Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UumGMeLtCwbDD0FIxztwocCDPxs.roa
File: UumGMeLtCwbDD0FIxztwocCDPxs.roa (raw, json)
Hash identifier: DyWiY1RXOAG9q5fl/7JhEezBwBJtiCXbus4ZlRCOiW4=
Subject key identifier: 52:E9:86:31:E2:ED:0B:06:C3:0F:41:48:C7:3B:70:A1:C0:83:3F:1B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018484E35E7E0FC62C35D61BDF290C095D9B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UumGMeLtCwbDD0FIxztwocCDPxs.roa
Signing time: Thu 17 Nov 2022 09:20:04 +0000
ROA not before: Thu 17 Nov 2022 09:20:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:e3:5e:7e:0f:c6:2c:35:d6:1b:df:29:0c:09:5d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 17 09:20:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52e98631e2ed0b06c30f4148c73b70a1c0833f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:ca:e0:09:39:ff:f0:4b:f8:25:b3:09:d8:03:
96:ed:ba:04:d2:c8:c5:26:a8:8b:7d:f3:9f:9e:21:
fc:7f:18:c9:3b:fb:db:18:d7:03:9e:8c:90:06:c1:
23:fa:49:2b:58:e8:74:54:44:89:e1:67:d1:3b:b2:
3f:82:5a:48:18:4b:97:1d:04:e3:06:2e:d8:f2:cd:
90:57:6d:82:d6:45:27:a6:5c:10:28:6b:7a:b6:db:
44:91:58:e7:cb:cc:bd:ec:96:22:6d:64:c1:dc:2b:
4b:af:15:51:8e:17:bf:29:de:68:75:ec:63:de:9b:
b3:2c:ce:b4:c3:6b:99:fa:12:c6:47:95:30:63:ed:
1d:73:06:2c:b9:dd:89:b4:73:a9:0a:83:c9:fb:e0:
69:29:e1:a0:a9:2f:08:f2:b3:c3:b8:f6:08:87:db:
73:2f:89:eb:d2:c9:4a:f8:0c:65:89:eb:6a:5b:28:
8b:12:af:7d:9c:13:85:c5:67:bd:92:cd:5d:d3:7c:
d0:de:21:a6:f0:9a:de:87:e9:22:e2:70:9f:16:d1:
31:70:83:c2:03:b2:02:b2:f2:42:ba:f6:a9:5c:26:
d6:e4:df:d4:2d:30:39:ef:24:a3:ed:57:f7:7f:3f:
52:fe:d8:48:f8:0d:91:50:41:c0:b6:1a:ca:fc:3e:
54:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:E9:86:31:E2:ED:0B:06:C3:0F:41:48:C7:3B:70:A1:C0:83:3F:1B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UumGMeLtCwbDD0FIxztwocCDPxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.20.0/24
88.216.23.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
71:93:ab:0e:a7:2e:f3:4d:d1:39:60:53:d1:37:7f:aa:da:02:
55:fa:c3:63:b3:2c:02:ac:17:60:f3:a8:c7:41:c9:3a:63:76:
fb:d4:d7:ff:b0:e2:86:16:67:c8:02:ab:3e:bf:89:dd:44:02:
18:59:74:38:33:32:26:ba:2c:50:cf:a3:9f:70:9e:96:92:db:
90:43:95:b0:15:64:da:e4:ef:8b:08:38:02:3e:4c:ea:8f:83:
6a:2e:d4:8c:f4:c8:27:3a:13:19:d9:7b:09:08:a4:43:f0:4a:
7c:f7:78:70:e2:5f:e9:bb:6b:6f:8b:be:89:bf:55:91:47:33:
bb:27:fc:3f:c4:54:0a:99:a6:0b:03:60:49:02:8f:24:91:59:
c3:a9:75:d7:7e:24:eb:1a:8a:34:a8:53:02:93:18:a9:9b:00:
a6:27:92:9b:8c:db:b1:06:98:3a:db:d2:5e:55:bf:91:4f:9f:
79:01:fd:b9:2c:15:32:c2:c6:7d:2a:f2:46:09:27:28:f5:f5:
15:8d:a9:e4:3f:64:fe:21:e7:80:f6:f8:5b:e1:a1:2c:07:56:
7e:23:13:da:8e:21:41:85:2a:67:bc:da:4c:68:4a:a2:2f:f3:
8b:6d:8d:f1:0a:ff:9b:2f:fd:e4:c8:44:a8:eb:03:f6:10:11:
0f:9e:1a:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSE415+D8YsNdYb3ykMCV2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE3MDkyMDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmU5ODYzMWUyZWQwYjA2YzMwZjQxNDhjNzNiNzBhMWMwODMzZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2crgCTn/8Ev4JbMJ2AOW7boE0sjF
JqiLffOfniH8fxjJO/vbGNcDnoyQBsEj+kkrWOh0VESJ4WfRO7I/glpIGEuXHQTj
Bi7Y8s2QV22C1kUnplwQKGt6tttEkVjny8y97JYibWTB3CtLrxVRjhe/Kd5odexj
3puzLM60w2uZ+hLGR5UwY+0dcwYsud2JtHOpCoPJ++BpKeGgqS8I8rPDuPYIh9tz
L4nr0slK+AxlietqWyiLEq99nBOFxWe9ks1d03zQ3iGm8Jreh+ki4nCfFtExcIPC
A7ICsvJCuvapXCbW5N/ULTA57ySj7Vf3fz9S/thI+A2RUEHAthrK/D5UcQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFLphjHi7QsGww9BSMc7cKHAgz8bMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVXVtR01lTHRDd2JERDBGSXh6dHdvY0NEUHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNgUAwQA
WNgXAwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQBxk6sOpy7zTdE5YFPR
N3+q2gJV+sNjsywCrBdg86jHQck6Y3b71Nf/sOKGFmfIAqs+v4ndRAIYWXQ4MzIm
uixQz6OfcJ6WktuQQ5WwFWTa5O+LCDgCPkzqj4NqLtSM9MgnOhMZ2XsJCKRD8Ep8
93hw4l/pu2tvi76Jv1WRRzO7J/w/xFQKmaYLA2BJAo8kkVnDqXXXfiTrGoo0qFMC
kxipmwCmJ5KbjNuxBpg629JeVb+RT595Af25LBUywsZ9KvJGCSco9fUVjankP2T+
IeeA9vhb4aEsB1Z+IxPajiFBhSpnvNpMaEqiL/OLbY3xCv+bL/3kyESo6wP2EBEP
nhqW
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org