:34:61:9d:1f:ae:95:e8:30:8b:12:89:72:
aa:81:8e:ce:23:c1:45:38:36:ab:33:aa:df:20:a5:
b7:68:f2:0c:75:2c:e2:67:42:f0:a1:22:9d:fd:6c:
30:88:c2:c9:63:17:0d:13:94:64:52:cb:f9:ad:69:
1c:af:30:7f:41:f0:90:f7:93:81:d6:c3:d4:4a:09:
a5:2f:5c:0d:e9:da:ab:db:fa:71:e4:a5:2f:d3:43:
0d:d4:3d:ae:05:3a:fb:8d:68:b9:f3:bc:9b:1d:b8:
89:15:ad:83:a9:ac:75:43:ed:bd:7a:ba:b4:40:4d:
b7:c9:b9:b1:6d:63:e3:c6:b4:48:12:fa:26:21:c9:
e3:1d:aa:0b:8b:d6:c3:1c:d0:8c:a9:d1:fc:1e:98:
b6:25:40:aa:79:21:63:48:47:79:93:b7:58:76:73:
af:2b:39:f7:ba:3d:f2:9e:32:81:fa:05:b7:c5:61:
b4:dc:57:83:4a:96:46:30:cd:88:34:e1:6f:15:9d:
b6:a5:98:a0:56:95:0f:1d:66:e7:a0:e2:2a:72:67:
f0:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:D3:26:FF:B3:30:A0:04:AE:31:B8:E5:BB:24:1C:8A:7F:2C:C0:04
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BtMm_7MwoASuMbjluyQcin8swAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/23
88.216.46.0/23
88.216.180.0/22
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
56:80:89:b2:fe:e3:2f:64:21:6b:dd:9d:ef:7f:3c:cc:ae:07:
1e:b2:e3:07:d9:27:84:9f:dd:3e:dc:cb:ed:b8:27:bb:6f:28:
4c:20:d2:f0:d6:89:91:cb:b3:d5:6d:22:dd:bf:3d:8a:29:73:
49:98:66:d8:78:d3:12:fd:60:1a:f2:e3:e2:3e:50:6b:31:30:
75:f8:d8:28:36:d3:98:d0:91:d4:b5:04:74:85:dc:14:e4:03:
b3:51:9a:a2:af:6a:5b:9b:e7:6a:d2:45:9b:ea:ed:42:13:fc:
75:a1:a3:31:7b:69:69:63:eb:7f:c7:13:69:47:d4:fe:88:9d:
90:1e:62:e3:fd:f0:b8:58:c5:07:33:c9:11:3d:b7:f7:98:31:
e5:2e:ca:00:58:1b:fc:71:03:8b:aa:58:66:f6:a4:9d:65:ae:
c4:92:6a:f6:db:ca:9b:95:23:aa:07:0f:86:74:db:f3:1f:9a:
6a:81:49:03:9a:18:55:3b:d4:00:c0:7e:56:91:a8:cb:fa:7d:
8b:32:05:f2:95:38:1c:7e:8d:70:ac:cc:9f:f6:97:89:2d:a2:
5d:d3:fd:c7:44:1b:95:04:a8:e4:3f:c9:90:7c:eb:9a:a8:46:
40:c5:51:7f:ce:a4:86:54:da:c7:c1:a4:b5:0f:14:b2:ee:96:
16:92:bd:15
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIDYz6eMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzIz
MTUyNDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNmQzMjZmZmIzMzBh
MDA0YWUzMWI4ZTViYjI0MWM4YTdmMmNjMDA0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyu5OKwmXByXl/7SPQrnYoB7CYQakTY0Ah5o/PRFOe3AwO6Om
8hPDhoCdHktO1xc0YZ0frpXoMIsSiXKqgY7OI8FFODarM6rfIKW3aPIMdSziZ0Lw
oSKd/WwwiMLJYxcNE5RkUsv5rWkcrzB/QfCQ95OB1sPUSgmlL1wN6dqr2/px5KUv
00MN1D2uBTr7jWi587ybHbiJFa2Dqax1Q+29erq0QE23ybmxbWPjxrRIEvomIcnj
HaoLi9bDHNCMqdH8Hpi2JUCqeSFjSEd5k7dYdnOvKzn3uj3ynjKB+gW3xWG03FeD
SpZGMM2INOFvFZ22pZigVpUPHWbnoOIqcmfwsQIDAQABo4ICVzCCAlMwHQYDVR0O
BBYEFAbTJv+zMKAErjG45bskHIp/LMAEMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
QnRNbV83TXdvQVN1TWJqbHV5UWNpbjhzd0FRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMG0G
CCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAJUIAQDBAJUIAgDBAJY2AADBABY
2BAwDAMEAFjYEwMEA1jYEAMEAVjYIAMEAVjYLgMEAljYtAMEAljYvAMEAljYxDAM
AwQAWNjRAwQDWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQBWgImy/uMvZCFr3Z3vfzzM
rgcesuMH2SeEn90+3MvtuCe7byhMINLw1omRy7PVbSLdvz2KKXNJmGbYeNMS/WAa
8uPiPlBrMTB1+NgoNtOY0JHUtQR0hdwU5AOzUZqir2pbm+dq0kWb6u1CE/x1oaMx
e2lpY+t/xxNpR9T+iJ2QHmLj/fC4WMUHM8kRPbf3mDHlLsoAWBv8cQOLqlhm9qSd
Za7Ekmr228qblSOqBw+GdNvzH5pqgUkDmhhVO9QAwH5WkajL+n2LMgXylTgcfo1w
rMyf9peJLaJd0/3HRBuVBKjkP8mQfOuaqEZAxVF/zqSGVNrHwaS1DxSy7pYWkr0V
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:45 2023 by rpki-client on console-fra.rpki-client.org