Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Iw66HWE-zttSlpE3EasPEZcSNUI.roa
File: Iw66HWE-zttSlpE3EasPEZcSNUI.roa (raw, json)
Hash identifier: qlIjgARSV1qQpu+ForYot37f4pVWjvjIbgiT8h1GYB4=
Subject key identifier: 23:0E:BA:1D:61:3E:CE:DB:52:96:91:37:11:AB:0F:11:97:12:35:42
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 25DC7F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Iw66HWE-zttSlpE3EasPEZcSNUI.roa
Signing time: Thu 03 Mar 2022 10:03:29 +0000
ROA not before: Thu 03 Mar 2022 10:03:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2481279 (0x25dc7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 3 10:03:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=230eba1d613ecedb5296913711ab0f1197123542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:b9:5c:b2:ca:20:83:7d:46:34:8d:35:57:
a8:dd:0d:87:58:b6:65:29:04:18:bb:59:af:bd:df:
04:00:24:b8:6c:9b:43:14:7f:51:20:6d:b5:cc:8d:
31:ba:e7:f5:10:c7:51:10:5f:78:40:02:7e:1f:7c:
78:b4:7d:d4:d2:3d:fa:8d:6f:04:8e:fb:6f:22:86:
65:0a:24:cb:c8:47:af:dc:d5:01:11:4a:4f:37:e6:
3b:db:0a:b5:82:87:5f:5e:5a:eb:91:84:ce:c7:3c:
6e:a3:ce:8b:3c:24:e3:74:ff:4d:33:1d:7a:74:a6:
a8:85:5d:8f:a6:b6:82:1a:e3:db:95:c9:14:2e:42:
dd:b8:8e:ed:10:04:56:ea:d2:7c:92:29:76:93:f0:
fb:39:5b:c3:1a:c1:38:c6:98:7f:15:ef:96:f9:a9:
6f:76:ca:87:c6:20:d8:74:c7:11:36:8a:64:4a:f0:
b9:6f:74:47:07:0b:05:e5:79:bf:c6:a8:f7:1d:bf:
0f:d1:1d:21:af:4d:3f:e9:99:96:40:50:4d:0c:6d:
3c:80:88:61:cd:e4:9c:1e:96:06:67:45:02:4d:c1:
0a:6c:19:6d:af:67:43:f0:59:00:0c:a6:bf:f5:30:
f4:df:18:7f:01:5a:b4:46:f8:80:b4:53:bf:c2:39:
f8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0E:BA:1D:61:3E:CE:DB:52:96:91:37:11:AB:0F:11:97:12:35:42
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Iw66HWE-zttSlpE3EasPEZcSNUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/22
88.216.32.0/23
88.216.46.0/23
88.216.180.0/22
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
4b:6d:1b:28:16:1e:78:52:12:b8:cf:66:1f:27:44:09:6c:4e:
97:d8:a8:6e:39:f0:54:2c:82:41:62:85:e1:31:e0:ea:40:dd:
8e:03:b6:74:29:02:8c:a1:27:e4:e1:af:8e:65:5f:93:1a:38:
01:9f:29:86:37:e6:f7:21:3a:d1:fb:70:b4:72:6b:03:91:c3:
6b:71:f2:3e:fc:3c:1f:cc:89:64:62:d8:97:78:6b:fc:49:ba:
09:86:2a:39:89:14:76:c1:20:31:dd:37:3b:d6:fe:94:f0:ae:
7e:e2:dd:53:4b:b0:c3:08:43:a0:1d:88:a0:81:f4:a0:bd:dd:
48:96:04:0a:e6:ac:48:73:c1:5a:9b:10:af:78:a9:d1:8d:f2:
e6:32:47:b3:ee:67:de:36:e8:75:90:50:48:7b:c1:1d:78:f0:
72:34:e3:9e:42:ca:8d:57:d6:4a:6a:b7:dd:bb:00:54:e9:fd:
c8:8d:4f:5e:e9:cb:20:62:5b:86:9c:8c:2a:fe:bf:d6:24:dc:
b2:e7:91:28:bc:40:22:72:b1:ac:99:22:92:fb:92:73:7b:16:
b6:61:81:eb:fd:a0:96:a7:78:c5:9e:8c:ab:b8:a1:06:a3:b3:
cf:d5:10:49:c6:60:f9:47:13:ee:b4:d6:72:4f:10:ce:9e:23:
47:fc:81:a7
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIDJdx/MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzAz
MTAwMzI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyMzBlYmExZDYxM2Vj
ZWRiNTI5NjkxMzcxMWFiMGYxMTk3MTIzNTQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtQe5XLLKIIN9RjSNNVeo3Q2HWLZlKQQYu1mvvd8EACS4bJtD
FH9RIG21zI0xuuf1EMdREF94QAJ+H3x4tH3U0j36jW8EjvtvIoZlCiTLyEev3NUB
EUpPN+Y72wq1godfXlrrkYTOxzxuo86LPCTjdP9NMx16dKaohV2PpraCGuPblckU
LkLduI7tEARW6tJ8kil2k/D7OVvDGsE4xph/Fe+W+alvdsqHxiDYdMcRNopkSvC5
b3RHBwsF5Xm/xqj3Hb8P0R0hr00/6ZmWQFBNDG08gIhhzeScHpYGZ0UCTcEKbBlt
r2dD8FkADKa/9TD03xh/AVq0RviAtFO/wjn4NwIDAQABo4ICNTCCAjEwHQYDVR0O
BBYEFCMOuh1hPs7bUpaRNxGrDxGXEjVCMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
SXc2NkhXRS16dHRTbHBFM0Vhc1BFWmNTTlVJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEsG
CCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCVCAEAwQBWNggAwQBWNguAwQCWNi0
AwQCWNi8AwQCWNjEMAwDBABY2NEDBANY2NAwDQYJKoZIhvcNAQELBQADggEBAEtt
GygWHnhSErjPZh8nRAlsTpfYqG458FQsgkFiheEx4OpA3Y4DtnQpAoyhJ+Thr45l
X5MaOAGfKYY35vchOtH7cLRyawORw2tx8j78PB/MiWRi2Jd4a/xJugmGKjmJFHbB
IDHdNzvW/pTwrn7i3VNLsMMIQ6AdiKCB9KC93UiWBArmrEhzwVqbEK94qdGN8uYy
R7PuZ9426HWQUEh7wR148HI0455Cyo1X1kpqt927AFTp/ciNT17pyyBiW4acjCr+
v9Yk3LLnkSi8QCJysayZIpL7knN7FrZhgev9oJaneMWejKu4oQajs8/VEEnGYPlH
E+601nJPEM6eI0f8gac=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org