Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HwgmvMzHsLbkkja46g8LUvctQNA.roa
File: HwgmvMzHsLbkkja46g8LUvctQNA.roa (raw, json)
Hash identifier: Vbp3UjtkuE53VTpXjtErYIPhuW6g5u+jDWmljTzQEVE=
Subject key identifier: 1F:08:26:BC:CC:C7:B0:B6:E4:92:36:B8:EA:0F:0B:52:F7:2D:40:D0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: ACCA28
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HwgmvMzHsLbkkja46g8LUvctQNA.roa
Signing time: Tue 12 Apr 2022 19:23:49 +0000
ROA not before: Tue 12 Apr 2022 19:23:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 88.216.96.0/21 maxlen: 24
88.216.224.0/21 maxlen: 24
88.216.232.0/21 maxlen: 24
88.216.128.0/21 maxlen: 24
88.216.240.0/21 maxlen: 24
88.216.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11323944 (0xacca28)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 12 19:23:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f0826bcccc7b0b6e49236b8ea0f0b52f72d40d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4a:59:66:ae:67:27:34:77:e8:0d:4e:e8:52:
e5:d7:12:4f:92:50:ef:bf:a6:8d:69:6b:71:ae:94:
ea:76:e8:13:9b:40:2c:78:31:80:81:47:98:3e:95:
a2:ec:c2:20:81:86:2b:18:f5:1b:8c:80:c9:24:3b:
18:67:5a:f6:4f:c4:31:a1:eb:5a:2d:35:88:66:a3:
65:70:62:b6:74:ff:47:f6:f6:c2:b4:bd:0a:a3:3e:
3d:02:71:96:b9:95:9f:51:fb:53:8a:80:36:53:ec:
27:e6:c7:e2:01:bc:d7:d5:5c:e0:21:de:f4:4b:8c:
6d:3f:40:ee:e9:d2:29:57:77:97:40:9c:8d:60:1a:
e2:66:9c:d5:4e:e7:09:38:55:f6:5a:0a:29:5e:3f:
7c:93:24:ad:cb:cd:4a:b1:ce:f3:92:0f:83:55:9b:
c5:0f:cf:a7:b5:4a:f0:06:12:50:06:d9:69:85:71:
d2:e6:7b:9e:ca:8d:36:e1:22:bb:7b:ca:05:5f:60:
99:7d:0b:a4:f2:1e:b9:53:0d:1f:9c:10:3e:f5:65:
87:e6:77:18:dd:e8:e2:54:e1:e9:02:cb:3d:e2:fa:
ff:54:6b:b1:f2:20:2e:c9:b8:78:f2:b3:a7:64:c5:
c8:14:43:ad:43:3e:b7:c4:ec:d3:0d:d2:a7:dc:eb:
37:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:08:26:BC:CC:C7:B0:B6:E4:92:36:B8:EA:0F:0B:52:F7:2D:40:D0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/HwgmvMzHsLbkkja46g8LUvctQNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.96.0/21
88.216.128.0/21
88.216.224.0/19
Signature Algorithm: sha256WithRSAEncryption
67:2c:c3:78:6d:f1:42:b3:f9:53:f1:03:ff:14:af:a6:29:1a:
c5:cb:8c:31:5b:e1:a9:b4:d2:b8:1f:8f:ca:92:56:b8:e5:80:
bf:1d:3e:a0:fa:94:05:72:8f:24:05:91:ba:44:83:f7:f5:26:
7f:1e:87:24:34:cc:ad:7d:ea:f4:f1:7e:51:fe:5c:54:6d:8b:
cc:30:ad:c4:26:ee:c3:db:7a:09:6c:01:e7:76:24:36:97:59:
36:49:45:f0:ba:96:f9:1d:09:ef:8a:83:10:2a:77:10:66:34:
e8:56:8d:19:e9:19:6d:5b:e5:de:95:18:a9:1d:89:ca:b9:c0:
de:73:c1:e1:c2:10:49:c0:4c:a4:ab:37:83:31:e3:39:16:87:
13:72:d3:51:6f:6e:8a:f3:67:10:59:56:a5:3b:f3:7c:ff:28:
3c:ef:23:d2:53:5d:7b:ad:24:ce:d4:c5:11:13:a8:e8:3e:38:
78:5e:a2:d2:b9:9a:cc:52:5b:e2:62:48:8b:9a:90:8a:1a:d9:
bb:50:7f:ff:9c:53:73:41:d5:4d:80:c8:0d:de:39:82:64:17:
ca:62:61:7b:19:04:54:5c:ad:9f:c9:b8:f4:44:71:e5:de:6c:
8f:dc:9c:6a:50:d3:e0:c7:66:16:ca:5f:b1:b5:83:e4:f5:50:
dd:5c:d9:2f
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAKzKKDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQx
MjE5MjM0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYwODI2YmNjY2M3
YjBiNmU0OTIzNmI4ZWEwZjBiNTJmNzJkNDBkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI5KWWauZyc0d+gNTuhS5dcST5JQ77+mjWlrca6U6nboE5tA
LHgxgIFHmD6VouzCIIGGKxj1G4yAySQ7GGda9k/EMaHrWi01iGajZXBitnT/R/b2
wrS9CqM+PQJxlrmVn1H7U4qANlPsJ+bH4gG819Vc4CHe9EuMbT9A7unSKVd3l0Cc
jWAa4mac1U7nCThV9loKKV4/fJMkrcvNSrHO85IPg1WbxQ/Pp7VK8AYSUAbZaYVx
0uZ7nsqNNuEiu3vKBV9gmX0LpPIeuVMNH5wQPvVlh+Z3GN3o4lTh6QLLPeL6/1Rr
sfIgLsm4ePKzp2TFyBRDrUM+t8Ts0w3Sp9zrN7sCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQfCCa8zMewtuSSNrjqDwtS9y1A0DAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0h3Z212TXpIc0xia2tqYTQ2ZzhMVXZjdFFOQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1jYYAMEA1jYgAMEBVjY4DANBgkq
hkiG9w0BAQsFAAOCAQEAZyzDeG3xQrP5U/ED/xSvpikaxcuMMVvhqbTSuB+PypJW
uOWAvx0+oPqUBXKPJAWRukSD9/Umfx6HJDTMrX3q9PF+Uf5cVG2LzDCtxCbuw9t6
CWwB53YkNpdZNklF8LqW+R0J74qDECp3EGY06FaNGekZbVvl3pUYqR2JyrnA3nPB
4cIQScBMpKs3gzHjORaHE3LTUW9uivNnEFlWpTvzfP8oPO8j0lNde60kztTFEROo
6D44eF6i0rmazFJb4mJIi5qQihrZu1B//5xTc0HVTYDIDd45gmQXymJhexkEVFyt
n8m49ERx5d5sj9ycalDT4MdmFspfsbWD5PVQ3VzZLw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org