Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YpNpK3X65hw7G4SulW0zb6ZP5Lg.roa
File: YpNpK3X65hw7G4SulW0zb6ZP5Lg.roa (raw, json)
Hash identifier: wV68WQcNqLNMlQVVY+8x+y+Z/azt8K24Mn99W6bbAsA=
Subject key identifier: 62:93:69:2B:75:FA:E6:1C:3B:1B:84:AE:95:6D:33:6F:A6:4F:E4:B8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01826881A6F8374DE07134A9B20CC6E638B6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YpNpK3X65hw7G4SulW0zb6ZP5Lg.roa
Signing time: Thu 04 Aug 2022 10:58:23 +0000
ROA not before: Thu 04 Aug 2022 10:58:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210441
IP address blocks: 88.216.184.0/23 maxlen: 24
88.216.186.0/23 maxlen: 24
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.34.0/23 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:81:a6:f8:37:4d:e0:71:34:a9:b2:0c:c6:e6:38:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 4 10:58:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6293692b75fae61c3b1b84ae956d336fa64fe4b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0b:02:07:47:e0:cd:a6:38:ee:64:30:52:bf:
01:05:83:43:8a:5f:ce:bb:4c:fb:2f:68:36:0e:20:
10:f8:7d:99:ba:1f:36:e2:f5:1a:1f:e7:db:52:f0:
7d:b0:f6:2d:95:7c:49:ff:e4:3a:5e:14:5e:f9:4d:
a5:69:b7:62:11:22:6b:ea:df:ef:b0:35:7f:3c:47:
83:62:87:6c:0c:bc:37:bc:c9:2a:eb:0a:f3:7c:9e:
33:6d:1f:f8:a1:0c:2e:d6:cf:ee:dc:43:ef:05:e4:
57:84:d2:5d:78:de:11:c6:26:d2:29:28:b4:27:2c:
91:77:7f:ba:fc:b8:c1:31:b3:c6:8d:2b:98:67:1f:
68:58:1c:2d:e5:fb:a4:bc:67:d4:b5:03:00:19:c7:
50:b4:18:a2:9f:da:e8:58:0e:f5:21:19:6d:ca:13:
f9:7f:b5:0f:43:fc:d5:33:08:35:15:61:61:b7:67:
cc:2a:84:19:b8:8f:0e:aa:6b:e9:69:ca:47:ee:52:
83:a0:75:a9:87:7c:c5:8a:07:c0:f2:61:b0:39:9c:
0d:32:14:9a:72:43:53:b9:c9:56:1b:72:7d:0c:4b:
d5:c6:e6:c1:1a:37:11:3b:51:37:30:de:91:ac:4c:
73:7f:00:c0:ad:96:81:31:e7:a9:a0:01:cf:43:c8:
05:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:93:69:2B:75:FA:E6:1C:3B:1B:84:AE:95:6D:33:6F:A6:4F:E4:B8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/YpNpK3X65hw7G4SulW0zb6ZP5Lg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.34.0/23
88.216.44.0/23
88.216.92.0/22
88.216.184.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:5a:19:5f:f6:65:6d:d4:87:7c:85:19:db:02:95:2c:65:67:
86:ff:4e:40:6e:b8:21:f7:23:f5:2d:62:a0:e6:0a:53:b5:1d:
8e:9d:7b:7b:c7:f2:eb:97:c3:b8:11:a9:5a:c7:40:88:e2:8a:
d9:e2:5d:47:34:6e:68:be:4c:f2:e8:5f:92:eb:1e:b2:60:41:
c0:83:24:fd:cb:b5:f5:5a:dd:dc:0b:7c:ca:81:9f:a9:b0:51:
0c:34:32:74:36:21:3c:16:63:f6:cd:ea:1c:4f:7d:c8:25:22:
16:e3:1b:a9:97:7e:95:a2:20:ae:3b:9d:6e:b0:2a:9e:96:69:
4f:f0:74:1e:59:be:7d:c5:1a:b1:5c:82:f7:de:23:2d:81:89:
6a:96:d7:a6:2d:29:7e:52:e4:11:c5:f9:41:42:33:c3:56:b7:
3e:2e:a2:35:a9:db:39:b8:f5:f5:fb:f0:e2:f3:58:e8:d2:8d:
1e:9d:ab:b9:76:d4:10:7c:73:9e:1b:6c:3b:06:d7:70:46:2c:
3c:ac:b3:84:10:56:e1:cf:21:45:a8:df:3f:23:c5:84:d2:56:
92:8b:14:5c:31:8d:53:df:18:33:c8:dd:4e:9b:f8:49:11:74:
eb:bc:f8:e6:27:8a:82:fb:d3:b0:af:f9:16:b9:09:ef:14:47:
63:ef:22:5c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYJogab4N03gcTSpsgzG5ji2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODA0MTA1ODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjkzNjkyYjc1ZmFlNjFjM2IxYjg0YWU5NTZkMzM2ZmE2NGZlNGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugsCB0fgzaY47mQwUr8BBYNDil/O
u0z7L2g2DiAQ+H2Zuh824vUaH+fbUvB9sPYtlXxJ/+Q6XhRe+U2labdiESJr6t/v
sDV/PEeDYodsDLw3vMkq6wrzfJ4zbR/4oQwu1s/u3EPvBeRXhNJdeN4RxibSKSi0
JyyRd3+6/LjBMbPGjSuYZx9oWBwt5fukvGfUtQMAGcdQtBiin9roWA71IRltyhP5
f7UPQ/zVMwg1FWFht2fMKoQZuI8OqmvpacpH7lKDoHWph3zFigfA8mGwOZwNMhSa
ckNTuclWG3J9DEvVxubBGjcRO1E3MN6RrExzfwDArZaBMeepoAHPQ8gFPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGKTaSt1+uYcOxuErpVtM2+mT+S4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWXBOcEszWDY1aHc3RzRTdWxXMHpiNlpQNUxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWNgiAwQB
WNgsAwQCWNhcAwQCWNi4MA0GCSqGSIb3DQEBCwUAA4IBAQAcWhlf9mVt1Id8hRnb
ApUsZWeG/05Abrgh9yP1LWKg5gpTtR2OnXt7x/Lrl8O4Ealax0CI4orZ4l1HNG5o
vkzy6F+S6x6yYEHAgyT9y7X1Wt3cC3zKgZ+psFEMNDJ0NiE8FmP2zeocT33IJSIW
4xupl36VoiCuO51usCqelmlP8HQeWb59xRqxXIL33iMtgYlqltemLSl+UuQRxflB
QjPDVrc+LqI1qds5uPX1+/Di81jo0o0enau5dtQQfHOeG2w7BtdwRiw8rLOEEFbh
zyFFqN8/I8WE0laSixRcMY1T3xgzyN1Om/hJEXTrvPjmJ4qC+9Owr/kWuQnvFEdj
7yJc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org