Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G9uNd3jWpxZU0yGwkIvnoqBoptk.roa
File: G9uNd3jWpxZU0yGwkIvnoqBoptk.roa (raw, json)
Hash identifier: HxbFEsvZ60qYeUyvR0aC119IAjTW5lWGnahNtb5daS8=
Subject key identifier: 1B:DB:8D:77:78:D6:A7:16:54:D3:21:B0:90:8B:E7:A2:A0:68:A6:D9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: C88DF2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G9uNd3jWpxZU0yGwkIvnoqBoptk.roa
Signing time: Tue 19 Apr 2022 10:20:29 +0000
ROA not before: Tue 19 Apr 2022 10:20:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.180.0/22 maxlen: 24
84.32.84.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13143538 (0xc88df2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 19 10:20:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1bdb8d7778d6a71654d321b0908be7a2a068a6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d1:49:ec:b0:bd:88:19:fb:82:ca:a7:4d:36:
3e:22:06:24:87:4e:fc:ff:93:3b:ef:92:86:60:a5:
88:18:03:ab:0b:e5:57:fc:91:9a:1f:cd:db:cf:cd:
e7:72:a6:ab:66:fb:c8:39:00:de:7d:0c:b2:53:e4:
fe:13:ec:e7:ec:92:e8:68:cf:26:f1:6d:33:18:3a:
e8:7e:af:0f:c3:ce:1c:ac:f4:61:52:a3:15:38:e1:
fb:2c:03:7a:94:b6:12:97:34:70:d2:52:d8:ca:2e:
c6:d3:73:06:90:ee:ee:0e:d4:2b:a6:7b:f5:13:48:
9c:1d:9a:fe:69:9e:49:ba:74:0a:c3:e6:1b:ba:5c:
f6:38:9e:45:6f:ab:f7:38:05:9f:ae:fd:df:5c:54:
98:fe:98:36:2f:8f:9e:99:4a:10:fe:86:65:e0:aa:
41:df:2d:44:0f:19:05:d8:11:98:b4:be:eb:d3:41:
05:d8:a9:44:98:62:db:19:4b:c5:66:2f:6c:6d:f7:
56:f9:6c:f0:97:d2:d7:33:23:3e:75:96:3b:16:6c:
fa:f2:ac:7a:d6:6a:58:8a:00:48:b3:09:e6:81:2d:
34:d7:c8:37:96:8b:7b:4c:f7:17:af:5e:09:a0:24:
62:8d:83:d4:78:80:bc:09:8e:19:cc:2d:b8:0f:60:
40:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:DB:8D:77:78:D6:A7:16:54:D3:21:B0:90:8B:E7:A2:A0:68:A6:D9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/G9uNd3jWpxZU0yGwkIvnoqBoptk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.24.0/21
84.32.40.0/21
84.32.82.0-84.32.87.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/23
88.216.90.0/24
88.216.180.0/22
88.216.185.0/24
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
2b:fd:bb:b1:ad:8c:ef:a7:cb:95:1a:a5:e0:bf:13:86:d0:83:
48:74:a3:97:62:80:97:39:ab:69:54:7e:2a:68:6e:e4:95:b9:
72:06:3d:b8:00:38:bb:86:1e:4d:77:40:f5:ca:d7:ca:7e:63:
05:1a:70:7f:9a:bd:62:c0:fc:ce:76:33:d1:2f:06:92:17:20:
69:aa:75:f7:43:1c:c8:4e:6e:97:c8:9e:08:6d:b0:1c:9b:cb:
75:80:11:0f:01:e1:5d:1c:bf:2d:21:1a:38:80:de:b3:7e:ed:
84:44:83:cd:ce:da:9c:3e:45:38:d5:d0:3c:82:17:fd:0d:0e:
8d:1c:e5:67:1f:ee:68:97:1a:53:cb:5d:da:a2:70:c2:11:9c:
9e:d4:0d:cb:38:f1:e2:6f:7f:32:5b:f3:b1:f7:11:31:7d:8a:
d8:46:cd:d9:ba:d7:ae:f2:1f:d7:65:ed:68:05:1e:2d:0c:24:
53:a0:7a:ea:ba:a0:51:1f:b6:74:c2:d9:78:03:9c:19:77:29:
3f:03:95:de:c2:e4:38:cc:6f:2b:3f:d0:a3:93:ae:58:2b:7e:
1b:8a:3a:9f:8d:cf:83:17:74:73:24:8e:cf:bd:ce:e3:c2:e9:
a7:67:47:c9:81:ee:3f:a4:ab:27:5b:b2:36:7e:f2:91:81:b8:
c4:63:e6:7b
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEAMiN8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQx
OTEwMjAyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWJkYjhkNzc3OGQ2
YTcxNjU0ZDMyMWIwOTA4YmU3YTJhMDY4YTZkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHRSeywvYgZ+4LKp002PiIGJIdO/P+TO++ShmCliBgDqwvl
V/yRmh/N28/N53Kmq2b7yDkA3n0MslPk/hPs5+yS6GjPJvFtMxg66H6vD8POHKz0
YVKjFTjh+ywDepS2Epc0cNJS2MouxtNzBpDu7g7UK6Z79RNInB2a/mmeSbp0CsPm
G7pc9jieRW+r9zgFn67931xUmP6YNi+PnplKEP6GZeCqQd8tRA8ZBdgRmLS+69NB
BdipRJhi2xlLxWYvbG33Vvls8JfS1zMjPnWWOxZs+vKsetZqWIoASLMJ5oEtNNfI
N5aLe0z3F69eCaAkYo2D1HiAvAmOGcwtuA9gQGUCAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBQb2413eNanFlTTIbCQi+eioGim2TAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0c5dU5kM2pXcHhaVTB5R3drSXZub3FCb3B0ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHowDAMEAlQgBAMEAlQgCAMEA1Qg
GAMEA1QgKDAMAwQBVCBSAwQDVCBQAwQCWNgAAwQAWNgQMAwDBABY2BMDBANY2BAD
BABY2CADBAFY2C4DBABY2FoDBAJY2LQDBABY2LkDBAJY2LwDBAJY2MQwDAMEAFjY
0QMEA1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAK/27sa2M76fLlRql4L8ThtCDSHSj
l2KAlzmraVR+Kmhu5JW5cgY9uAA4u4YeTXdA9crXyn5jBRpwf5q9YsD8znYz0S8G
khcgaap190McyE5ul8ieCG2wHJvLdYARDwHhXRy/LSEaOIDes37thESDzc7anD5F
ONXQPIIX/Q0OjRzlZx/uaJcaU8td2qJwwhGcntQNyzjx4m9/MlvzsfcRMX2K2EbN
2brXrvIf12XtaAUeLQwkU6B66rqgUR+2dMLZeAOcGXcpPwOV3sLkOMxvKz/Qo5Ou
WCt+G4o6n43Pgxd0cySOz73O48Lpp2dHyYHuP6SrJ1uyNn7ykYG4xGPmew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org