Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOBBGqvZDO-0YZyPmg3FiPuSc2k.roa
File: QOBBGqvZDO-0YZyPmg3FiPuSc2k.roa (raw, json)
Hash identifier: GR1njq8ggyvzs+Gg/irh3RCI/WRBufsNIhdMmrFtKkI=
Subject key identifier: 40:E0:41:1A:AB:D9:0C:EF:B4:61:9C:8F:9A:0D:C5:88:FB:92:73:69
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01980E23
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOBBGqvZDO-0YZyPmg3FiPuSc2k.roa
Signing time: Mon 27 Jun 2022 08:23:40 +0000
ROA not before: Mon 27 Jun 2022 08:23:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.188.0/22 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.92.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.90.0/23 maxlen: 24
88.216.100.0/22 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.36.0/22 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26742307 (0x1980e23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 27 08:23:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40e0411aabd90cefb4619c8f9a0dc588fb927369
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ff:20:ea:58:26:74:1b:63:6e:fe:31:f2:1b:
e3:0f:55:ab:35:e5:b6:0b:1b:d5:75:81:4e:9d:cd:
e4:cc:89:44:3e:ae:7a:6f:01:58:07:9d:c1:2b:57:
05:3e:79:cf:c0:27:00:a1:53:0c:aa:0a:03:94:ed:
69:9e:42:b8:f2:54:f0:fb:72:eb:90:16:e5:10:29:
8f:03:63:79:c9:0d:5d:72:22:91:c6:7e:71:c3:13:
82:dd:36:94:83:a3:79:de:34:18:3e:8b:7c:48:a8:
2f:e2:00:e2:0c:30:8e:bb:0e:10:13:d8:39:c8:9c:
5f:93:c2:62:e2:8e:3a:6d:f7:45:8e:06:58:c5:6b:
11:51:9a:40:cc:e0:99:0c:55:cd:ea:5d:ae:49:be:
52:0f:f1:e5:6b:1e:df:c2:20:17:c8:8f:33:93:34:
2e:70:6c:a9:db:90:2e:b4:f4:8f:fa:c8:43:f7:69:
ae:3a:73:4b:78:49:b4:fa:10:98:58:6c:02:78:f2:
3b:32:eb:5c:e2:7d:98:af:79:e6:d6:bc:dc:cc:a6:
20:b1:88:85:53:08:3c:19:86:0d:c0:5e:95:e2:2e:
38:53:f6:65:83:bb:e1:bc:0d:c5:8f:70:a6:7e:3e:
90:53:c7:a6:f0:f5:88:30:a9:ec:a7:c7:32:0d:ce:
eb:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:E0:41:1A:AB:D9:0C:EF:B4:61:9C:8F:9A:0D:C5:88:FB:92:73:69
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QOBBGqvZDO-0YZyPmg3FiPuSc2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.88.0/24
84.32.92.0/22
88.216.16.0-88.216.18.255
88.216.35.0-88.216.41.255
88.216.43.0/24
88.216.90.0/23
88.216.100.0/22
88.216.187.0-88.216.191.255
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
66:79:7c:8e:33:e5:b2:08:55:7c:c4:71:23:40:d1:f5:8c:85:
94:11:24:c0:f7:fd:03:b2:60:b1:5d:22:da:ec:c0:00:32:8f:
6c:ca:f4:b3:bf:ca:f6:06:58:1b:3c:c1:a6:55:d8:55:89:af:
fe:01:06:4c:ff:86:30:00:45:88:af:d1:c0:56:52:d2:2c:4a:
a0:c5:54:10:65:2c:81:50:08:93:26:92:98:79:9d:9b:eb:d6:
b3:7d:5c:80:08:30:e3:ff:81:48:67:90:69:d2:7d:c9:1d:d8:
ed:6d:50:47:bf:6f:6e:3d:94:cb:7f:ae:d4:6e:d0:7b:11:9f:
51:c6:a3:df:90:49:0d:9d:72:85:58:94:30:56:57:6a:ea:79:
36:33:14:55:7e:51:66:5f:70:89:56:06:c7:de:99:08:ca:cf:
17:6c:67:4c:3f:4a:b8:b4:3a:3b:01:c9:22:a8:fc:ac:0d:2e:
78:52:1e:80:e7:0d:97:9d:97:a9:fa:a3:08:b2:7b:05:82:ae:
fb:96:92:4e:65:87:c0:06:94:00:f2:be:fa:53:29:b8:cc:75:
d4:db:02:ac:44:99:f1:10:ba:c7:82:b4:fc:f7:89:a0:ed:77:
8b:3b:a8:b0:4b:51:5f:1b:66:7e:df:7f:ba:3b:52:ce:81:31:
d1:55:54:3b
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgIEAZgOIzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYy
NzA4MjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDBlMDQxMWFhYmQ5
MGNlZmI0NjE5YzhmOWEwZGM1ODhmYjkyNzM2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALX/IOpYJnQbY27+MfIb4w9VqzXltgsb1XWBTp3N5MyJRD6u
em8BWAedwStXBT55z8AnAKFTDKoKA5TtaZ5CuPJU8Pty65AW5RApjwNjeckNXXIi
kcZ+ccMTgt02lIOjed40GD6LfEioL+IA4gwwjrsOEBPYOcicX5PCYuKOOm33RY4G
WMVrEVGaQMzgmQxVzepdrkm+Ug/x5Wse38IgF8iPM5M0LnBsqduQLrT0j/rIQ/dp
rjpzS3hJtPoQmFhsAnjyOzLrXOJ9mK955ta83MymILGIhVMIPBmGDcBeleIuOFP2
ZYO74bwNxY9wpn4+kFPHpvD1iDCp7KfHMg3O64MCAwEAAaOCAl0wggJZMB0GA1Ud
DgQWBBRA4EEaq9kM77RhnI+aDcWI+5JzaTAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L1FPQkJHcXZaRE8tMFlaeVBtZzNGaVB1U2Myay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBz
BggrBgEFBQcBBwEB/wRkMGIwYAQCAAEwWgMEAFQgDgMEAFQgIgMEAFQgWAMEAlQg
XDAMAwQEWNgQAwQAWNgSMAwDBABY2CMDBAFY2CgDBABY2CsDBAFY2FoDBAJY2GQw
DAMEAFjYuwMEBljYgAMEAljY+DANBgkqhkiG9w0BAQsFAAOCAQEAZnl8jjPlsghV
fMRxI0DR9YyFlBEkwPf9A7JgsV0i2uzAADKPbMr0s7/K9gZYGzzBplXYVYmv/gEG
TP+GMABFiK/RwFZS0ixKoMVUEGUsgVAIkyaSmHmdm+vWs31cgAgw4/+BSGeQadJ9
yR3Y7W1QR79vbj2Uy3+u1G7QexGfUcaj35BJDZ1yhViUMFZXaup5NjMUVX5RZl9w
iVYGx96ZCMrPF2xnTD9KuLQ6OwHJIqj8rA0ueFIegOcNl52XqfqjCLJ7BYKu+5aS
TmWHwAaUAPK++lMpuMx11NsCrESZ8RC6x4K0/PeJoO13izuosEtRXxtmft9/ujtS
zoEx0VVUOw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org