Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GnE9ClEFB34U1LKKF6VYtt54x0w.roa
File: GnE9ClEFB34U1LKKF6VYtt54x0w.roa (raw, json)
Hash identifier: DQHvXD+gpc9X2IttVpxPO75i+YSAF5+KXr5krPhIuV8=
Subject key identifier: 1A:71:3D:0A:51:05:07:7E:14:D4:B2:8A:17:A5:58:B6:DE:78:C7:4C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01830ED887FCEB110F74C330689274C06480
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GnE9ClEFB34U1LKKF6VYtt54x0w.roa
Signing time: Mon 05 Sep 2022 18:10:15 +0000
ROA not before: Mon 05 Sep 2022 18:10:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.16.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 22
88.216.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:0e:d8:87:fc:eb:11:0f:74:c3:30:68:92:74:c0:64:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 5 18:10:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1a713d0a5105077e14d4b28a17a558b6de78c74c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:91:41:86:3c:11:1f:cc:8d:42:4a:a6:d7:5d:
00:79:6e:0d:ec:3b:e7:cc:81:ae:12:e4:15:94:1b:
4d:91:35:d8:de:4e:01:d9:30:ea:1c:6a:b9:60:af:
4c:61:73:a1:c9:3e:c4:ee:14:cc:33:86:4d:62:e8:
0d:db:60:e3:74:26:22:75:77:3e:c4:ef:f2:fd:a1:
26:53:d8:54:0f:9c:99:dc:26:3a:1b:e9:4f:d5:f8:
36:e9:44:3b:aa:1c:96:4d:d3:8b:af:7c:ce:28:9a:
1a:37:f7:d4:ba:17:64:2a:0f:8d:59:ad:e9:5f:18:
21:0f:9b:bc:3d:bd:0c:13:db:e0:87:ba:61:21:20:
de:9d:52:e4:79:64:1a:e4:a2:f9:ce:a6:4c:12:4f:
31:a7:9e:e8:12:0c:ba:19:ce:7b:29:be:c4:b9:74:
f9:19:e0:29:e0:86:5f:3c:1c:f7:f7:d3:e8:71:f0:
56:d9:57:70:5c:e1:f7:fd:51:1f:d4:f4:59:dd:60:
98:bd:c7:00:50:a3:e8:d6:c2:24:ae:56:65:de:68:
e9:2a:26:49:e4:3d:f6:fe:f2:dc:c3:05:bb:f8:56:
8d:2d:3f:dd:00:b4:b1:c7:34:04:77:a6:2e:45:96:
d4:50:f3:b4:b4:72:e1:01:7c:b6:cd:3a:f5:98:ce:
12:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:71:3D:0A:51:05:07:7E:14:D4:B2:8A:17:A5:58:B6:DE:78:C7:4C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/GnE9ClEFB34U1LKKF6VYtt54x0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
88.216.16.0/23
88.216.92.0/22
88.216.129.0/24
88.216.134.0/24
Signature Algorithm: sha256WithRSAEncryption
37:51:d9:79:46:45:58:54:c9:44:b0:80:99:83:04:9a:ae:70:
83:2a:85:84:49:81:7a:9a:48:1c:ea:bd:2c:c2:49:88:6b:90:
c6:7a:30:f9:46:d0:b1:cf:fb:e5:53:cf:c0:2e:69:6a:eb:30:
16:ca:15:2a:ba:1a:1c:ab:be:96:72:74:8a:d2:44:20:e1:78:
3c:fc:82:65:ec:e2:21:dd:41:01:ea:5a:72:ff:59:a6:3e:8c:
7e:d5:d6:0f:35:50:a8:fd:f4:c7:19:00:8a:97:d5:2d:26:57:
e1:51:ce:96:86:37:32:ce:07:aa:44:11:8b:26:2f:87:24:d7:
42:8a:42:2c:4e:ac:d3:a8:af:08:15:72:23:58:a2:f5:dc:8a:
a0:1a:50:5b:8d:b3:87:ce:f5:e8:e5:e1:bb:ca:1f:c2:b0:1a:
57:a7:d8:56:d3:c4:44:53:a7:61:b2:f9:17:2c:fd:18:1a:b7:
33:a0:06:a3:44:a7:61:29:2f:42:ec:ac:b7:93:5d:84:e8:72:
6e:9f:d8:15:22:aa:04:f4:ed:cd:36:62:2e:2e:97:1e:4f:41:
c9:1a:04:c5:b3:52:1a:44:e5:88:25:de:76:83:43:a5:fd:17:
78:ae:25:6e:06:e9:32:f2:ee:7c:a5:dd:63:d8:d4:a3:af:1b:
f1:9f:19:b6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYMO2If86xEPdMMwaJJ0wGSAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTA1MTgxMDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTcxM2QwYTUxMDUwNzdlMTRkNGIyOGExN2E1NThiNmRlNzhjNzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy5FBhjwRH8yNQkqm110AeW4N7Dvn
zIGuEuQVlBtNkTXY3k4B2TDqHGq5YK9MYXOhyT7E7hTMM4ZNYugN22DjdCYidXc+
xO/y/aEmU9hUD5yZ3CY6G+lP1fg26UQ7qhyWTdOLr3zOKJoaN/fUuhdkKg+NWa3p
XxghD5u8Pb0ME9vgh7phISDenVLkeWQa5KL5zqZMEk8xp57oEgy6Gc57Kb7EuXT5
GeAp4IZfPBz399PocfBW2VdwXOH3/VEf1PRZ3WCYvccAUKPo1sIkrlZl3mjpKiZJ
5D32/vLcwwW7+FaNLT/dALSxxzQEd6YuRZbUUPO0tHLhAXy2zTr1mM4SOwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBpxPQpRBQd+FNSyihelWLbeeMdMMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvR25FOUNsRUZCMzRVMUxLS0Y2Vll0dDU0eDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVCAYAwQB
WNgQAwQCWNhcAwQAWNiBAwQAWNiGMA0GCSqGSIb3DQEBCwUAA4IBAQA3Udl5RkVY
VMlEsICZgwSarnCDKoWESYF6mkgc6r0swkmIa5DGejD5RtCxz/vlU8/ALmlq6zAW
yhUquhocq76WcnSK0kQg4Xg8/IJl7OIh3UEB6lpy/1mmPox+1dYPNVCo/fTHGQCK
l9UtJlfhUc6WhjcyzgeqRBGLJi+HJNdCikIsTqzTqK8IFXIjWKL13IqgGlBbjbOH
zvXo5eG7yh/CsBpXp9hW08REU6dhsvkXLP0YGrczoAajRKdhKS9C7Ky3k12E6HJu
n9gVIqoE9O3NNmIuLpceT0HJGgTFs1IaROWIJd52g0Ol/Rd4riVuBuky8u58pd1j
2NSjrxvxnxm2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org