Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dS0Zv-L5tDN5oYYcrseSRBCqTMg.roa
File: dS0Zv-L5tDN5oYYcrseSRBCqTMg.roa (raw, json)
Hash identifier: UHEdHd/2o89DVxbdG/mSg1EGtl4ulAJzQdn6D4mZqwM=
Subject key identifier: 75:2D:19:BF:E2:F9:B4:33:79:A1:86:1C:AE:C7:92:44:10:AA:4C:C8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: BD530D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dS0Zv-L5tDN5oYYcrseSRBCqTMg.roa
Signing time: Fri 15 Apr 2022 12:20:57 +0000
ROA not before: Fri 15 Apr 2022 12:20:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8764
IP address blocks: 88.216.139.0/24 maxlen: 24
88.216.138.0/24 maxlen: 24
88.216.142.0/24 maxlen: 24
88.216.143.0/24 maxlen: 24
88.216.140.0/24 maxlen: 24
88.216.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 12407565 (0xbd530d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 15 12:20:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=752d19bfe2f9b43379a1861caec7924410aa4cc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:04:8e:06:19:f3:a8:3a:1a:b5:4e:50:34:20:
c7:13:30:24:b7:e5:18:3e:0d:54:88:be:6c:17:a5:
1e:59:73:78:0e:c7:1f:a0:9f:14:87:0e:92:19:9b:
41:e4:25:fb:9d:a6:d5:0e:8f:b1:a0:fd:73:df:ee:
1f:3b:04:20:c8:f7:75:8a:37:df:05:c0:f4:3c:ea:
e8:4c:7f:94:56:e6:32:4a:7c:e4:25:ff:8b:67:b6:
bd:1f:a4:bb:4e:53:59:61:d6:39:2e:46:06:10:68:
28:d8:63:48:73:7b:0f:db:e9:37:a6:e0:3e:eb:4c:
fb:5d:17:64:f4:26:31:ca:af:54:59:d3:b6:27:2e:
c1:6a:f0:96:ca:c7:db:9c:9d:5b:97:d8:a1:d2:22:
c1:da:5a:73:16:7e:b1:2c:f3:74:aa:28:f6:9e:c8:
e2:f4:a0:af:08:05:03:a6:16:c6:d0:fc:38:2a:29:
c7:2d:20:7e:d2:1c:e4:e7:7f:19:db:e8:b9:1f:38:
03:11:2b:3c:cc:47:dd:dd:37:19:95:a2:68:5d:4f:
ac:a9:df:94:09:2c:03:9d:e0:b4:d9:a2:ce:b1:5d:
0c:49:91:3f:e5:98:e4:e4:dc:6e:77:dc:f0:7c:04:
6b:31:b4:b4:65:d8:b9:bc:1b:20:c2:94:1c:1b:2b:
83:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:2D:19:BF:E2:F9:B4:33:79:A1:86:1C:AE:C7:92:44:10:AA:4C:C8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/dS0Zv-L5tDN5oYYcrseSRBCqTMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.138.0-88.216.143.255
Signature Algorithm: sha256WithRSAEncryption
66:bd:e1:2b:eb:0b:81:8c:82:61:6f:28:e0:c6:28:5e:8c:b7:
95:eb:d0:b3:f1:b2:ad:41:a3:14:70:78:08:ba:15:f7:74:b1:
66:07:9b:3f:b9:a5:1e:90:eb:78:95:09:a0:af:47:81:ef:6c:
18:39:d1:ea:e5:cb:61:90:84:a4:e1:e1:2b:d5:58:e7:44:cf:
aa:4e:f1:62:c5:15:ca:54:de:cc:88:f0:c1:0a:3e:2b:a1:0e:
a6:b2:3d:0c:09:ac:1e:2f:44:af:46:87:ca:6a:48:0e:d0:af:
da:36:ef:63:0e:fa:23:93:dd:b0:66:dd:f5:d6:ef:a9:b5:74:
4e:9b:e0:98:01:6e:df:76:e1:ab:50:28:e8:17:ec:63:20:eb:
f2:6c:d1:3b:47:5e:81:b1:ce:3e:87:ab:3a:dd:34:b8:54:e2:
b9:dc:3e:3b:d7:42:c4:15:00:dc:25:9e:e5:be:fd:d0:b9:3b:
2f:20:c4:0e:2b:31:27:1b:6f:d9:4a:6f:a0:ea:65:43:68:b4:
32:e7:a3:1b:d8:73:9b:d7:d9:0b:42:d2:a4:44:76:3e:68:e8:
90:f4:e2:4c:f0:1f:8f:ae:6f:09:9c:31:44:69:44:5c:20:16:
51:35:69:f5:d9:2d:c3:af:ee:39:fb:6e:76:e1:fa:21:71:b6:
c2:48:c9:4b
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAL1TDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDQx
NTEyMjA1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzUyZDE5YmZlMmY5
YjQzMzc5YTE4NjFjYWVjNzkyNDQxMGFhNGNjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANIEjgYZ86g6GrVOUDQgxxMwJLflGD4NVIi+bBelHllzeA7H
H6CfFIcOkhmbQeQl+52m1Q6PsaD9c9/uHzsEIMj3dYo33wXA9Dzq6Ex/lFbmMkp8
5CX/i2e2vR+ku05TWWHWOS5GBhBoKNhjSHN7D9vpN6bgPutM+10XZPQmMcqvVFnT
ticuwWrwlsrH25ydW5fYodIiwdpacxZ+sSzzdKoo9p7I4vSgrwgFA6YWxtD8OCop
xy0gftIc5Od/GdvouR84AxErPMxH3d03GZWiaF1PrKnflAksA53gtNmizrFdDEmR
P+WY5OTcbnfc8HwEazG0tGXYubwbIMKUHBsrg0ECAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBR1LRm/4vm0M3mhhhyux5JEEKpMyDAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2RTMFp2LUw1dERONW9ZWWNyc2VTUkJDcVRNZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQBWNiKAwQEWNiAMA0GCSqGSIb3
DQEBCwUAA4IBAQBmveEr6wuBjIJhbyjgxihejLeV69Cz8bKtQaMUcHgIuhX3dLFm
B5s/uaUekOt4lQmgr0eB72wYOdHq5cthkISk4eEr1VjnRM+qTvFixRXKVN7MiPDB
Cj4roQ6msj0MCaweL0SvRofKakgO0K/aNu9jDvojk92wZt311u+ptXROm+CYAW7f
duGrUCjoF+xjIOvybNE7R16Bsc4+h6s63TS4VOK53D4710LEFQDcJZ7lvv3QuTsv
IMQOKzEnG2/ZSm+g6mVDaLQy56Mb2HOb19kLQtKkRHY+aOiQ9OJM8B+Prm8JnDFE
aURcIBZRNWn12S3Dr+45+2524fohcbbCSMlL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org