Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JPIjvC7876y8s8cKjIs8EHKwDI0.roa
File: JPIjvC7876y8s8cKjIs8EHKwDI0.roa (raw, json)
Hash identifier: 4Y6TeGBnXPP3Fkk4BOaVV2/oLxNmRQ5eiYmeIIXh8m4=
Subject key identifier: 24:F2:23:BC:2E:FC:EF:AC:BC:B3:C7:0A:8C:8B:3C:10:72:B0:0C:8D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: E91C3B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JPIjvC7876y8s8cKjIs8EHKwDI0.roa
Signing time: Mon 02 May 2022 10:01:23 +0000
ROA not before: Mon 02 May 2022 10:01:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 88.216.92.0/23 maxlen: 24
88.216.94.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15277115 (0xe91c3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 2 10:01:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24f223bc2efcefacbcb3c70a8c8b3c1072b00c8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:3e:c3:56:ce:74:4b:19:09:90:bb:7b:78:
c2:bc:73:e6:b3:e6:c5:49:94:43:fa:0d:84:cd:c7:
26:38:60:d5:c6:e6:64:a4:23:65:c6:c0:62:f6:56:
90:cf:5a:dc:e9:7b:5a:99:e3:31:ca:12:f5:9e:26:
61:eb:aa:7a:71:25:f0:02:cb:0a:ea:ab:09:33:d4:
f6:49:d0:38:79:59:38:d9:55:0a:2f:0a:76:ba:cd:
db:27:5d:d6:5d:f0:9e:23:b9:37:08:c5:d9:9a:be:
e5:70:75:3b:f0:7b:32:90:a9:5b:ef:61:46:8c:65:
54:1d:14:f1:18:b9:ce:f1:9a:e9:49:fb:d8:14:24:
47:0d:d8:6c:2d:42:9a:20:48:10:cc:80:d5:31:e3:
d9:77:56:1e:e9:b5:59:7d:62:d8:d0:25:dc:b5:58:
a0:32:90:43:60:6e:0a:21:87:63:e2:08:b9:45:31:
eb:1c:70:04:29:64:ac:1a:ff:f9:22:0c:42:57:b2:
18:26:24:be:df:43:b9:a1:d6:ab:7e:35:31:5d:10:
42:14:15:54:19:cb:a7:02:af:75:87:43:23:0a:50:
1c:d7:ea:44:4d:c3:51:3e:e3:14:cc:fb:32:bf:4b:
6c:fb:4e:dc:37:41:0e:98:ab:2c:4b:c7:34:24:7d:
a3:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:F2:23:BC:2E:FC:EF:AC:BC:B3:C7:0A:8C:8B:3C:10:72:B0:0C:8D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/JPIjvC7876y8s8cKjIs8EHKwDI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.92.0/22
Signature Algorithm: sha256WithRSAEncryption
53:59:a3:12:29:16:4a:7f:6d:1a:e4:9b:05:bc:67:52:af:04:
42:72:60:3f:73:34:ce:ea:fc:a8:fa:aa:6b:6a:1d:ac:43:06:
60:f2:ba:56:2b:8f:8f:ca:f1:ac:d0:b8:fb:80:01:15:fb:36:
51:59:9b:b1:f9:70:99:82:16:ea:10:85:cb:70:9c:88:db:aa:
62:28:c6:e9:56:90:63:94:d0:ba:98:1d:3a:8a:a2:15:82:d8:
74:a6:02:b3:f2:af:5d:4e:9b:3e:95:68:0e:64:06:45:00:42:
9f:80:9d:b1:86:17:2a:15:8d:56:e1:37:90:83:50:59:18:70:
6c:9e:56:b8:cc:e6:48:a1:28:be:6d:ea:7d:b7:de:04:62:64:
fc:88:37:02:57:8e:94:4d:65:51:b4:ff:9d:20:7c:3e:fa:8b:
9f:cf:c2:2d:c8:62:72:5a:44:48:4d:d8:42:6c:79:86:8d:a9:
ce:2d:a9:f3:9c:8e:41:e0:38:62:7c:03:3f:70:c6:b6:ee:71:
15:db:b6:eb:90:a5:31:d4:f0:09:f2:41:d8:4d:65:6c:9d:c8:
72:29:0f:9c:a3:fb:68:7c:cd:3e:ba:42:f0:08:fc:62:91:3f:
7f:57:02:72:a5:3f:c0:62:63:85:4d:c1:e7:e2:d7:37:b1:7a:
76:0b:26:c9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAOkcOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUw
MjEwMDEyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRmMjIzYmMyZWZj
ZWZhY2JjYjNjNzBhOGM4YjNjMTA3MmIwMGM4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWgPsNWznRLGQmQu3t4wrxz5rPmxUmUQ/oNhM3HJjhg1cbm
ZKQjZcbAYvZWkM9a3Ol7WpnjMcoS9Z4mYeuqenEl8ALLCuqrCTPU9knQOHlZONlV
Ci8KdrrN2ydd1l3wniO5NwjF2Zq+5XB1O/B7MpCpW+9hRoxlVB0U8Ri5zvGa6Un7
2BQkRw3YbC1CmiBIEMyA1THj2XdWHum1WX1i2NAl3LVYoDKQQ2BuCiGHY+IIuUUx
6xxwBClkrBr/+SIMQleyGCYkvt9DuaHWq341MV0QQhQVVBnLpwKvdYdDIwpQHNfq
RE3DUT7jFMz7Mr9LbPtO3DdBDpirLEvHNCR9oyMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQk8iO8LvzvrLyzxwqMizwQcrAMjTAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0pQSWp2Qzc4NzZ5OHM4Y0tqSXM4RUhLd0RJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAljYXDANBgkqhkiG9w0BAQsFAAOC
AQEAU1mjEikWSn9tGuSbBbxnUq8EQnJgP3M0zur8qPqqa2odrEMGYPK6ViuPj8rx
rNC4+4ABFfs2UVmbsflwmYIW6hCFy3CciNuqYijG6VaQY5TQupgdOoqiFYLYdKYC
s/KvXU6bPpVoDmQGRQBCn4CdsYYXKhWNVuE3kINQWRhwbJ5WuMzmSKEovm3qfbfe
BGJk/Ig3AleOlE1lUbT/nSB8PvqLn8/CLchiclpESE3YQmx5ho2pzi2p85yOQeA4
YnwDP3DGtu5xFdu265ClMdTwCfJB2E1lbJ3IcikPnKP7aHzNPrpC8Aj8YpE/f1cC
cqU/wGJjhU3B5+LXN7F6dgsmyQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org