Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HOp_W-5U4KIjqqs62Rj5kWUtSds.roa
File: HOp_W-5U4KIjqqs62Rj5kWUtSds.roa (raw, json)
Hash identifier: MJTTW4XMNAzartEk63ayZWunuAG1yz/34pyHKemoPdY=
Subject key identifier: 1C:EA:7F:5B:EE:54:E0:A2:23:AA:AB:3A:D9:18:F9:91:65:2D:49:DB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 9E080C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HOp_W-5U4KIjqqs62Rj5kWUtSds.roa
Signing time: Fri 08 Apr 2022 16:22:32 +0000
ROA not before: Fri 08 Apr 2022 16:22:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 88.216.184.0/23 maxlen: 24
88.216.186.0/23 maxlen: 24
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.216.0/21 maxlen: 24
88.216.34.0/23 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10356748 (0x9e080c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 8 16:22:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cea7f5bee54e0a223aaab3ad918f991652d49db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:70:a3:65:1e:d9:58:e3:29:24:81:d6:6b:8c:
3f:ea:16:ea:e5:84:2a:3f:80:66:c0:a4:33:26:ad:
56:f1:a0:81:bf:68:3c:79:17:93:8b:63:5b:02:d2:
d2:81:e8:fe:87:57:e6:ac:ab:f2:7c:65:ba:8a:e2:
bb:88:c7:f0:7b:2d:8c:91:b9:4c:8c:ed:d4:ff:06:
8f:9a:14:1d:0f:74:8d:f9:83:ef:c8:74:31:e5:be:
e7:96:c3:25:51:ad:fc:69:6f:d1:49:27:ff:10:61:
8f:9b:2c:c5:00:2d:ca:d1:f6:5b:e0:6a:c8:75:27:
d5:83:aa:b5:f0:39:03:c3:0c:64:5e:2b:6a:51:21:
c5:bb:de:19:80:e9:b8:5f:53:66:12:71:a1:b3:b3:
50:8e:53:ad:19:2a:85:70:3a:e7:bf:cd:2e:a4:24:
de:e8:c7:d3:d5:33:aa:95:35:f2:6f:d3:c0:ac:0d:
e8:1f:0c:f4:82:33:0f:33:d7:b7:09:06:9e:07:4c:
41:38:67:91:76:8b:1e:50:c8:5e:fb:4f:fc:1c:e3:
16:a1:ae:b0:f2:57:c3:81:c7:ca:c8:0e:8d:7f:a6:
dc:f9:ea:82:33:40:14:71:94:84:f0:ed:f4:28:e8:
c4:74:c8:dc:9c:24:a6:18:a6:f5:22:eb:fc:30:38:
56:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EA:7F:5B:EE:54:E0:A2:23:AA:AB:3A:D9:18:F9:91:65:2D:49:DB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HOp_W-5U4KIjqqs62Rj5kWUtSds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.34.0/23
88.216.44.0/23
88.216.92.0/22
88.216.184.0/22
88.216.216.0/21
Signature Algorithm: sha256WithRSAEncryption
3f:b5:3a:12:ba:97:84:f9:79:11:20:21:c9:ac:dd:f0:76:df:
9a:3e:76:38:ae:57:4c:85:82:b5:7c:b5:a0:5a:2e:6a:4d:fc:
ec:74:4a:95:9b:3b:72:16:1a:a0:a4:64:b1:04:d1:b1:0d:98:
b2:c4:1c:2f:34:99:3b:39:75:e3:dc:08:91:f9:47:ff:63:06:
36:7c:4a:58:53:f4:5a:af:f3:dc:2c:5f:e8:4a:ad:e6:af:7e:
c9:46:19:bb:7b:75:f2:c8:8c:da:71:4e:8a:56:6f:16:e6:b1:
b8:ba:9d:a2:e0:4e:c7:48:49:20:a9:1e:52:77:01:99:a9:83:
d3:ba:f5:1e:d0:1a:95:d7:fc:cf:d1:05:19:ce:31:77:c6:76:
1c:5f:b3:09:43:2f:68:f7:ab:3c:33:4b:a2:08:cb:84:f5:16:
3b:6c:72:52:1c:0f:05:6c:67:e9:19:43:9e:e6:0d:a7:f0:90:
ed:67:21:10:62:54:60:c7:dc:fb:a6:e9:44:35:49:75:5a:3e:
c4:40:45:c1:5a:8c:09:87:4c:c0:a0:ac:cd:3e:5d:24:1b:78:
17:f7:0f:1f:cf:2c:4d:da:d0:4c:fb:6e:c2:3c:59:0b:e0:4b:
1f:6a:a4:9a:c5:9c:9b:1a:8e:8b:c2:04:04:64:43:c7:c0:6a:
41:ce:3a:3b
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAJ4IDDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQw
ODE2MjIzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNlYTdmNWJlZTU0
ZTBhMjIzYWFhYjNhZDkxOGY5OTE2NTJkNDlkYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5wo2Ue2VjjKSSB1muMP+oW6uWEKj+AZsCkMyatVvGggb9o
PHkXk4tjWwLS0oHo/odX5qyr8nxluoriu4jH8HstjJG5TIzt1P8Gj5oUHQ90jfmD
78h0MeW+55bDJVGt/Glv0Ukn/xBhj5ssxQAtytH2W+BqyHUn1YOqtfA5A8MMZF4r
alEhxbveGYDpuF9TZhJxobOzUI5TrRkqhXA657/NLqQk3ujH09UzqpU18m/TwKwN
6B8M9IIzDzPXtwkGngdMQThnkXaLHlDIXvtP/BzjFqGusPJXw4HHysgOjX+m3Pnq
gjNAFHGUhPDt9CjoxHTI3Jwkphim9SLr/DA4VgECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQc6n9b7lTgoiOqqzrZGPmRZS1J2zAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0hPcF9XLTVVNEtJanFxczYyUmo1a1dVdFNkcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAVjYIgMEAVjYLAMEAljYXAMEAljY
uAMEA1jY2DANBgkqhkiG9w0BAQsFAAOCAQEAP7U6ErqXhPl5ESAhyazd8Hbfmj52
OK5XTIWCtXy1oFouak387HRKlZs7chYaoKRksQTRsQ2YssQcLzSZOzl149wIkflH
/2MGNnxKWFP0Wq/z3Cxf6Eqt5q9+yUYZu3t18siM2nFOilZvFuaxuLqdouBOx0hJ
IKkeUncBmamD07r1HtAaldf8z9EFGc4xd8Z2HF+zCUMvaPerPDNLogjLhPUWO2xy
UhwPBWxn6RlDnuYNp/CQ7WchEGJUYMfc+6bpRDVJdVo+xEBFwVqMCYdMwKCszT5d
JBt4F/cPH88sTdrQTPtuwjxZC+BLH2qkmsWcmxqOi8IEBGRDx8BqQc46Ow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org