Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OwjbjzPTedW5ZTgnBUrjy4ztEUw.roa
File: OwjbjzPTedW5ZTgnBUrjy4ztEUw.roa (raw, json)
Hash identifier: t8fr+3blY14dxcnnHW1zLJXHrik13DyMeUS8lTwz5jw=
Subject key identifier: 3B:08:DB:8F:33:D3:79:D5:B9:65:38:27:05:4A:E3:CB:8C:ED:11:4C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 019B51E7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OwjbjzPTedW5ZTgnBUrjy4ztEUw.roa
Signing time: Tue 28 Jun 2022 05:35:20 +0000
ROA not before: Tue 28 Jun 2022 05:35:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.82.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
84.32.4.0/24 maxlen: 24
84.32.8.0/22 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26956263 (0x19b51e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 28 05:35:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3b08db8f33d379d5b9653827054ae3cb8ced114c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:40:e3:ea:dd:b2:ab:fd:8e:4d:1b:39:5f:24:
4b:2d:61:05:92:65:f3:6b:08:50:74:42:6f:ba:27:
42:db:16:0f:7b:6b:45:b3:83:08:8e:41:6c:1a:4b:
1f:09:31:30:00:e5:21:d5:c6:8d:c8:36:a3:ec:7a:
b7:23:87:e6:21:2e:c6:f0:39:07:e1:d1:4c:52:f0:
08:75:cf:8f:b2:2e:20:25:60:e5:fd:90:69:c4:5a:
42:ad:40:be:08:90:d4:20:18:7b:63:b2:a9:f2:ff:
73:b7:4e:fe:bd:2f:8b:da:e5:e9:40:89:df:6b:b6:
92:01:50:80:35:e1:c6:ec:eb:e8:e2:3c:72:5b:88:
b0:94:f0:f8:8b:bd:bd:0f:8f:3e:45:69:aa:f3:f1:
79:a6:1d:b6:00:fa:a8:c3:db:f4:79:2a:e7:c9:4d:
b5:d9:f5:29:8a:d0:cb:b7:93:92:7e:e5:65:c6:cb:
36:6a:88:a7:0b:c0:12:c7:6a:a6:e3:90:b0:5f:a6:
9d:06:01:35:59:90:20:d8:46:fd:c8:73:2b:0f:a7:
e9:61:ac:22:7c:61:8c:6c:83:32:ef:f5:94:47:bf:
de:65:7c:4e:14:76:47:0f:63:36:62:9e:6f:d2:d2:
05:2b:9d:5d:3b:fa:c8:9f:0d:5a:27:82:50:76:b3:
78:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:08:DB:8F:33:D3:79:D5:B9:65:38:27:05:4A:E3:CB:8C:ED:11:4C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OwjbjzPTedW5ZTgnBUrjy4ztEUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.8.0/22
84.32.82.0/24
88.216.34.0/24
88.216.42.0/24
88.216.96.0/24
88.216.98.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
7e:48:e8:84:a2:aa:ac:0a:68:4a:59:9d:de:ab:96:ca:23:7b:
8f:5e:c1:7e:5d:31:32:cb:3a:f3:60:17:64:5d:e9:63:29:db:
9d:41:c5:18:ec:7d:0e:c7:9d:b9:c5:44:02:b0:39:48:70:b9:
00:7c:9c:7e:51:48:3c:47:52:63:cf:8b:b6:ae:a0:ad:e2:af:
e8:99:37:5e:bd:73:8e:a5:e2:cd:76:61:a5:2a:03:31:09:4d:
f6:d0:af:4f:f7:61:bd:56:3b:e1:5e:c6:89:54:0a:3e:b3:5b:
53:03:26:ab:d5:49:dd:f3:11:3e:88:59:12:de:b6:2d:fe:7b:
24:80:43:e8:49:f2:f4:9b:23:45:6c:fa:cf:c5:35:9d:b8:23:
3c:b5:a3:38:54:8f:b6:41:59:3d:81:bf:57:80:ce:64:41:bd:
5f:9e:71:0f:8c:32:dd:27:87:c7:6d:06:df:b0:31:13:89:50:
f3:a5:2e:24:65:7a:75:c2:16:db:83:7c:4b:1f:4a:88:60:86:
67:a9:9c:76:94:cd:f1:43:f1:45:03:bf:a0:99:13:b0:01:c0:
98:fa:41:bd:a4:59:97:e6:fa:f3:c6:9d:14:a0:a9:b0:71:2e:
cd:c0:0e:b5:96:ac:d6:9a:93:4c:6b:e9:27:7b:d2:43:f3:ed:
41:ea:cc:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEAZtR5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYy
ODA1MzUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2IwOGRiOGYzM2Qz
NzlkNWI5NjUzODI3MDU0YWUzY2I4Y2VkMTE0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhA4+rdsqv9jk0bOV8kSy1hBZJl82sIUHRCb7onQtsWD3tr
RbODCI5BbBpLHwkxMADlIdXGjcg2o+x6tyOH5iEuxvA5B+HRTFLwCHXPj7IuICVg
5f2QacRaQq1AvgiQ1CAYe2OyqfL/c7dO/r0vi9rl6UCJ32u2kgFQgDXhxuzr6OI8
cluIsJTw+Iu9vQ+PPkVpqvPxeaYdtgD6qMPb9Hkq58lNtdn1KYrQy7eTkn7lZcbL
NmqIpwvAEsdqpuOQsF+mnQYBNVmQINhG/chzKw+n6WGsInxhjGyDMu/1lEe/3mV8
ThR2Rw9jNmKeb9LSBSudXTv6yJ8NWieCUHazeBsCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQ7CNuPM9N51bllOCcFSuPLjO0RTDAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L093amJqelBUZWRXNVpUZ25CVXJqeTR6dEVVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAFQgBAMEAlQgCAMEAFQgUgMEAFjY
IgMEAFjYKgMEAFjYYAMEAFjYYjAMAwQAWNi5AwQAWNi6MA0GCSqGSIb3DQEBCwUA
A4IBAQB+SOiEoqqsCmhKWZ3eq5bKI3uPXsF+XTEyyzrzYBdkXeljKdudQcUY7H0O
x525xUQCsDlIcLkAfJx+UUg8R1Jjz4u2rqCt4q/omTdevXOOpeLNdmGlKgMxCU32
0K9P92G9VjvhXsaJVAo+s1tTAyar1Und8xE+iFkS3rYt/nskgEPoSfL0myNFbPrP
xTWduCM8taM4VI+2QVk9gb9XgM5kQb1fnnEPjDLdJ4fHbQbfsDETiVDzpS4kZXp1
whbbg3xLH0qIYIZnqZx2lM3xQ/FFA7+gmROwAcCY+kG9pFmX5vrzxp0UoKmwcS7N
wA61lqzWmpNMa+kne9JD8+1B6sz1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org