Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QfV5_HpKH_VIlXa9H1aNYAGJVqM.roa
File: QfV5_HpKH_VIlXa9H1aNYAGJVqM.roa (raw, json)
Hash identifier: eSdWqVqAugDR0lw3xaMDXMBKTLSSv0526h7JO0ZsexA=
Subject key identifier: 41:F5:79:FC:7A:4A:1F:F5:48:95:76:BD:1F:56:8D:60:01:89:56:A3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 017A923D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QfV5_HpKH_VIlXa9H1aNYAGJVqM.roa
Signing time: Thu 16 Jun 2022 05:23:44 +0000
ROA not before: Thu 16 Jun 2022 05:23:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.188.0/22 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.92.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.90.0/23 maxlen: 24
88.216.100.0/22 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.36.0/22 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24810045 (0x17a923d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 16 05:23:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=41f579fc7a4a1ff5489576bd1f568d60018956a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:48:e7:43:c1:4f:8f:69:a7:b0:f2:2d:a2:6f:
bf:0a:54:a6:d3:7e:76:dc:1d:6c:c7:a5:bd:9c:89:
da:8a:86:25:b7:a7:96:5c:a4:41:02:63:a4:be:58:
2b:43:96:5f:01:b5:88:32:39:86:a8:54:6f:2f:65:
cc:77:d2:33:c5:71:71:cb:fa:6c:9b:3d:2d:b6:9a:
1e:aa:4f:eb:0d:33:e6:65:f9:67:5b:05:06:9f:bf:
27:4e:84:e4:07:ab:d7:b9:ed:44:38:40:a2:b1:3b:
a0:ec:2b:17:64:51:a6:18:7f:9f:f9:37:a1:be:b1:
88:cd:b3:d7:d6:7e:dd:00:8a:41:b1:94:cc:da:1b:
07:90:6f:a6:79:3b:34:99:0c:22:37:30:8a:3b:1d:
a6:d8:4f:f3:f3:bb:ac:03:32:57:9d:ce:31:66:94:
3d:93:3b:df:b5:ea:42:1f:2e:c9:78:b3:fb:65:3b:
c5:63:90:1a:d9:32:53:39:99:0e:21:7e:9e:ba:0f:
8b:cc:f6:64:cf:8b:6f:20:e8:ab:7f:d1:c8:19:bc:
65:4c:2a:b3:0c:3e:d5:05:39:0f:74:7b:a9:a8:85:
a5:89:51:68:71:ab:94:c6:fa:15:02:06:f9:01:85:
5f:95:82:98:ca:b2:57:ba:70:f3:42:11:09:dc:d1:
64:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:F5:79:FC:7A:4A:1F:F5:48:95:76:BD:1F:56:8D:60:01:89:56:A3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QfV5_HpKH_VIlXa9H1aNYAGJVqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.88.0/24
84.32.92.0/22
88.216.16.0-88.216.18.255
88.216.35.0-88.216.41.255
88.216.43.0/24
88.216.90.0/23
88.216.100.0/22
88.216.187.0-88.216.191.255
Signature Algorithm: sha256WithRSAEncryption
32:00:b3:f0:14:80:c1:4c:4a:e3:fb:e9:51:fb:3e:b1:82:49:
fd:28:f6:55:0b:f1:7a:5e:11:91:19:7f:64:d7:5e:13:84:99:
0e:fb:2d:76:ed:6d:78:0d:ec:fe:4a:38:07:69:56:ca:01:9d:
03:02:fb:df:a5:3c:4b:0b:57:f2:6d:57:75:fd:74:88:03:1b:
2e:49:ee:60:1f:28:3d:c7:d8:6f:e2:14:83:70:c5:44:96:dc:
b5:26:36:c6:22:f6:69:4c:46:53:7e:5c:76:9b:e8:31:08:37:
85:f0:33:f1:d0:99:e1:b9:1d:7e:07:cd:c0:67:58:15:58:9c:
46:31:0a:5e:39:9f:bb:e0:b8:a4:9a:6a:68:26:1b:c5:de:c0:
df:87:65:d0:6b:37:9e:78:38:38:a0:f9:59:20:00:ce:10:53:
21:43:02:f8:23:e7:c4:e9:f6:93:03:17:ad:8c:61:c6:fa:49:
b4:4a:4f:48:2d:17:60:3c:79:1b:e3:f9:0e:24:0a:52:2a:04:
a7:03:90:21:00:ec:f0:47:e6:47:3b:bd:18:59:e1:05:d3:26:
03:e3:85:c7:d2:f4:cb:c5:08:a7:e3:71:65:b2:52:67:ab:61:
53:54:1b:7a:a2:22:11:16:88:e4:21:69:70:40:e3:5b:23:95:
02:17:49:d2
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgIEAXqSPTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYx
NjA1MjM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDFmNTc5ZmM3YTRh
MWZmNTQ4OTU3NmJkMWY1NjhkNjAwMTg5NTZhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtI50PBT49pp7DyLaJvvwpUptN+dtwdbMelvZyJ2oqGJben
llykQQJjpL5YK0OWXwG1iDI5hqhUby9lzHfSM8Vxccv6bJs9LbaaHqpP6w0z5mX5
Z1sFBp+/J06E5Aer17ntRDhAorE7oOwrF2RRphh/n/k3ob6xiM2z19Z+3QCKQbGU
zNobB5Bvpnk7NJkMIjcwijsdpthP8/O7rAMyV53OMWaUPZM737XqQh8uyXiz+2U7
xWOQGtkyUzmZDiF+nroPi8z2ZM+LbyDoq3/RyBm8ZUwqsww+1QU5D3R7qaiFpYlR
aHGrlMb6FQIG+QGFX5WCmMqyV7pw80IRCdzRZO8CAwEAAaOCAlcwggJTMB0GA1Ud
DgQWBBRB9Xn8ekof9UiVdr0fVo1gAYlWozAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L1FmVjVfSHBLSF9WSWxYYTlIMWFOWUFHSlZxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBt
BggrBgEFBQcBBwEB/wReMFwwWgQCAAEwVAMEAFQgDgMEAFQgIgMEAFQgWAMEAlQg
XDAMAwQEWNgQAwQAWNgSMAwDBABY2CMDBAFY2CgDBABY2CsDBAFY2FoDBAJY2GQw
DAMEAFjYuwMEBljYgDANBgkqhkiG9w0BAQsFAAOCAQEAMgCz8BSAwUxK4/vpUfs+
sYJJ/Sj2VQvxel4RkRl/ZNdeE4SZDvstdu1teA3s/ko4B2lWygGdAwL736U8SwtX
8m1Xdf10iAMbLknuYB8oPcfYb+IUg3DFRJbctSY2xiL2aUxGU35cdpvoMQg3hfAz
8dCZ4bkdfgfNwGdYFVicRjEKXjmfu+C4pJpqaCYbxd7A34dl0Gs3nng4OKD5WSAA
zhBTIUMC+CPnxOn2kwMXrYxhxvpJtEpPSC0XYDx5G+P5DiQKUioEpwOQIQDs8Efm
Rzu9GFnhBdMmA+OFx9L0y8UIp+NxZbJSZ6thU1QbeqIiERaI5CFpcEDjWyOVAhdJ
0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org