Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Jj1J-sG0bi-aNDCJOK1AAFkKxBs.roa
File: Jj1J-sG0bi-aNDCJOK1AAFkKxBs.roa (raw, json)
Hash identifier: 4AgavA7EqdG6EH5m9whLwbWDen+s/PfAr660cGCVEOM=
Subject key identifier: 26:3D:49:FA:C1:B4:6E:2F:9A:34:30:89:38:AD:40:00:59:0A:C4:1B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01840E179783591DD04A37EA239944530112
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Jj1J-sG0bi-aNDCJOK1AAFkKxBs.roa
Signing time: Tue 25 Oct 2022 07:42:17 +0000
ROA not before: Tue 25 Oct 2022 07:42:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.216.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:17:97:83:59:1d:d0:4a:37:ea:23:99:44:53:01:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 25 07:42:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=263d49fac1b46e2f9a34308938ad4000590ac41b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:8d:16:b2:a6:85:e6:d4:c6:46:10:f8:aa:
29:fd:b0:d9:7f:dd:93:37:7c:bb:41:e3:97:28:03:
23:7f:d9:cd:b8:3e:c6:4a:dd:61:2c:f8:2a:d6:d7:
a9:dd:da:30:35:ad:27:b6:11:dc:a9:80:da:11:67:
5e:79:28:de:4e:3d:9b:5e:c8:37:cb:dc:80:bc:94:
0e:0b:3a:23:5e:3b:1c:23:19:f5:d8:8c:bc:b8:af:
49:68:02:5c:a6:9c:08:a9:05:aa:78:72:43:21:d9:
e4:48:bd:5c:6e:14:7a:21:02:c0:b7:79:9b:a0:7a:
b8:59:73:68:0e:dd:c4:26:69:66:df:c1:fc:4c:8d:
8a:a1:6d:e4:40:c4:42:69:81:ff:12:52:28:ff:9c:
04:4f:31:e6:20:23:d8:a6:56:0f:58:1c:78:f1:06:
63:d0:68:e0:8e:41:86:fa:0f:9c:fc:e3:5a:f3:97:
84:a4:9d:07:2f:e4:f7:2f:19:37:59:8b:1e:5e:56:
81:84:f1:c7:65:34:bc:60:8c:11:74:f8:d7:44:92:
1d:f0:96:99:b8:cd:ec:57:4d:ae:c1:75:91:eb:55:
9c:ac:d2:a0:9f:8e:b6:68:ec:7e:43:9c:6a:88:d9:
40:03:bc:a2:4b:40:03:86:83:ff:60:a2:b6:f6:f2:
68:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:3D:49:FA:C1:B4:6E:2F:9A:34:30:89:38:AD:40:00:59:0A:C4:1B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Jj1J-sG0bi-aNDCJOK1AAFkKxBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.180.0/22
88.216.212.0-88.216.219.255
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
19:87:f0:eb:0f:e0:ca:31:3f:28:d6:c0:e1:3d:88:b4:b6:b5:
6f:73:3b:de:ed:cf:a7:10:4a:06:d7:4c:f9:ac:97:5f:3e:ea:
23:27:43:f4:49:83:d7:08:81:7d:d9:15:48:01:ae:66:ca:2f:
f6:02:a5:3b:96:29:da:ca:b4:e7:17:e6:32:8b:c9:01:1b:f2:
b2:c5:c0:ef:c4:14:60:71:0a:72:3a:12:5e:41:6e:7a:e5:ed:
2a:a2:1e:4b:68:c7:56:6f:af:23:00:19:17:4a:0c:c4:fb:c7:
61:0d:c0:7b:37:6c:8b:a7:c6:69:a3:71:a0:e7:d9:9f:f3:48:
9c:78:65:db:ef:eb:06:62:5c:77:d6:b1:45:f2:ab:a8:71:8a:
3d:d2:0c:63:63:c0:46:ba:3e:6b:1a:01:45:01:da:6b:be:af:
4b:94:af:54:9a:48:af:b8:01:b7:ed:5b:0c:72:e3:75:3c:1d:
39:d3:5f:45:a4:71:2a:9c:d6:6a:a1:33:5d:64:68:51:02:ae:
da:a9:64:ba:2a:8e:5b:63:c0:5e:05:39:1d:68:57:76:6f:9c:
0a:41:ad:e2:38:ee:a6:c2:57:e2:45:cf:c2:bb:1a:1a:63:42:
e5:8f:6d:f3:a3:d9:a9:44:8e:65:5e:6d:48:ef:43:1a:f4:ee:
25:5b:10:0a
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYQOF5eDWR3QSjfqI5lEUwESMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI1MDc0MjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNjNkNDlmYWMxYjQ2ZTJmOWEzNDMwODkzOGFkNDAwMDU5MGFjNDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1KNFrKmhebUxkYQ+Kop/bDZf92T
N3y7QeOXKAMjf9nNuD7GSt1hLPgq1tep3dowNa0nthHcqYDaEWdeeSjeTj2bXsg3
y9yAvJQOCzojXjscIxn12Iy8uK9JaAJcppwIqQWqeHJDIdnkSL1cbhR6IQLAt3mb
oHq4WXNoDt3EJmlm38H8TI2KoW3kQMRCaYH/ElIo/5wETzHmICPYplYPWBx48QZj
0GjgjkGG+g+c/ONa85eEpJ0HL+T3Lxk3WYseXlaBhPHHZTS8YIwRdPjXRJId8JaZ
uM3sV02uwXWR61WcrNKgn462aOx+Q5xqiNlAA7yiS0ADhoP/YKK29vJo/wIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCY9SfrBtG4vmjQwiTitQABZCsQbMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSmoxSi1zRzBiaS1hTkRDSk9LMUFBRmtLeEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCWNi0MAwD
BAJY2NQDBAJY2NgDBAJY2OQwDAMEAljY7AMEA1jY8DANBgkqhkiG9w0BAQsFAAOC
AQEAGYfw6w/gyjE/KNbA4T2ItLa1b3M73u3PpxBKBtdM+ayXXz7qIydD9EmD1wiB
fdkVSAGuZsov9gKlO5Yp2sq05xfmMovJARvyssXA78QUYHEKcjoSXkFueuXtKqIe
S2jHVm+vIwAZF0oMxPvHYQ3Aezdsi6fGaaNxoOfZn/NInHhl2+/rBmJcd9axRfKr
qHGKPdIMY2PARro+axoBRQHaa76vS5SvVJpIr7gBt+1bDHLjdTwdOdNfRaRxKpzW
aqEzXWRoUQKu2qlkuiqOW2PAXgU5HWhXdm+cCkGt4jjupsJX4kXPwrsaGmNC5Y9t
86PZqUSOZV5tSO9DGvTuJVsQCg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org