Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CuNedQgB7CCBaZOJNLiyBt78hgk.roa
File: CuNedQgB7CCBaZOJNLiyBt78hgk.roa (raw, json)
Hash identifier: ck2O1KU6iekzA79Ayb+LHvjWPDaNp9kLy/cBmmfZL4g=
Subject key identifier: 0A:E3:5E:75:08:01:EC:20:81:69:93:89:34:B8:B2:06:DE:FC:86:09
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849E6C6B461D9F993669CEC526CDBDC98D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CuNedQgB7CCBaZOJNLiyBt78hgk.roa
Signing time: Tue 22 Nov 2022 08:20:16 +0000
ROA not before: Tue 22 Nov 2022 08:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:6c:6b:46:1d:9f:99:36:69:ce:c5:26:cd:bd:c9:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 22 08:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0ae35e750801ec208169938934b8b206defc8609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:99:cb:f2:f3:91:03:53:16:6b:66:6d:c7:28:
1a:d2:c1:a9:b2:1b:c3:f5:87:a6:b1:73:ab:58:be:
d3:3d:a2:4d:b1:98:71:b8:63:bd:17:63:12:f0:8f:
6c:c3:0b:8b:03:7c:97:d8:20:f8:a5:5d:4f:49:81:
5e:7c:01:29:4f:9c:39:11:cc:d2:b7:d0:a6:c7:af:
00:0f:42:f5:49:78:50:b2:47:59:e6:df:1e:e6:e7:
2d:cd:d8:0f:65:b5:c2:34:e1:16:0d:7d:98:fe:82:
d1:38:9a:3c:8b:f3:06:8e:44:ab:cb:1e:48:d3:4f:
10:e5:b3:26:9a:74:a5:5f:b9:4f:89:b8:d5:4f:31:
b7:19:6d:55:df:cf:a6:3d:30:2d:df:42:db:46:5b:
74:af:b7:b1:a0:af:80:d2:47:7e:58:40:d1:ca:e5:
de:16:c0:d7:f5:f6:74:dc:4a:21:2c:f2:cc:b7:22:
64:f7:74:e6:05:23:91:c1:0f:15:24:0c:b5:c2:13:
13:de:0d:c4:77:12:a2:98:62:71:8d:0a:21:7c:6d:
6d:a1:37:b1:19:58:04:43:6f:f9:83:a1:3a:5c:44:
50:bf:0e:3c:c1:b9:da:61:ee:73:85:31:a0:45:bb:
00:4b:ba:2d:eb:d2:bc:46:43:2b:d4:79:60:62:92:
5f:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E3:5E:75:08:01:EC:20:81:69:93:89:34:B8:B2:06:DE:FC:86:09
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CuNedQgB7CCBaZOJNLiyBt78hgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
84:ae:10:53:5a:d3:43:3b:ec:9f:36:84:35:e4:fe:28:5e:d6:
a1:f9:c8:20:c3:30:d0:67:b7:fc:de:2c:9d:fb:dc:7d:cf:dc:
41:31:ac:7a:8d:7a:b5:01:26:02:43:99:5c:6f:8d:ff:e6:e5:
5c:98:ec:47:7a:56:b8:69:04:4f:65:72:e7:dd:05:f5:1a:a5:
94:5d:79:b0:8c:48:ee:e1:e4:ac:a3:76:d9:4b:cf:b2:50:e8:
31:57:32:94:af:56:c1:30:89:2c:74:0b:c1:b6:c6:d5:39:ee:
a4:b7:12:7c:cd:38:41:aa:f8:4e:fd:14:4c:35:ca:9e:3c:0b:
54:e1:80:15:be:1b:70:d0:d9:79:96:63:ed:32:2e:af:98:c2:
78:f2:0c:a1:57:9c:79:1e:ca:01:bf:cd:35:a2:13:44:91:65:
8a:e7:39:71:af:ba:65:6c:59:71:f9:e8:c5:48:a0:a1:25:cb:
e4:a5:07:2d:43:4b:3d:ce:d0:34:89:58:bf:2c:fb:db:4d:da:
1c:74:bd:f6:f0:1b:b7:1d:53:05:6f:c6:1f:11:cf:c0:59:d6:
dd:82:f4:33:47:98:f2:89:d0:df:d3:41:19:54:9a:34:ed:a3:
8e:72:79:d1:e0:01:66:6b:80:7a:df:5c:47:c0:c8:2d:76:86:
f0:42:1f:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSebGtGHZ+ZNmnOxSbNvcmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIyMDgyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWUzNWU3NTA4MDFlYzIwODE2OTkzODkzNGI4YjIwNmRlZmM4NjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZnL8vORA1MWa2Ztxyga0sGpshvD
9YemsXOrWL7TPaJNsZhxuGO9F2MS8I9swwuLA3yX2CD4pV1PSYFefAEpT5w5EczS
t9Cmx68AD0L1SXhQskdZ5t8e5uctzdgPZbXCNOEWDX2Y/oLROJo8i/MGjkSryx5I
008Q5bMmmnSlX7lPibjVTzG3GW1V38+mPTAt30LbRlt0r7exoK+A0kd+WEDRyuXe
FsDX9fZ03EohLPLMtyJk93TmBSORwQ8VJAy1whMT3g3EdxKimGJxjQohfG1toTex
GVgEQ2/5g6E6XERQvw48wbnaYe5zhTGgRbsAS7ot69K8RkMr1HlgYpJfQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArjXnUIAewggWmTiTS4sgbe/IYJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ3VOZWRRZ0I3Q0NCYVpPSk5MaXlCdDc4aGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNjUMA0G
CSqGSIb3DQEBCwUAA4IBAQCErhBTWtNDO+yfNoQ15P4oXtah+cggwzDQZ7f83iyd
+9x9z9xBMax6jXq1ASYCQ5lcb43/5uVcmOxHela4aQRPZXLn3QX1GqWUXXmwjEju
4eSso3bZS8+yUOgxVzKUr1bBMIksdAvBtsbVOe6ktxJ8zThBqvhO/RRMNcqePAtU
4YAVvhtw0Nl5lmPtMi6vmMJ48gyhV5x5HsoBv801ohNEkWWK5zlxr7plbFlx+ejF
SKChJcvkpQctQ0s9ztA0iVi/LPvbTdocdL328Bu3HVMFb8YfEc/AWdbdgvQzR5jy
idDf00EZVJo07aOOcnnR4AFma4B631xHwMgtdobwQh9b
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:28 2023 by rpki-client on console-ams.rpki-client.org