Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MTW4eZpHDN1TUXSKK62biamR0Ng.roa
File: MTW4eZpHDN1TUXSKK62biamR0Ng.roa (raw, json)
Hash identifier: 7STTwoVIbAd2iIheQyuuG4QNbdapxKAFpUbMGnAQPuw=
Subject key identifier: 31:35:B8:79:9A:47:0C:DD:53:51:74:8A:2B:AD:9B:89:A9:91:D0:D8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018311419A5EBCD56DF919DBE0E96D2F930A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MTW4eZpHDN1TUXSKK62biamR0Ng.roa
Signing time: Tue 06 Sep 2022 05:24:15 +0000
ROA not before: Tue 06 Sep 2022 05:24:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.16.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
84.32.24.0/22 maxlen: 22
88.216.134.0/24 maxlen: 24
84.32.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:11:41:9a:5e:bc:d5:6d:f9:19:db:e0:e9:6d:2f:93:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 6 05:24:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3135b8799a470cdd5351748a2bad9b89a991d0d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:73:a7:51:3f:db:e5:ed:d9:05:d3:c8:c8:63:
e3:c4:aa:cc:ff:c5:25:08:64:ab:27:bc:7c:ab:97:
d0:2c:92:74:59:9d:f9:4b:c9:45:76:1a:68:a2:e6:
e5:80:e3:d2:66:23:ab:02:db:92:88:ad:54:cf:29:
73:14:97:3f:4f:ec:15:53:e8:fa:28:85:8d:25:01:
b1:15:63:df:3d:1b:26:f3:11:7c:8d:d6:b2:db:1c:
fe:17:93:da:b3:86:a9:f6:67:c4:63:4b:d2:76:e4:
5b:41:cf:93:2f:b9:7c:db:68:35:13:ac:79:b5:23:
e9:63:95:10:a8:50:4f:61:69:af:ad:52:7f:34:46:
45:0c:df:87:9c:6e:90:50:aa:26:0c:91:5c:26:f5:
c4:7b:17:0f:b2:e7:58:19:bc:52:e1:56:2d:45:d9:
37:16:7a:a8:a4:4d:e0:d5:c2:62:08:3c:04:ed:e2:
1f:1a:5b:24:49:64:f9:19:32:66:6c:11:1b:a3:12:
52:7e:36:57:d9:5f:3b:58:17:12:bf:84:d2:c9:de:
36:a9:44:b8:61:f6:f6:1c:ab:3e:90:54:be:19:9a:
c7:e6:53:3c:45:13:fe:18:7b:a3:28:64:69:91:25:
bf:bb:e2:6f:97:fe:e6:d4:42:b3:91:c4:b4:c0:94:
2c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:35:B8:79:9A:47:0C:DD:53:51:74:8A:2B:AD:9B:89:A9:91:D0:D8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MTW4eZpHDN1TUXSKK62biamR0Ng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/21
88.216.16.0/23
88.216.92.0/22
88.216.129.0/24
88.216.134.0/24
Signature Algorithm: sha256WithRSAEncryption
17:d7:c5:94:1c:67:f0:59:3d:26:3f:97:8f:1c:bb:6e:56:ba:
6e:ac:09:0c:1d:bb:d5:fc:d9:20:25:ea:a7:51:49:c3:63:7d:
2a:93:6e:55:3a:b0:0f:49:74:27:ab:b3:d4:41:48:fe:af:93:
d8:35:63:84:5a:73:b8:ba:f0:8d:85:ff:a6:52:25:f0:c9:18:
06:1d:33:3b:88:59:10:57:85:af:03:b2:18:46:39:a8:d0:08:
61:27:59:a6:aa:d2:59:16:98:00:4e:7c:24:f4:ad:a4:04:b6:
6d:e1:0f:4c:37:49:01:c1:e6:03:a7:f6:37:af:4d:0f:2a:a5:
d1:7b:10:65:96:c9:40:bc:69:97:75:d2:96:f9:f0:c0:73:4b:
4c:f4:39:d4:90:8d:55:af:0e:94:05:03:39:eb:3c:ad:dd:fd:
46:50:e4:67:64:d7:d2:7f:43:cd:1f:f0:52:ee:54:0f:35:ec:
54:91:69:4e:96:1e:e0:e4:f5:ac:a7:da:4e:71:f5:3e:7d:f2:
94:08:7f:d6:de:8d:56:5b:fa:f4:a2:a5:39:4a:e4:25:4c:7d:
e5:60:e8:f8:47:3a:9e:0f:96:42:52:94:d8:b6:f7:fe:c5:df:
ba:43:f5:79:7e:b9:45:56:ee:fd:1e:cf:1f:25:59:5d:65:9e:
95:d1:b5:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYMRQZpevNVt+Rnb4OltL5MKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTA2MDUyNDE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTM1Yjg3OTlhNDcwY2RkNTM1MTc0OGEyYmFkOWI4OWE5OTFkMGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3OnUT/b5e3ZBdPIyGPjxKrM/8Ul
CGSrJ7x8q5fQLJJ0WZ35S8lFdhpooublgOPSZiOrAtuSiK1UzylzFJc/T+wVU+j6
KIWNJQGxFWPfPRsm8xF8jday2xz+F5Pas4ap9mfEY0vSduRbQc+TL7l822g1E6x5
tSPpY5UQqFBPYWmvrVJ/NEZFDN+HnG6QUKomDJFcJvXEexcPsudYGbxS4VYtRdk3
FnqopE3g1cJiCDwE7eIfGlskSWT5GTJmbBEboxJSfjZX2V87WBcSv4TSyd42qUS4
Yfb2HKs+kFS+GZrH5lM8RRP+GHujKGRpkSW/u+Jvl/7m1EKzkcS0wJQsVQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDE1uHmaRwzdU1F0iiutm4mpkdDYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTVRXNGVacEhETjFUVVhTS0s2MmJpYW1SME5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDVCAYAwQB
WNgQAwQCWNhcAwQAWNiBAwQAWNiGMA0GCSqGSIb3DQEBCwUAA4IBAQAX18WUHGfw
WT0mP5ePHLtuVrpurAkMHbvV/NkgJeqnUUnDY30qk25VOrAPSXQnq7PUQUj+r5PY
NWOEWnO4uvCNhf+mUiXwyRgGHTM7iFkQV4WvA7IYRjmo0AhhJ1mmqtJZFpgATnwk
9K2kBLZt4Q9MN0kBweYDp/Y3r00PKqXRexBllslAvGmXddKW+fDAc0tM9DnUkI1V
rw6UBQM56zyt3f1GUORnZNfSf0PNH/BS7lQPNexUkWlOlh7g5PWsp9pOcfU+ffKU
CH/W3o1WW/r0oqU5SuQlTH3lYOj4RzqeD5ZCUpTYtvf+xd+6Q/V5frlFVu79Hs8f
JVldZZ6V0bWT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org