Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/d8cOX1zg1WZfj5XTIjFMshwCXpA.roa
File: d8cOX1zg1WZfj5XTIjFMshwCXpA.roa (raw, json)
Hash identifier: k12RqtVvaIg5szqfAfzoDHpN39QTRlSUQykcoO+KFFI=
Subject key identifier: 77:C7:0E:5F:5C:E0:D5:66:5F:8F:95:D3:22:31:4C:B2:1C:02:5E:90
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849E1745EEB4C21751CBB6AABC65057059
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/d8cOX1zg1WZfj5XTIjFMshwCXpA.roa
Signing time: Tue 22 Nov 2022 06:47:16 +0000
ROA not before: Tue 22 Nov 2022 06:47:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.212.0/22 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:17:45:ee:b4:c2:17:51:cb:b6:aa:bc:65:05:70:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 22 06:47:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=77c70e5f5ce0d5665f8f95d322314cb21c025e90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1f:a8:50:69:7a:aa:cd:86:c0:40:8c:0a:c4:
0f:8b:06:42:3a:3e:29:e4:3e:1b:38:10:c9:2e:7a:
e6:61:88:19:93:22:4b:c1:8e:2f:b9:00:42:0c:f5:
d9:1a:9f:ec:7c:b4:aa:ec:cf:cd:24:5c:a4:86:ee:
7f:ec:26:95:cc:0e:83:a9:18:6f:f4:85:09:b9:f8:
8d:91:96:83:88:ed:3a:c5:5c:63:8a:56:68:0a:ed:
f3:54:b2:f1:e7:be:79:96:b4:2e:41:b6:fe:5a:73:
0c:36:21:96:db:9e:94:ad:d2:9e:0d:28:c1:57:92:
a3:b9:ad:b0:a7:7f:de:70:f4:97:bc:14:5e:ce:80:
84:f2:f7:4f:63:a7:e1:4a:d6:10:20:25:0b:8b:27:
02:25:c4:3d:3e:54:e5:44:27:55:00:52:da:12:58:
12:e9:a5:e1:c0:a1:de:bf:32:71:9a:d9:32:8e:64:
31:a5:68:5e:91:81:a9:5e:2c:8b:34:68:02:f8:f2:
bc:50:98:e6:b4:a7:9b:a1:10:d4:b1:78:30:0f:1d:
e0:b6:52:63:7e:26:f1:5f:fd:ff:c7:a1:58:0b:e3:
07:d8:47:70:36:5d:29:b9:55:33:dd:6f:16:84:37:
23:ec:70:ad:65:59:78:a3:29:95:d2:03:1b:a9:33:
23:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:C7:0E:5F:5C:E0:D5:66:5F:8F:95:D3:22:31:4C:B2:1C:02:5E:90
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/d8cOX1zg1WZfj5XTIjFMshwCXpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.46.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
35:cc:7c:6b:e5:ea:9f:58:eb:55:88:86:4b:f4:45:0d:41:32:
5e:1b:32:37:cd:c9:60:13:0a:93:bc:74:87:97:88:ed:5d:19:
05:41:86:a2:16:82:61:fd:e3:b5:f8:15:a1:3b:2c:f4:fb:8e:
9d:bf:5a:38:11:0e:3c:2e:86:48:0d:aa:5a:a4:09:ca:37:63:
62:bd:78:93:4a:46:6f:ea:9f:6b:ca:cb:83:da:70:f8:fa:1a:
fa:b7:27:09:df:03:62:72:3a:2c:80:14:7a:7d:53:10:f4:5c:
dd:5a:b4:97:01:94:ce:96:6b:83:64:3c:c9:bf:2f:12:af:d3:
ac:2e:eb:15:83:da:16:e6:13:1a:fe:b1:3e:5a:12:f2:99:f3:
01:06:f3:ef:63:d9:d0:5d:5d:7f:2b:e7:23:37:39:31:e7:ce:
e9:bf:a5:39:32:50:29:ab:b3:73:cf:28:b6:db:e5:dd:c0:f2:
3d:7d:90:3d:93:57:97:14:e9:1c:b1:23:60:d8:38:5a:6c:02:
ee:e2:d9:fb:a6:99:d3:31:fb:f8:9c:c0:8d:a8:6a:73:ea:a8:
d7:29:82:15:bf:0e:06:f4:bb:8a:10:38:d8:12:b0:d4:11:e2:
74:8f:6e:0a:a3:70:7e:59:08:fa:79:f2:e2:b9:24:80:09:30:
18:b6:87:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYSeF0XutMIXUcu2qrxlBXBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIyMDY0NzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3N2M3MGU1ZjVjZTBkNTY2NWY4Zjk1ZDMyMjMxNGNiMjFjMDI1ZTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjx+oUGl6qs2GwECMCsQPiwZCOj4p
5D4bOBDJLnrmYYgZkyJLwY4vuQBCDPXZGp/sfLSq7M/NJFykhu5/7CaVzA6DqRhv
9IUJufiNkZaDiO06xVxjilZoCu3zVLLx5755lrQuQbb+WnMMNiGW256UrdKeDSjB
V5Kjua2wp3/ecPSXvBRezoCE8vdPY6fhStYQICULiycCJcQ9PlTlRCdVAFLaElgS
6aXhwKHevzJxmtkyjmQxpWhekYGpXiyLNGgC+PK8UJjmtKeboRDUsXgwDx3gtlJj
fibxX/3/x6FYC+MH2EdwNl0puVUz3W8WhDcj7HCtZVl4oymV0gMbqTMjAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHfHDl9c4NVmX4+V0yIxTLIcAl6QMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZDhjT1gxemcxV1pmajVYVElqRk1zaHdDWHBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNguAwQC
WNjUMA0GCSqGSIb3DQEBCwUAA4IBAQA1zHxr5eqfWOtViIZL9EUNQTJeGzI3zclg
EwqTvHSHl4jtXRkFQYaiFoJh/eO1+BWhOyz0+46dv1o4EQ48LoZIDapapAnKN2Ni
vXiTSkZv6p9rysuD2nD4+hr6tycJ3wNicjosgBR6fVMQ9FzdWrSXAZTOlmuDZDzJ
vy8Sr9OsLusVg9oW5hMa/rE+WhLymfMBBvPvY9nQXV1/K+cjNzkx587pv6U5MlAp
q7Nzzyi22+XdwPI9fZA9k1eXFOkcsSNg2DhabALu4tn7ppnTMfv4nMCNqGpz6qjX
KYIVvw4G9LuKEDjYErDUEeJ0j24Ko3B+WQj6efLiuSSACTAYtodp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-fra.rpki-client.org