Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S5_fU8CBS-rmifPeHWXBoQpUWig.roa
File: S5_fU8CBS-rmifPeHWXBoQpUWig.roa (raw, json)
Hash identifier: QDjQRInWArbNTwefILGpSxRhKpO8Y9xoKTqRFoumUDY=
Subject key identifier: 4B:9F:DF:53:C0:81:4B:EA:E6:89:F3:DE:1D:65:C1:A1:0A:54:5A:28
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01835210107170098349A324231FF54E8CD7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S5_fU8CBS-rmifPeHWXBoQpUWig.roa
Signing time: Sun 18 Sep 2022 19:25:27 +0000
ROA not before: Sun 18 Sep 2022 19:25:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 88.216.184.0/23 maxlen: 24
88.216.186.0/23 maxlen: 24
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.34.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:52:10:10:71:70:09:83:49:a3:24:23:1f:f5:4e:8c:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 18 19:25:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b9fdf53c0814beae689f3de1d65c1a10a545a28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8c:07:3f:cf:5a:0b:20:7b:a3:b1:05:45:80:
73:ed:8a:87:96:2f:e3:d0:b2:69:ca:00:89:d4:7b:
80:b2:bc:ed:60:8b:70:5f:0a:cb:85:e5:3d:c4:b0:
5e:0a:e3:53:6d:76:fd:ed:4b:0c:d5:bb:85:03:cb:
c8:3a:50:8e:78:f6:4d:08:f1:c6:07:f0:83:91:8f:
d3:68:71:a1:bf:4e:fd:f9:e6:49:8a:5b:bf:63:7b:
e1:7b:fb:01:d0:87:19:1b:69:d2:94:8d:6e:8e:27:
c7:2e:5f:2b:bc:2c:dc:4b:82:ff:2f:55:ec:65:99:
2a:9b:e4:3d:3d:2c:a7:0c:89:b1:37:28:d3:44:a9:
c3:ba:28:c7:0b:a0:15:d4:67:6b:d3:f6:e5:45:e7:
50:53:f3:81:20:17:f7:10:78:5a:78:93:08:6b:17:
f0:61:38:df:2d:fd:83:82:5a:af:09:0e:32:79:83:
fd:cd:11:1a:92:17:74:6d:03:15:8d:98:a6:6e:2f:
89:04:6a:c7:68:a6:39:1a:48:a9:e8:87:f6:cb:f8:
34:9e:8c:d4:aa:de:08:31:67:33:b8:6a:97:41:34:
c3:ff:c8:aa:3f:a4:5f:c8:a8:34:84:24:35:c4:b4:
5b:d5:86:6d:62:d2:38:4f:b9:00:55:7f:66:a4:07:
b2:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:9F:DF:53:C0:81:4B:EA:E6:89:F3:DE:1D:65:C1:A1:0A:54:5A:28
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/S5_fU8CBS-rmifPeHWXBoQpUWig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.34.0/23
88.216.92.0/22
88.216.184.0/22
Signature Algorithm: sha256WithRSAEncryption
13:d9:55:a6:75:8e:ba:43:e1:57:97:54:1c:fc:df:13:24:bd:
27:83:4a:a8:4e:9b:b1:b1:e8:fd:0c:89:23:45:ee:07:23:bd:
00:8c:40:6e:bb:b0:5a:ef:7f:42:2a:5e:5a:74:55:b6:1b:b0:
1d:1e:19:c2:60:1d:db:24:d4:a7:f2:00:94:c7:71:ae:6e:51:
c1:3a:d8:c9:08:5d:9b:8e:75:6b:9e:73:9f:9a:e6:65:09:35:
0a:ce:f9:dc:ae:f9:21:a5:54:03:41:df:c7:36:a0:45:6b:b4:
99:8b:68:bb:ab:ac:38:3e:84:aa:50:c0:92:07:13:98:0c:c7:
74:9a:8f:92:6e:4e:70:52:6e:5a:52:17:15:15:43:3b:b5:bf:
8b:d5:67:b0:4a:7a:69:3e:b6:7e:ad:1b:db:19:1d:0d:59:bf:
35:b1:54:f0:09:97:63:ec:a7:41:0e:77:72:ca:d8:01:b3:3e:
70:9c:f9:f6:1a:0d:07:91:f1:b5:a4:80:20:31:09:d1:c0:cf:
5b:82:7d:31:10:ac:57:8f:c0:ec:31:0b:51:e7:55:e6:8d:08:
85:16:7e:bd:5e:96:45:3b:1b:28:f4:a2:e0:ef:d8:29:d1:98:
20:aa:80:59:dc:bf:89:03:6e:17:b2:86:8f:6f:71:f5:a7:3e:
9b:27:42:27
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNSEBBxcAmDSaMkIx/1TozXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTE4MTkyNTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjlmZGY1M2MwODE0YmVhZTY4OWYzZGUxZDY1YzFhMTBhNTQ1YTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIwHP89aCyB7o7EFRYBz7YqHli/j
0LJpygCJ1HuAsrztYItwXwrLheU9xLBeCuNTbXb97UsM1buFA8vIOlCOePZNCPHG
B/CDkY/TaHGhv079+eZJilu/Y3vhe/sB0IcZG2nSlI1ujifHLl8rvCzcS4L/L1Xs
ZZkqm+Q9PSynDImxNyjTRKnDuijHC6AV1Gdr0/blRedQU/OBIBf3EHhaeJMIaxfw
YTjfLf2DglqvCQ4yeYP9zREakhd0bQMVjZimbi+JBGrHaKY5Gkip6If2y/g0nozU
qt4IMWczuGqXQTTD/8iqP6RfyKg0hCQ1xLRb1YZtYtI4T7kAVX9mpAeyQQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEuf31PAgUvq5onz3h1lwaEKVFooMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUzVfZlU4Q0JTLXJtaWZQZUhXWEJvUXBVV2lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWNgiAwQC
WNhcAwQCWNi4MA0GCSqGSIb3DQEBCwUAA4IBAQAT2VWmdY66Q+FXl1Qc/N8TJL0n
g0qoTpuxsej9DIkjRe4HI70AjEBuu7Ba739CKl5adFW2G7AdHhnCYB3bJNSn8gCU
x3GublHBOtjJCF2bjnVrnnOfmuZlCTUKzvncrvkhpVQDQd/HNqBFa7SZi2i7q6w4
PoSqUMCSBxOYDMd0mo+Sbk5wUm5aUhcVFUM7tb+L1WewSnppPrZ+rRvbGR0NWb81
sVTwCZdj7KdBDndyytgBsz5wnPn2Gg0HkfG1pIAgMQnRwM9bgn0xEKxXj8DsMQtR
51XmjQiFFn69XpZFOxso9KLg79gp0ZggqoBZ3L+JA24XsoaPb3H1pz6bJ0In
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org