Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QS5C1oJj2_hMSU6X3RgT7dYrYrE.roa
File: QS5C1oJj2_hMSU6X3RgT7dYrYrE.roa (raw, json)
Hash identifier: TZ2qukhMNG0Ws0jk5VsBXPn7jzwe0HM/vhW0XH6oJE8=
Subject key identifier: 41:2E:42:D6:82:63:DB:F8:4C:49:4E:97:DD:18:13:ED:D6:2B:62:B1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01843E6AAFC813C4E679FA9CCB7C9ACF3034
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QS5C1oJj2_hMSU6X3RgT7dYrYrE.roa
Signing time: Thu 03 Nov 2022 16:54:49 +0000
ROA not before: Thu 03 Nov 2022 16:54:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.228.0/22 maxlen: 24
84.32.232.0/23 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
84.32.236.0/23 maxlen: 24
88.216.244.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.252.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:6a:af:c8:13:c4:e6:79:fa:9c:cb:7c:9a:cf:30:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 16:54:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=412e42d68263dbf84c494e97dd1813edd62b62b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:61:df:2e:b4:66:ed:4d:14:51:48:ff:7c:c7:
47:b1:5a:b1:a9:fd:b4:72:f4:b4:16:b5:3a:71:d2:
7d:05:aa:93:fb:0a:50:48:9a:2f:7b:64:de:5f:5d:
45:6c:1d:8c:f8:15:6d:45:34:cf:3c:c6:bf:db:22:
ec:9c:72:d8:55:8f:53:dd:18:e9:67:72:c5:96:8c:
da:68:8b:3a:38:04:5b:12:f9:13:8b:2c:1e:c4:c9:
ee:89:5e:99:70:41:ba:41:5c:a7:53:ee:0c:25:4f:
b7:ca:98:52:f4:a4:68:55:cb:35:ac:c4:d1:42:5e:
02:c8:2d:82:a9:9c:d4:a1:4d:91:38:b4:c5:89:7d:
00:a7:7b:ff:6f:0b:c7:36:2d:7f:2f:b2:a9:66:04:
e2:5a:b0:57:43:5e:bc:c0:3f:d3:42:c1:b6:69:7d:
f4:35:1c:60:09:0e:35:bf:bb:4c:df:fc:41:c0:ec:
b3:7b:9a:5b:a3:79:cd:4e:62:8c:48:0e:64:21:34:
b8:10:1b:d7:e1:1d:24:32:f4:04:f6:d1:5f:5b:af:
f2:4e:36:e7:e1:82:a1:55:d2:0a:70:83:0b:bd:0a:
e1:d0:89:8f:59:e2:22:fc:78:4d:9f:07:39:83:37:
a0:87:f4:6c:47:ee:8e:fd:df:81:74:c4:3f:65:3a:
9b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:2E:42:D6:82:63:DB:F8:4C:49:4E:97:DD:18:13:ED:D6:2B:62:B1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QS5C1oJj2_hMSU6X3RgT7dYrYrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.214.0/23
84.32.232.0/23
84.32.236.0/23
84.32.246.0/23
84.32.252.0/23
88.216.180.0/22
88.216.212.0/22
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
9c:81:a8:17:37:cb:9d:06:a2:38:cc:7c:72:17:53:8c:f2:d4:
18:4b:ca:5f:10:b0:d8:f3:20:71:b1:6c:c5:17:5c:b3:97:dc:
55:4a:d8:ab:8b:6c:17:8a:4a:2e:f8:1f:7e:79:35:05:c5:c4:
24:f0:94:38:9e:90:47:50:5a:16:0c:0b:9d:76:b1:3d:73:79:
d1:6e:b5:e2:03:1f:ee:59:32:f7:a2:40:9e:33:b0:56:22:27:
5c:4b:ab:ab:9d:89:09:62:97:8d:41:f4:83:0b:5d:1f:be:54:
6e:38:37:bf:4d:cc:6f:d1:33:78:41:f2:03:90:60:36:45:6f:
8b:da:b0:a2:6a:d0:bd:cb:ab:2b:98:d8:10:ee:68:6c:ae:f9:
ed:bc:a9:18:32:2b:0a:e0:26:44:44:4e:8d:ff:78:a8:ca:1e:
5f:8b:26:e3:91:0e:ed:74:6a:d8:98:3b:99:07:f0:33:5f:f7:
4d:77:fe:c6:45:5d:ec:7d:99:c2:4b:66:07:44:1d:7a:30:71:
f1:39:16:68:0b:2d:cd:af:5a:b7:75:1b:f5:a5:e4:c0:7b:f8:
6e:0c:87:65:26:9f:43:16:53:9f:51:6f:3c:05:7f:83:32:33:
32:da:47:d1:2a:c7:f1:fa:50:1c:bb:e6:6d:89:76:e5:75:77:
5a:36:cf:29
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQ+aq/IE8Tmefqcy3yazzA0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTAzMTY1NDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTJlNDJkNjgyNjNkYmY4NGM0OTRlOTdkZDE4MTNlZGQ2MmI2MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2HfLrRm7U0UUUj/fMdHsVqxqf20
cvS0FrU6cdJ9BaqT+wpQSJove2TeX11FbB2M+BVtRTTPPMa/2yLsnHLYVY9T3Rjp
Z3LFlozaaIs6OARbEvkTiywexMnuiV6ZcEG6QVynU+4MJU+3yphS9KRoVcs1rMTR
Ql4CyC2CqZzUoU2ROLTFiX0Ap3v/bwvHNi1/L7KpZgTiWrBXQ168wD/TQsG2aX30
NRxgCQ41v7tM3/xBwOyze5pbo3nNTmKMSA5kITS4EBvX4R0kMvQE9tFfW6/yTjbn
4YKhVdIKcIMLvQrh0ImPWeIi/HhNnwc5gzegh/RsR+6O/d+BdMQ/ZTqbLwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEEuQtaCY9v4TElOl90YE+3WK2KxMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUVM1QzFvSmoyX2hNU1U2WDNSZ1Q3ZFlyWXJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQBVCDWAwQB
VCDoAwQBVCDsAwQBVCD2AwQBVCD8AwQCWNi0AwQCWNjUAwQCWNjkMAwDBAJY2OwD
BANY2PAwDQYJKoZIhvcNAQELBQADggEBAJyBqBc3y50GojjMfHIXU4zy1BhLyl8Q
sNjzIHGxbMUXXLOX3FVK2KuLbBeKSi74H355NQXFxCTwlDiekEdQWhYMC512sT1z
edFuteIDH+5ZMveiQJ4zsFYiJ1xLq6udiQlil41B9IMLXR++VG44N79NzG/RM3hB
8gOQYDZFb4vasKJq0L3LqyuY2BDuaGyu+e28qRgyKwrgJkRETo3/eKjKHl+LJuOR
Du10atiYO5kH8DNf9013/sZFXex9mcJLZgdEHXowcfE5FmgLLc2vWrd1G/Wl5MB7
+G4Mh2Umn0MWU59RbzwFf4MyMzLaR9Eqx/H6UBy75m2JduV1d1o2zyk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org