Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HMikOxTKCUcGV-0x0QZHjSGf4wA.roa
File: HMikOxTKCUcGV-0x0QZHjSGf4wA.roa (raw, json)
Hash identifier: uX5pNERs20UBQlOeMp62BQHsW3M1l8OkFGu0mXzYXDw=
Subject key identifier: 1C:C8:A4:3B:14:CA:09:47:06:57:ED:31:D1:06:47:8D:21:9F:E3:00
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183E70F486149B15C74E32A316DC0092A48
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HMikOxTKCUcGV-0x0QZHjSGf4wA.roa
Signing time: Mon 17 Oct 2022 17:48:01 +0000
ROA not before: Mon 17 Oct 2022 17:48:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.216.0/22 maxlen: 24
88.216.220.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
84.32.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e7:0f:48:61:49:b1:5c:74:e3:2a:31:6d:c0:09:2a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 17 17:48:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cc8a43b14ca09470657ed31d106478d219fe300
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8c:d1:31:91:67:20:9b:c7:e4:3a:ea:72:e9:
f7:b8:4f:4a:9d:0e:4e:0d:c2:40:56:d7:89:cf:49:
d8:45:2a:58:08:9e:02:8b:6d:06:dc:be:f7:4c:48:
a6:f5:97:60:e5:f4:3c:9c:09:2d:26:c5:b6:a2:1b:
58:ec:48:11:2d:47:22:b5:83:dc:59:ec:1c:21:a6:
2a:ee:58:56:29:0b:5b:2d:8b:56:aa:24:7c:d3:a4:
ce:7d:8a:6f:e6:c9:c1:9b:04:22:85:61:d6:41:8e:
68:99:98:42:16:63:c8:e5:7e:c8:8c:34:d9:33:00:
58:1d:ce:dc:a2:0e:a3:d7:e1:9b:72:62:ac:0c:ec:
c6:62:8e:db:63:d6:f8:f7:a2:24:00:05:15:46:88:
e1:95:9e:55:4c:62:cc:2d:ec:72:8c:cc:d7:90:89:
d2:12:73:1d:5a:53:fa:88:43:47:b4:c9:5a:95:d0:
73:af:a7:a6:3c:c2:f1:14:83:52:09:bd:48:68:7d:
63:9d:0b:bf:1b:f0:6e:2c:0c:ae:94:0b:53:22:b3:
8a:75:4a:42:53:19:79:0b:8e:9f:c5:b5:fb:7d:fe:
52:bb:fb:12:e1:64:7c:57:cf:ad:68:b1:6a:f7:c3:
d9:9c:7c:f7:aa:8f:5d:d1:14:72:89:2f:74:1a:6e:
bf:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:A4:3B:14:CA:09:47:06:57:ED:31:D1:06:47:8D:21:9F:E3:00
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HMikOxTKCUcGV-0x0QZHjSGf4wA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/22
88.216.180.0/22
88.216.212.0-88.216.223.255
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
1d:0e:55:74:a9:79:a0:f4:b2:fb:82:57:6b:d7:6f:bd:25:97:
8a:7d:fd:9a:96:f6:18:ad:e5:18:12:ac:b8:93:9a:3d:29:79:
d7:b9:d1:6f:04:27:52:32:87:a9:0a:b8:ac:42:f3:a0:35:e9:
46:03:90:20:e5:8e:34:f5:6e:ef:bd:e3:5c:4b:b8:31:d6:25:
1d:6d:7f:30:46:5d:9e:f2:f7:f0:b2:9e:bf:9f:c6:a1:a9:59:
86:44:cb:e5:96:39:50:25:85:7d:02:f0:9b:99:da:17:12:68:
8c:22:69:45:78:74:7b:06:15:e2:5d:72:c1:5b:a9:1e:df:c6:
d3:9a:47:03:4d:7a:b9:11:7b:7e:eb:32:f3:ab:3a:fb:7f:23:
33:e7:3b:a4:ee:0f:60:d5:61:a6:4d:9a:af:da:ae:57:52:9b:
dd:84:0c:b8:b5:87:16:7c:fb:71:71:7e:13:df:e6:d7:c6:f6:
b9:73:b3:12:9a:e7:03:a6:5d:59:07:ef:65:a8:92:4f:02:ff:
ca:03:2e:21:ae:a8:b5:8d:a0:00:b0:d1:b8:34:62:cc:33:36:
80:bd:71:fb:3d:ba:3b:05:d8:eb:69:29:10:18:d4:75:d0:91:
c4:b6:d8:77:12:6d:45:fd:42:0c:99:a7:6a:4b:40:b7:ca:e6:
78:58:86:43
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYPnD0hhSbFcdOMqMW3ACSpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDE3MTc0ODAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M4YTQzYjE0Y2EwOTQ3MDY1N2VkMzFkMTA2NDc4ZDIxOWZlMzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv4zRMZFnIJvH5Drqcun3uE9KnQ5O
DcJAVteJz0nYRSpYCJ4Ci20G3L73TEim9Zdg5fQ8nAktJsW2ohtY7EgRLUcitYPc
WewcIaYq7lhWKQtbLYtWqiR806TOfYpv5snBmwQihWHWQY5omZhCFmPI5X7IjDTZ
MwBYHc7cog6j1+GbcmKsDOzGYo7bY9b496IkAAUVRojhlZ5VTGLMLexyjMzXkInS
EnMdWlP6iENHtMlaldBzr6emPMLxFINSCb1IaH1jnQu/G/BuLAyulAtTIrOKdUpC
Uxl5C46fxbX7ff5Su/sS4WR8V8+taLFq98PZnHz3qo9d0RRyiS90Gm6/4wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBzIpDsUyglHBlftMdEGR40hn+MAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSE1pa094VEtDVWNHVi0weDBRWkhqU0dmNHdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCVCAsAwQC
WNi0MAwDBAJY2NQDBAVY2MADBAJY2OQwDAMEAljY7AMEA1jY8DANBgkqhkiG9w0B
AQsFAAOCAQEAHQ5VdKl5oPSy+4JXa9dvvSWXin39mpb2GK3lGBKsuJOaPSl517nR
bwQnUjKHqQq4rELzoDXpRgOQIOWONPVu773jXEu4MdYlHW1/MEZdnvL38LKev5/G
oalZhkTL5ZY5UCWFfQLwm5naFxJojCJpRXh0ewYV4l1ywVupHt/G05pHA016uRF7
fusy86s6+38jM+c7pO4PYNVhpk2ar9quV1Kb3YQMuLWHFnz7cXF+E9/m18b2uXOz
EprnA6ZdWQfvZaiSTwL/ygMuIa6otY2gALDRuDRizDM2gL1x+z26OwXY62kpEBjU
ddCRxLbYdxJtRf1CDJmnaktAt8rmeFiGQw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org