Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G4p_T_2C80mnRcqTtR6ZnWZgaCs.roa
File: G4p_T_2C80mnRcqTtR6ZnWZgaCs.roa (raw, json)
Hash identifier: ohA/A3Cz9j530khYoxNqbHBp9aLQh4ersx1KRF5zAio=
Subject key identifier: 1B:8A:7F:4F:FD:82:F3:49:A7:45:CA:93:B5:1E:99:9D:66:60:68:2B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018410A4944173FF7E71C6A75A0AA419DCF3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G4p_T_2C80mnRcqTtR6ZnWZgaCs.roa
Signing time: Tue 25 Oct 2022 19:35:32 +0000
ROA not before: Tue 25 Oct 2022 19:35:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:10:a4:94:41:73:ff:7e:71:c6:a7:5a:0a:a4:19:dc:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 25 19:35:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1b8a7f4ffd82f349a745ca93b51e999d6660682b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1e:e2:65:34:8c:fb:a2:43:70:11:70:6b:c4:
ac:8e:a2:7b:06:f8:e4:bf:75:28:c3:12:3e:43:aa:
1e:6c:26:27:b6:0b:3e:ea:10:68:10:5d:af:b2:2d:
a1:8c:f0:26:10:ac:1e:a5:4e:10:38:02:df:14:41:
78:bc:97:78:b9:81:cc:86:e7:83:29:e8:84:10:0e:
68:f7:7b:fe:a0:0f:dd:21:15:a4:24:14:4a:b7:09:
22:30:45:83:5f:26:3f:fe:51:b2:a2:cf:17:04:4f:
dd:ce:33:4b:44:cd:2c:2b:4d:c8:47:e4:30:88:f3:
58:88:8a:b1:0d:c0:6c:79:a2:73:5c:fd:3d:3a:a5:
38:4b:2f:9f:16:3c:fb:9f:b2:ed:14:ad:ba:c1:7f:
a0:b5:be:18:02:18:eb:10:32:5d:ef:f9:a8:6e:0b:
cc:1a:0b:4f:e6:ea:ad:5a:08:82:a5:30:7e:69:fe:
18:60:de:a1:2f:fd:9e:cd:d1:06:0d:37:c7:c5:16:
9e:a1:ac:2d:6e:66:1f:04:47:54:52:b7:73:cd:80:
3f:bb:7c:39:d0:7f:89:cd:5c:6e:ec:ef:b5:5d:73:
49:20:7b:2a:a1:bf:e4:bd:3f:58:69:2b:a5:e9:56:
7e:49:43:0b:33:dd:62:7d:1d:08:43:14:6b:07:50:
97:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:8A:7F:4F:FD:82:F3:49:A7:45:CA:93:B5:1E:99:9D:66:60:68:2B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G4p_T_2C80mnRcqTtR6ZnWZgaCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.180.0/22
88.216.212.0/22
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
4b:bf:23:e8:b3:59:9e:5d:e3:d8:dc:90:95:7c:e1:05:14:bb:
4b:f5:98:2d:02:ee:10:2e:86:a3:77:89:6e:26:3a:6b:17:ea:
d4:9f:4d:23:fe:f4:ed:c4:38:e2:f3:62:5f:2e:0a:d3:b4:0c:
13:b8:26:1d:9a:a9:05:ba:05:b5:53:a8:f9:70:ac:68:98:54:
af:6d:06:11:f5:db:dd:3a:30:14:5d:e1:2e:70:96:08:38:78:
8a:03:2c:0f:84:68:5a:c1:14:60:d6:f5:d7:87:0c:38:8c:19:
f1:d6:8f:e7:8b:7e:b6:14:97:d9:b4:3d:4a:ec:3d:ff:db:d0:
2b:4a:bb:ab:8a:96:51:c2:af:71:cf:36:1d:58:6b:8b:a3:12:
2b:93:7a:31:be:6e:e1:f6:44:52:2a:99:77:e0:43:7f:04:cf:
38:98:91:2c:ab:e5:2c:a1:a7:f5:f0:6a:03:46:6e:47:de:a4:
15:64:9a:ab:15:22:0a:2c:f9:8d:7e:aa:f2:d3:ec:6d:4d:c3:
4c:c9:b9:57:a2:40:b7:e1:51:06:e1:94:cb:54:09:61:2c:8e:
2c:de:e7:74:2e:a4:74:91:e9:8a:2f:eb:3c:de:2a:4d:d1:5e:
6a:e7:df:e0:d6:ca:53:ee:23:5a:72:3b:2b:fd:dc:e9:98:16:
5b:a8:5a:1c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYQQpJRBc/9+ccanWgqkGdzzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI1MTkzNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjhhN2Y0ZmZkODJmMzQ5YTc0NWNhOTNiNTFlOTk5ZDY2NjA2ODJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4x7iZTSM+6JDcBFwa8SsjqJ7Bvjk
v3UowxI+Q6oebCYntgs+6hBoEF2vsi2hjPAmEKwepU4QOALfFEF4vJd4uYHMhueD
KeiEEA5o93v+oA/dIRWkJBRKtwkiMEWDXyY//lGyos8XBE/dzjNLRM0sK03IR+Qw
iPNYiIqxDcBseaJzXP09OqU4Sy+fFjz7n7LtFK26wX+gtb4YAhjrEDJd7/mobgvM
GgtP5uqtWgiCpTB+af4YYN6hL/2ezdEGDTfHxRaeoawtbmYfBEdUUrdzzYA/u3w5
0H+JzVxu7O+1XXNJIHsqob/kvT9YaSul6VZ+SUMLM91ifR0IQxRrB1CXywIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBuKf0/9gvNJp0XKk7UemZ1mYGgrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRzRwX1RfMkM4MG1uUmNxVHRSNlpuV1pnYUNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCWNi0AwQC
WNjUAwQCWNjkMAwDBAJY2OwDBANY2PAwDQYJKoZIhvcNAQELBQADggEBAEu/I+iz
WZ5d49jckJV84QUUu0v1mC0C7hAuhqN3iW4mOmsX6tSfTSP+9O3EOOLzYl8uCtO0
DBO4Jh2aqQW6BbVTqPlwrGiYVK9tBhH12906MBRd4S5wlgg4eIoDLA+EaFrBFGDW
9deHDDiMGfHWj+eLfrYUl9m0PUrsPf/b0CtKu6uKllHCr3HPNh1Ya4ujEiuTejG+
buH2RFIqmXfgQ38EzziYkSyr5Syhp/XwagNGbkfepBVkmqsVIgos+Y1+qvLT7G1N
w0zJuVeiQLfhUQbhlMtUCWEsjize53QupHSR6Yov6zzeKk3RXmrn3+DWylPuI1py
Oyv93OmYFluoWhw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org