Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bbJyjzlA9r4dnzDZTogoBUDoLo0.roa
File: bbJyjzlA9r4dnzDZTogoBUDoLo0.roa (raw, json)
Hash identifier: LuNASojCrfl82GPi5TOtEc4gg+Lk8EjQEzhB7hVoyI0=
Subject key identifier: 6D:B2:72:8F:39:40:F6:BE:1D:9F:30:D9:4E:88:28:05:40:E8:2E:8D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183FB6DFB00CB2AE95BB302B6902B297832
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bbJyjzlA9r4dnzDZTogoBUDoLo0.roa
Signing time: Fri 21 Oct 2022 16:43:52 +0000
ROA not before: Fri 21 Oct 2022 16:43:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 88.216.232.0/22 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:6d:fb:00:cb:2a:e9:5b:b3:02:b6:90:2b:29:78:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 21 16:43:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6db2728f3940f6be1d9f30d94e88280540e82e8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ca:92:c3:b6:79:cf:5d:23:50:f9:1c:f7:31:
e3:ee:b6:46:6b:1f:69:6b:fe:20:fb:8b:c0:03:50:
86:eb:2d:5d:39:cb:de:f0:f2:9d:7a:6b:b9:3a:20:
77:42:eb:c0:cb:d9:ae:1c:8f:bc:81:d2:6b:4f:f9:
5c:3d:ca:91:84:e6:de:25:6d:98:73:31:e3:7e:22:
b3:28:e2:62:6c:a6:49:85:ea:4f:ea:63:f7:5c:16:
22:5b:fe:c9:56:68:13:6e:35:fb:8b:b4:a4:09:ea:
8b:be:61:ff:31:f3:cd:e8:eb:6d:53:93:3c:c1:84:
e6:3d:85:fd:5e:7c:91:22:c8:db:5a:2a:dd:1e:c7:
1d:f8:02:4f:ba:34:9b:6b:c8:38:68:f5:6f:88:30:
69:da:05:7f:47:5e:40:c1:79:a0:39:33:03:93:e0:
27:e7:eb:9b:f9:4d:1c:95:c0:07:ba:ad:f8:6d:81:
dc:6f:e9:89:a4:1f:28:8c:a2:95:36:d6:ad:b4:dc:
46:57:28:6f:69:5a:dd:0d:d9:23:23:8e:1b:e3:e2:
89:1a:87:6c:ad:ba:cd:ff:da:04:ed:ce:31:af:0d:
a5:7a:23:de:c9:a0:bc:a2:7f:50:64:39:c4:a4:60:
ca:90:03:3b:44:12:aa:ea:a3:09:09:b2:1a:02:e8:
f5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:B2:72:8F:39:40:F6:BE:1D:9F:30:D9:4E:88:28:05:40:E8:2E:8D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bbJyjzlA9r4dnzDZTogoBUDoLo0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.33.0/24
88.216.130.0-88.216.133.255
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
55:48:ef:b5:8b:7c:0b:e9:dd:88:fb:ab:9d:6a:2c:5a:e3:a9:
50:a6:10:94:d1:6b:b8:2a:23:f9:09:b0:35:03:01:8b:34:37:
65:9c:9c:dc:26:5f:51:f1:77:42:51:b2:4f:db:0f:5f:e2:f5:
c6:be:d1:9c:58:c2:ba:8d:33:d2:51:ff:6d:e8:02:ad:92:76:
c3:56:e4:77:68:ab:4f:c5:fc:f3:09:a0:0f:6c:14:b8:9c:21:
30:97:3c:15:47:c6:85:1d:67:6a:b3:01:45:38:7e:72:ef:cb:
41:15:be:b3:e1:75:3b:19:fd:05:95:e9:11:30:12:ca:53:62:
75:a0:1d:f2:a8:0a:c7:60:11:c9:7d:54:63:b0:ea:21:cb:eb:
ea:0a:42:b6:37:b5:3e:2f:ae:2e:a6:92:9d:6c:dc:1d:7d:d2:
bf:7b:a2:84:6d:54:a6:e1:40:31:49:d3:da:9f:16:38:5e:6a:
9d:92:7e:37:02:20:7c:5a:13:d9:c4:4c:cc:1a:f3:01:21:2d:
16:f7:b9:5b:e3:30:75:4c:5d:24:dd:cc:84:88:56:c0:9b:58:
b8:1f:bc:fd:1f:ef:be:2b:e8:f4:95:48:9c:b6:27:e2:d4:27:
77:2a:c5:2c:18:66:a6:3c:ec:17:84:86:aa:2e:9d:be:ba:c3:
cf:ac:af:19
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYP7bfsAyyrpW7MCtpArKXgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIxMTY0MzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGIyNzI4ZjM5NDBmNmJlMWQ5ZjMwZDk0ZTg4MjgwNTQwZTgyZThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMqSw7Z5z10jUPkc9zHj7rZGax9p
a/4g+4vAA1CG6y1dOcve8PKdemu5OiB3QuvAy9muHI+8gdJrT/lcPcqRhObeJW2Y
czHjfiKzKOJibKZJhepP6mP3XBYiW/7JVmgTbjX7i7SkCeqLvmH/MfPN6OttU5M8
wYTmPYX9XnyRIsjbWirdHscd+AJPujSba8g4aPVviDBp2gV/R15AwXmgOTMDk+An
5+ub+U0clcAHuq34bYHcb+mJpB8ojKKVNtattNxGVyhvaVrdDdkjI44b4+KJGods
rbrN/9oE7c4xrw2leiPeyaC8on9QZDnEpGDKkAM7RBKq6qMJCbIaAuj1uQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG2yco85QPa+HZ8w2U6IKAVA6C6NMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYmJKeWp6bEE5cjRkbnpEWlRvZ29CVURvTG8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAWNghMAwD
BAFY2IIDBAFY2IQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAFVI77WLfAvp3Yj7
q51qLFrjqVCmEJTRa7gqI/kJsDUDAYs0N2WcnNwmX1Hxd0JRsk/bD1/i9ca+0ZxY
wrqNM9JR/23oAq2SdsNW5Hdoq0/F/PMJoA9sFLicITCXPBVHxoUdZ2qzAUU4fnLv
y0EVvrPhdTsZ/QWV6REwEspTYnWgHfKoCsdgEcl9VGOw6iHL6+oKQrY3tT4vri6m
kp1s3B190r97ooRtVKbhQDFJ09qfFjheap2SfjcCIHxaE9nETMwa8wEhLRb3uVvj
MHVMXSTdzISIVsCbWLgfvP0f774r6PSVSJy2J+LUJ3cqxSwYZqY87BeEhqounb66
w8+srxk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org