Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dEFqW34MwNnBvZz6RfNLspV8-7o.roa
File: dEFqW34MwNnBvZz6RfNLspV8-7o.roa (raw, json)
Hash identifier: Sdv1gGkM8Ffj5RIVG92GAz4Vp0GI/cVoUWcBgwp1mTw=
Subject key identifier: 74:41:6A:5B:7E:0C:C0:D9:C1:BD:9C:FA:45:F3:4B:B2:95:7C:FB:BA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: B49DE7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dEFqW34MwNnBvZz6RfNLspV8-7o.roa
Signing time: Wed 13 Apr 2022 16:24:22 +0000
ROA not before: Wed 13 Apr 2022 16:24:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 88.216.224.0/21 maxlen: 24
88.216.128.0/21 maxlen: 24
88.216.240.0/21 maxlen: 24
88.216.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11836903 (0xb49de7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 13 16:24:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=74416a5b7e0cc0d9c1bd9cfa45f34bb2957cfbba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c3:25:79:d2:85:b8:2f:d3:48:0c:72:cc:36:
02:97:4e:49:14:b4:04:30:03:f0:a3:09:53:f1:b7:
8d:1c:b9:a5:67:f5:7f:ce:dc:ed:9c:f0:7e:d5:10:
26:ae:e5:0f:16:77:e4:7b:31:59:aa:df:71:5a:38:
5e:f0:89:84:ab:36:70:36:0c:1d:07:88:47:50:ba:
82:8f:60:46:74:7c:e4:0e:0e:ba:90:37:81:d9:2b:
13:3a:41:e5:e4:e8:4e:d7:f9:c2:af:8a:af:f8:48:
3a:7d:23:ba:ee:0f:a5:93:87:97:55:0f:e3:e8:46:
19:12:b7:9e:f1:58:99:a4:59:b8:6b:e7:bd:de:28:
89:ed:3d:1e:dd:5e:b4:27:c2:7b:b3:3d:7e:31:e4:
e4:9f:04:23:34:68:0a:19:02:38:a3:57:8d:30:ee:
28:66:97:67:e3:ea:b8:45:c9:1b:39:cb:a1:bc:01:
30:e8:9a:55:ac:79:be:47:b0:25:11:de:c9:7d:30:
5e:aa:ac:d1:11:5b:41:d3:a8:22:ef:aa:fd:c9:ac:
ba:bf:b8:d1:60:43:86:98:e0:0d:46:df:5e:44:2f:
93:00:5c:8f:41:d8:63:cc:4b:48:7a:92:72:c7:a8:
f9:f6:93:dc:69:4d:a4:48:80:02:b7:39:c2:47:45:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:41:6A:5B:7E:0C:C0:D9:C1:BD:9C:FA:45:F3:4B:B2:95:7C:FB:BA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dEFqW34MwNnBvZz6RfNLspV8-7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.128.0/21
88.216.224.0/21
88.216.240.0/20
Signature Algorithm: sha256WithRSAEncryption
11:28:b6:8b:ad:85:c6:22:66:c1:6b:15:05:7a:28:46:ff:77:
93:cf:f9:3d:df:a2:79:73:22:18:af:b2:fb:28:8d:b6:07:df:
cd:68:21:ed:98:96:1d:b9:be:15:8a:4d:84:a4:39:9a:cf:08:
cd:f1:4c:7e:b2:66:fd:a4:ed:77:74:ca:ba:d4:34:45:1e:42:
64:20:25:af:0a:34:bc:19:0a:3e:0e:ec:bb:8d:4a:88:72:17:
10:38:b1:62:ff:37:62:73:9a:e9:23:d8:93:8e:b0:4a:7a:14:
18:bb:01:cb:75:bb:ec:3c:dd:06:e0:47:fa:ab:0a:1d:0a:e7:
fe:4c:f4:c7:f7:26:cf:01:fd:9e:15:7f:aa:67:09:77:11:85:
60:67:c8:9e:a0:16:da:5b:0a:12:29:7d:0e:5d:c1:e6:d0:2d:
21:d1:31:4c:a1:35:57:b3:9b:bd:ad:28:89:df:99:4f:c7:2a:
16:ce:a3:fb:75:ef:d6:9e:8c:62:5c:d1:41:b3:56:95:21:01:
60:3f:06:05:f4:08:01:ce:17:b1:4c:8b:4f:bc:1a:85:6e:00:
89:ee:ca:a1:fc:2c:aa:21:e2:99:15:99:47:02:69:a9:66:68:
15:af:df:cb:fa:e3:36:05:c8:55:be:c9:a9:68:71:ac:66:23:
c4:04:76:41
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEALSd5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQx
MzE2MjQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzQ0MTZhNWI3ZTBj
YzBkOWMxYmQ5Y2ZhNDVmMzRiYjI5NTdjZmJiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHDJXnShbgv00gMcsw2ApdOSRS0BDAD8KMJU/G3jRy5pWf1
f87c7ZzwftUQJq7lDxZ35HsxWarfcVo4XvCJhKs2cDYMHQeIR1C6go9gRnR85A4O
upA3gdkrEzpB5eToTtf5wq+Kr/hIOn0juu4PpZOHl1UP4+hGGRK3nvFYmaRZuGvn
vd4oie09Ht1etCfCe7M9fjHk5J8EIzRoChkCOKNXjTDuKGaXZ+PquEXJGznLobwB
MOiaVax5vkewJRHeyX0wXqqs0RFbQdOoIu+q/cmsur+40WBDhpjgDUbfXkQvkwBc
j0HYY8xLSHqScseo+faT3GlNpEiAArc5wkdFTl8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBR0QWpbfgzA2cG9nPpF80uylXz7ujAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2RFRnFXMzRNd05uQnZaejZSZk5Mc3BWOC03by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1jYgAMEA1jY4AMEBFjY8DANBgkq
hkiG9w0BAQsFAAOCAQEAESi2i62FxiJmwWsVBXooRv93k8/5Pd+ieXMiGK+y+yiN
tgffzWgh7ZiWHbm+FYpNhKQ5ms8IzfFMfrJm/aTtd3TKutQ0RR5CZCAlrwo0vBkK
Pg7su41KiHIXEDixYv83YnOa6SPYk46wSnoUGLsBy3W77DzdBuBH+qsKHQrn/kz0
x/cmzwH9nhV/qmcJdxGFYGfInqAW2lsKEil9Dl3B5tAtIdExTKE1V7Obva0oid+Z
T8cqFs6j+3Xv1p6MYlzRQbNWlSEBYD8GBfQIAc4XsUyLT7wahW4Aie7KofwsqiHi
mRWZRwJpqWZoFa/fy/rjNgXIVb7JqWhxrGYjxAR2QQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org