Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hi7CdAs58MXlFdBUxraWfpOQQy0.roa
File: hi7CdAs58MXlFdBUxraWfpOQQy0.roa (raw, json)
Hash identifier: QyTTdFyWhRBTiidfXq0AJpEKK7QHehkK8ULx0EPLWXk=
Subject key identifier: 86:2E:C2:74:0B:39:F0:C5:E5:15:D0:54:C6:B6:96:7E:93:90:43:2D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018278BE244C3DF841A7EA6FC18DE576B7DB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hi7CdAs58MXlFdBUxraWfpOQQy0.roa
Signing time: Sun 07 Aug 2022 14:38:23 +0000
ROA not before: Sun 07 Aug 2022 14:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.216.0/22 maxlen: 24
88.216.220.0/22 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
84.32.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:78:be:24:4c:3d:f8:41:a7:ea:6f:c1:8d:e5:76:b7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 7 14:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=862ec2740b39f0c5e515d054c6b6967e9390432d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:52:10:30:7b:fb:45:2e:91:75:1a:f6:d8:
f2:fa:10:8b:91:74:cb:8c:8e:89:c8:98:ce:ff:76:
0f:e3:31:6f:3c:68:23:6a:02:51:78:d6:d3:08:78:
cf:28:de:bb:60:82:0c:10:5f:c6:10:52:90:ff:d4:
1a:6a:54:d0:4b:ad:d6:11:85:ec:3f:37:17:15:4c:
bb:f3:9e:d6:60:7c:bd:59:54:18:e3:23:c7:bd:88:
40:84:1b:f6:29:b4:90:45:2d:af:36:8e:46:9d:cf:
91:dd:e4:35:3d:ab:04:ad:86:eb:0f:00:a1:de:0b:
7e:2e:1a:71:23:13:f1:eb:d7:a0:49:ca:89:6f:d0:
b4:10:58:1f:41:05:4d:ff:39:9e:4f:a1:eb:d7:36:
28:0d:b5:43:51:dc:9b:14:5e:a0:b2:17:91:f5:53:
1b:6e:c3:14:3c:d7:c6:18:6d:53:ca:6c:86:00:93:
78:24:67:18:f9:58:bf:fd:3f:8f:07:df:3d:84:ff:
d9:b0:fc:60:4a:02:7c:20:09:70:62:0d:92:6b:52:
67:4a:38:b2:a3:2c:1b:4c:c1:ff:f8:67:7c:90:a7:
57:69:98:a5:1b:95:c5:ac:eb:6e:df:99:bc:82:6b:
b7:a6:37:af:ed:e7:18:9b:a3:61:f0:ca:9f:c0:af:
4d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2E:C2:74:0B:39:F0:C5:E5:15:D0:54:C6:B6:96:7E:93:90:43:2D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hi7CdAs58MXlFdBUxraWfpOQQy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/22
88.216.180.0/22
88.216.212.0-88.216.223.255
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
8a:86:c5:a3:de:ed:a0:2e:9b:35:72:38:3e:ec:70:11:db:d5:
02:ce:d8:7b:27:81:c8:82:d5:2b:74:e6:52:d0:9f:f5:9d:27:
11:25:6c:85:58:6b:14:d8:06:e2:67:c9:bd:84:cd:4e:cd:6a:
e9:de:9b:cd:e8:c9:bb:c3:85:36:b0:91:7e:8b:d3:dd:59:9a:
00:58:c1:e9:cf:8e:3a:5f:c5:a7:fb:3d:34:50:a7:dc:c9:67:
e8:3a:67:ad:a8:fb:1c:52:2f:46:92:29:1f:35:12:63:4c:b5:
a5:3e:83:3a:e4:77:91:f1:ce:45:2c:f7:eb:73:2f:e9:3b:bb:
cc:fe:e4:ca:48:58:ae:51:de:2b:24:ab:14:b6:53:77:51:c2:
0f:3e:50:a5:a3:99:c8:c1:c2:62:9c:3d:0d:d2:e4:9d:e3:84:
5c:8e:67:21:84:73:23:14:11:bc:ef:68:ed:29:c2:d9:d0:54:
04:28:67:fc:8e:f2:50:70:f9:94:67:50:86:74:80:4c:a9:e1:
96:0a:53:fc:b5:f8:83:ee:8e:0d:5b:b8:db:dc:8c:1c:5a:14:
0c:fe:17:67:38:84:9a:5e:0c:e2:0b:0f:3c:3f:a0:32:a9:55:
24:74:05:36:cf:f2:ac:f1:23:17:9a:b4:a4:8d:fc:5b:4d:dd:
20:fb:bf:97
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYJ4viRMPfhBp+pvwY3ldrfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODA3MTQzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjJlYzI3NDBiMzlmMGM1ZTUxNWQwNTRjNmI2OTY3ZTkzOTA0MzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKVSEDB7+0UukXUa9tjy+hCLkXTL
jI6JyJjO/3YP4zFvPGgjagJReNbTCHjPKN67YIIMEF/GEFKQ/9QaalTQS63WEYXs
PzcXFUy7857WYHy9WVQY4yPHvYhAhBv2KbSQRS2vNo5Gnc+R3eQ1PasErYbrDwCh
3gt+LhpxIxPx69egScqJb9C0EFgfQQVN/zmeT6Hr1zYoDbVDUdybFF6gsheR9VMb
bsMUPNfGGG1TymyGAJN4JGcY+Vi//T+PB989hP/ZsPxgSgJ8IAlwYg2Sa1JnSjiy
oywbTMH/+Gd8kKdXaZilG5XFrOtu35m8gmu3pjev7ecYm6Nh8MqfwK9NHwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIYuwnQLOfDF5RXQVMa2ln6TkEMtMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaGk3Q2RBczU4TVhsRmRCVXhyYVdmcE9RUXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCVCAsAwQC
WNi0MAwDBAJY2NQDBAVY2MADBAJY2OQwDAMEAljY7AMEA1jY8DANBgkqhkiG9w0B
AQsFAAOCAQEAiobFo97toC6bNXI4PuxwEdvVAs7YeyeByILVK3TmUtCf9Z0nESVs
hVhrFNgG4mfJvYTNTs1q6d6bzejJu8OFNrCRfovT3VmaAFjB6c+OOl/Fp/s9NFCn
3Mln6Dpnraj7HFIvRpIpHzUSY0y1pT6DOuR3kfHORSz363Mv6Tu7zP7kykhYrlHe
KySrFLZTd1HCDz5QpaOZyMHCYpw9DdLkneOEXI5nIYRzIxQRvO9o7SnC2dBUBChn
/I7yUHD5lGdQhnSATKnhlgpT/LX4g+6ODVu429yMHFoUDP4XZziEml4M4gsPPD+g
MqlVJHQFNs/yrPEjF5q0pI38W03dIPu/lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:30 2024 by rpki-client on console-ams.rpki-client.org