Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cqxp-KVxuC9QsKXP1LxLn40pIzo.roa
File: Cqxp-KVxuC9QsKXP1LxLn40pIzo.roa (raw, json)
Hash identifier: oRkQaZzMhuJEOC3PiDP82p/98R3kChWaLtf7+d/lEbA=
Subject key identifier: 0A:AC:69:F8:A5:71:B8:2F:50:B0:A5:CF:D4:BC:4B:9F:8D:29:23:3A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184AEEE6AE066F5819CA9FB8E8D9FCD46D1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cqxp-KVxuC9QsKXP1LxLn40pIzo.roa
Signing time: Fri 25 Nov 2022 13:16:11 +0000
ROA not before: Fri 25 Nov 2022 13:16:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 88.216.189.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ae:ee:6a:e0:66:f5:81:9c:a9:fb:8e:8d:9f:cd:46:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 25 13:16:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0aac69f8a571b82f50b0a5cfd4bc4b9f8d29233a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c2:1c:da:32:4b:1a:fd:7d:1f:8d:87:a4:2b:
cb:99:57:09:91:82:d5:cc:04:76:45:4c:3e:8e:74:
88:59:72:cd:0f:20:e0:60:15:5a:c2:b8:6c:56:51:
37:e5:35:23:d1:11:60:4c:be:5a:84:56:40:5c:2a:
a3:c9:4f:4f:70:4f:cb:00:c2:c3:f6:42:8f:c4:94:
03:83:3c:9b:fb:6c:88:6d:e3:b5:af:8e:d8:ad:e6:
ef:d1:da:6c:34:3e:c7:ac:2d:49:3c:6a:9f:68:67:
7b:f5:55:2d:2c:1b:50:72:67:20:72:e7:11:09:97:
d1:a3:1b:17:94:f6:a1:50:36:01:c1:f6:8a:bb:3f:
2c:39:4b:b7:03:4c:f3:7e:29:08:ca:39:27:f1:73:
ab:e3:df:d8:cb:53:02:c3:24:c4:22:7d:3e:9c:18:
e9:8f:3d:18:0a:23:7a:eb:89:c2:16:f0:36:ed:1c:
7a:ec:39:a3:a4:14:cc:19:77:54:0f:3b:5d:3e:91:
36:98:20:8b:9c:dd:95:19:a4:66:bc:65:23:4c:1a:
58:62:91:45:82:75:4a:28:56:65:3f:8c:8e:48:6a:
0e:2c:89:99:a9:30:c9:bb:31:0f:87:62:01:32:fb:
8e:86:1c:85:8e:06:18:45:6b:38:be:ab:d6:16:35:
87:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AC:69:F8:A5:71:B8:2F:50:B0:A5:CF:D4:BC:4B:9F:8D:29:23:3A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Cqxp-KVxuC9QsKXP1LxLn40pIzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.231.0/24
84.32.234.0/24
88.216.18.0/24
88.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:16:11:14:06:8c:4e:70:47:45:91:58:1f:a0:5f:10:c2:59:
67:3f:93:86:46:ad:e9:f9:78:dd:0c:03:b8:26:c5:3a:2e:50:
74:d6:f2:a6:5b:31:3b:4d:85:41:10:9f:51:e9:1f:21:70:35:
e8:19:ef:b0:b3:aa:88:22:2c:10:eb:ba:88:f4:b8:87:42:1a:
81:bb:40:98:fc:f3:2d:2a:24:4d:c2:1b:51:29:87:26:4a:e5:
fa:4e:f5:81:1d:d8:6d:de:c9:f7:06:84:e5:66:73:a5:eb:97:
98:10:b6:92:5c:ad:08:16:ed:5b:c2:b3:bb:4f:1a:1b:ca:fa:
ba:9f:b8:2d:c4:9e:22:02:ee:3b:b0:e1:c6:af:6a:2c:c2:21:
0f:7b:fb:d6:3b:f9:24:e0:cc:08:f8:58:00:83:c3:38:d4:50:
6e:03:f8:05:a8:ec:82:76:be:3b:a7:b3:4e:34:f6:18:7d:c5:
2a:66:2e:4c:82:a6:bb:3a:ee:44:ae:5f:84:b1:e1:6d:fe:c4:
6d:1d:4a:91:7d:3d:85:13:2a:b0:83:00:a0:97:29:1d:87:61:
14:38:7e:d4:59:1e:b7:59:45:3a:28:e5:b8:34:62:50:12:7c:
9a:7b:e8:80:0d:c3:f2:97:70:c6:8a:8c:be:81:a0:b7:dc:88:
d4:82:e8:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSu7mrgZvWBnKn7jo2fzUbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI1MTMxNjExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFjNjlmOGE1NzFiODJmNTBiMGE1Y2ZkNGJjNGI5ZjhkMjkyMzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosIc2jJLGv19H42HpCvLmVcJkYLV
zAR2RUw+jnSIWXLNDyDgYBVawrhsVlE35TUj0RFgTL5ahFZAXCqjyU9PcE/LAMLD
9kKPxJQDgzyb+2yIbeO1r47Yrebv0dpsND7HrC1JPGqfaGd79VUtLBtQcmcgcucR
CZfRoxsXlPahUDYBwfaKuz8sOUu3A0zzfikIyjkn8XOr49/Yy1MCwyTEIn0+nBjp
jz0YCiN664nCFvA27Rx67DmjpBTMGXdUDztdPpE2mCCLnN2VGaRmvGUjTBpYYpFF
gnVKKFZlP4yOSGoOLImZqTDJuzEPh2IBMvuOhhyFjgYYRWs4vqvWFjWHgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAqsafilcbgvULClz9S8S5+NKSM6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ3F4cC1LVnh1QzlRc0tYUDFMeExuNDBwSXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCDnAwQA
VCDqAwQAWNgSAwQAWNi9MA0GCSqGSIb3DQEBCwUAA4IBAQBeFhEUBoxOcEdFkVgf
oF8QwllnP5OGRq3p+XjdDAO4JsU6LlB01vKmWzE7TYVBEJ9R6R8hcDXoGe+ws6qI
IiwQ67qI9LiHQhqBu0CY/PMtKiRNwhtRKYcmSuX6TvWBHdht3sn3BoTlZnOl65eY
ELaSXK0IFu1bwrO7Txobyvq6n7gtxJ4iAu47sOHGr2oswiEPe/vWO/kk4MwI+FgA
g8M41FBuA/gFqOyCdr47p7NONPYYfcUqZi5Mgqa7Ou5Erl+EseFt/sRtHUqRfT2F
EyqwgwCglykdh2EUOH7UWR63WUU6KOW4NGJQEnyae+iADcPyl3DGioy+gaC33IjU
guhK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:45 2023 by rpki-client on console-fra.rpki-client.org