Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RMZouB6TqmG0vZITSl4wAt0ks1w.roa
File: RMZouB6TqmG0vZITSl4wAt0ks1w.roa (raw, json)
Hash identifier: gDCUsa3y6DGYN96/G+htWXlbFkazsGeJACq5zB6cH4w=
Subject key identifier: 44:C6:68:B8:1E:93:AA:61:B4:BD:92:13:4A:5E:30:02:DD:24:B3:5C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01282A39
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RMZouB6TqmG0vZITSl4wAt0ks1w.roa
Signing time: Fri 20 May 2022 15:37:29 +0000
ROA not before: Fri 20 May 2022 15:37:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.188.0/22 maxlen: 24
84.32.92.0/22 maxlen: 24
88.216.100.0/22 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19409465 (0x1282a39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 20 15:37:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=44c668b81e93aa61b4bd92134a5e3002dd24b35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:51:07:20:22:13:ec:e3:f4:b9:eb:e9:75:d4:
8e:1b:0f:2c:1e:91:a2:18:b7:7a:27:44:e0:0a:96:
a6:21:96:98:0c:9d:e4:c1:08:91:8a:6e:91:2a:af:
76:eb:77:6a:49:6d:30:8d:c3:32:4f:72:eb:d8:a7:
95:f3:3d:99:80:bc:fa:c9:fb:db:b6:5b:f5:e6:5d:
54:8f:2c:94:d5:e7:54:0b:00:c9:9b:2a:4f:4c:f9:
81:0a:26:d5:73:ab:67:94:0e:30:ab:aa:95:ea:b0:
07:81:f0:2d:db:fb:c8:05:0a:db:17:40:7e:c9:0f:
c0:73:bf:41:1f:41:d4:2f:1a:4a:69:af:bd:77:2a:
c0:99:65:94:b4:7e:49:2c:1b:40:90:a3:84:61:2c:
28:63:de:7a:50:3d:01:22:ca:e7:5a:58:dd:19:a5:
97:fc:83:e7:1e:f1:3b:22:db:ef:8b:6e:bc:76:dc:
d0:74:2a:94:33:1b:3d:83:de:cf:c6:31:37:a9:5f:
2e:1a:82:fb:4d:73:0e:2f:25:f0:d1:5f:9f:6a:3d:
f2:e4:83:fe:59:fc:e3:69:cb:12:e2:dd:be:e6:d5:
a7:ba:6c:31:d0:9f:43:b0:68:c7:0f:73:9d:82:a5:
72:c9:b0:df:d6:ba:25:5e:b0:d9:12:fa:a8:48:fc:
8b:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:C6:68:B8:1E:93:AA:61:B4:BD:92:13:4A:5E:30:02:DD:24:B3:5C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RMZouB6TqmG0vZITSl4wAt0ks1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.92.0/22
88.216.16.0-88.216.18.255
88.216.40.0/23
88.216.43.0/24
88.216.100.0/22
88.216.188.0/22
Signature Algorithm: sha256WithRSAEncryption
94:90:aa:15:a8:c5:fa:2d:2f:09:40:cf:24:cc:16:6b:e4:6e:
66:b5:94:84:85:5d:67:a9:98:be:28:55:1d:6c:23:cf:f3:96:
5f:78:f8:b8:11:2d:e4:84:52:de:47:fb:05:2f:b6:83:b9:f5:
78:7d:05:66:25:64:f5:d8:72:13:be:3e:51:c4:d8:71:98:15:
25:8a:b8:54:21:5b:d2:6f:e3:69:0f:03:0f:3c:71:d8:5b:8b:
26:95:29:d0:21:22:9d:9e:40:07:66:91:91:d0:55:f8:63:08:
17:b5:9a:f4:cc:d4:3c:f2:fd:01:f3:fc:a3:e4:ab:66:e7:8d:
13:ee:06:f6:8c:0f:13:68:b0:83:d9:15:3e:13:72:00:dd:fa:
47:5b:cf:f9:30:f3:65:be:ac:50:3e:7c:fc:11:47:6b:ec:1e:
6f:f5:8a:b5:64:49:fc:b3:5d:b1:94:f7:6a:c7:31:36:5f:98:
1c:c5:39:27:49:72:8e:72:de:e5:3a:30:12:ed:ec:39:a8:97:
59:07:50:95:1f:99:7e:ab:30:36:40:00:66:b0:96:d6:f5:74:
de:3c:af:38:df:42:8d:a1:70:dd:26:f9:5c:0b:7d:01:16:ab:
f9:71:a6:ff:9d:2e:ad:89:7e:fa:e8:c2:78:36:9d:43:cd:87:
41:92:1b:ae
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEASgqOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUy
MDE1MzcyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDRjNjY4YjgxZTkz
YWE2MWI0YmQ5MjEzNGE1ZTMwMDJkZDI0YjM1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANFRByAiE+zj9Lnr6XXUjhsPLB6Rohi3eidE4AqWpiGWmAyd
5MEIkYpukSqvdut3akltMI3DMk9y69inlfM9mYC8+sn727Zb9eZdVI8slNXnVAsA
yZsqT0z5gQom1XOrZ5QOMKuqleqwB4HwLdv7yAUK2xdAfskPwHO/QR9B1C8aSmmv
vXcqwJlllLR+SSwbQJCjhGEsKGPeelA9ASLK51pY3Rmll/yD5x7xOyLb74tuvHbc
0HQqlDMbPYPez8YxN6lfLhqC+01zDi8l8NFfn2o98uSD/ln842nLEuLdvubVp7ps
MdCfQ7Boxw9znYKlcsmw39a6JV6w2RL6qEj8iwcCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRExmi4HpOqYbS9khNKXjAC3SSzXDAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L1JNWm91QjZUcW1HMHZaSVRTbDR3QXQwa3Mxdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAFQgDgMEAFQgIgMEAlQgXDAMAwQE
WNgQAwQAWNgSAwQBWNgoAwQAWNgrAwQCWNhkAwQCWNi8MA0GCSqGSIb3DQEBCwUA
A4IBAQCUkKoVqMX6LS8JQM8kzBZr5G5mtZSEhV1nqZi+KFUdbCPP85ZfePi4ES3k
hFLeR/sFL7aDufV4fQVmJWT12HITvj5RxNhxmBUlirhUIVvSb+NpDwMPPHHYW4sm
lSnQISKdnkAHZpGR0FX4YwgXtZr0zNQ88v0B8/yj5Ktm540T7gb2jA8TaLCD2RU+
E3IA3fpHW8/5MPNlvqxQPnz8EUdr7B5v9Yq1ZEn8s12xlPdqxzE2X5gcxTknSXKO
ct7lOjAS7ew5qJdZB1CVH5l+qzA2QABmsJbW9XTePK8430KNoXDdJvlcC30BFqv5
cab/nS6tiX766MJ4Np1DzYdBkhuu
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org