Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j2GMkOy6whngrH7GUdjPsbeGhOE.roa
File: j2GMkOy6whngrH7GUdjPsbeGhOE.roa (raw, json)
Hash identifier: hZ19elxLOqvSxDrGmfY1p9UYZLe0w8T1PudDF9Gctb0=
Subject key identifier: 8F:61:8C:90:EC:BA:C2:19:E0:AC:7E:C6:51:D8:CF:B1:B7:86:84:E1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183C84A9C53AAAB629F5E77E3262C99B1B6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j2GMkOy6whngrH7GUdjPsbeGhOE.roa
Signing time: Tue 11 Oct 2022 18:24:36 +0000
ROA not before: Tue 11 Oct 2022 18:24:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 88.216.90.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c8:4a:9c:53:aa:ab:62:9f:5e:77:e3:26:2c:99:b1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 11 18:24:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8f618c90ecbac219e0ac7ec651d8cfb1b78684e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:15:b1:2b:e3:c7:19:31:03:63:29:10:aa:8c:
9c:86:78:12:96:78:4d:ef:81:2f:d5:13:0c:44:fb:
37:05:e5:50:f1:03:38:05:69:64:51:c7:68:b1:e3:
5b:72:ea:21:f3:32:57:43:96:86:03:d7:0b:d2:be:
7a:aa:5c:13:07:fe:67:25:0e:e3:0c:e9:3a:f4:a4:
23:1c:70:e6:cf:60:ea:ac:d7:68:10:e0:e6:b9:14:
1f:51:1e:58:a9:be:62:cf:d2:da:98:5a:06:91:82:
d6:08:ca:f6:18:a9:c1:d7:09:8b:11:31:48:a0:20:
cf:37:b4:19:aa:18:35:48:9e:62:89:0a:72:a0:82:
ed:3d:8c:ba:5b:64:70:4e:cd:17:b6:db:fa:f0:1f:
4b:ba:49:03:0a:06:aa:ec:e4:a7:86:92:03:b8:f4:
90:55:8d:f1:d5:25:03:03:6d:f2:3f:a9:f8:69:a6:
ba:5a:f8:b5:bd:b7:82:6c:df:80:a3:e3:8a:41:bb:
1b:49:25:d0:81:f8:32:7a:83:db:f3:a8:dd:4d:3e:
1f:fc:f6:50:bf:9d:ba:92:3f:41:96:c3:be:eb:42:
e5:ab:8c:12:c0:95:c0:d2:e4:d4:5b:3f:c0:08:9d:
a7:f8:bb:b3:9b:46:db:bc:0e:99:91:7e:ad:6d:96:
9c:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:61:8C:90:EC:BA:C2:19:E0:AC:7E:C6:51:D8:CF:B1:B7:86:84:E1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/j2GMkOy6whngrH7GUdjPsbeGhOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.95.0/24
88.216.0.0/24
88.216.90.0/24
Signature Algorithm: sha256WithRSAEncryption
18:23:0e:65:93:c4:91:de:ba:a0:d3:60:56:54:f1:22:53:aa:
c9:26:04:fd:7b:0a:4c:29:a7:af:8f:e7:fe:7a:74:ab:34:6f:
aa:27:0c:5b:47:60:ad:41:e4:ab:2e:20:da:7f:4c:14:eb:6e:
04:9f:f1:b6:9b:10:22:a3:47:a1:96:2b:7e:94:09:9a:41:9f:
b5:18:60:63:fd:bf:bf:03:e8:86:42:72:e2:7c:82:cf:2f:35:
69:26:11:84:b6:3f:24:58:96:f7:ed:39:e5:fd:a6:6d:4f:c8:
80:34:01:02:dd:ab:69:40:14:41:99:fe:af:33:10:dd:c6:e5:
af:ab:4c:50:d0:3d:53:8e:ec:cf:b4:f5:80:56:70:72:99:56:
5d:0c:29:07:a3:8e:97:b0:9e:01:6f:2e:d8:9a:c9:9a:d7:2b:
39:7b:b0:f9:ec:f0:9f:e2:da:cd:d0:bb:41:68:65:2d:fa:10:
b5:19:a9:56:fc:6c:6c:9c:70:5f:76:b1:ad:a9:73:0f:e8:c5:
ab:4d:d9:24:4b:6d:e3:c5:61:90:ab:eb:0b:8c:f1:79:3e:e5:
be:c8:b2:b5:b5:75:0a:15:fd:1e:5f:de:3f:ed:36:a3:9c:c3:
36:36:13:02:e0:27:9a:05:53:51:73:dd:6f:13:8e:28:e2:65:
7a:8c:da:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPISpxTqqtin1534yYsmbG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDExMTgyNDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjYxOGM5MGVjYmFjMjE5ZTBhYzdlYzY1MWQ4Y2ZiMWI3ODY4NGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBWxK+PHGTEDYykQqoychngSlnhN
74Ev1RMMRPs3BeVQ8QM4BWlkUcdoseNbcuoh8zJXQ5aGA9cL0r56qlwTB/5nJQ7j
DOk69KQjHHDmz2DqrNdoEODmuRQfUR5Yqb5iz9LamFoGkYLWCMr2GKnB1wmLETFI
oCDPN7QZqhg1SJ5iiQpyoILtPYy6W2RwTs0Xttv68B9LukkDCgaq7OSnhpIDuPSQ
VY3x1SUDA23yP6n4aaa6Wvi1vbeCbN+Ao+OKQbsbSSXQgfgyeoPb86jdTT4f/PZQ
v526kj9BlsO+60Llq4wSwJXA0uTUWz/ACJ2n+Luzm0bbvA6ZkX6tbZacJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI9hjJDsusIZ4Kx+xlHYz7G3hoThMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvajJHTWtPeTZ3aG5nckg3R1VkalBzYmVHaE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBfAwQA
WNgAAwQAWNhaMA0GCSqGSIb3DQEBCwUAA4IBAQAYIw5lk8SR3rqg02BWVPEiU6rJ
JgT9ewpMKaevj+f+enSrNG+qJwxbR2CtQeSrLiDaf0wU624En/G2mxAio0ehlit+
lAmaQZ+1GGBj/b+/A+iGQnLifILPLzVpJhGEtj8kWJb37Tnl/aZtT8iANAEC3atp
QBRBmf6vMxDdxuWvq0xQ0D1TjuzPtPWAVnBymVZdDCkHo46XsJ4Bby7Ymsma1ys5
e7D57PCf4trN0LtBaGUt+hC1GalW/GxsnHBfdrGtqXMP6MWrTdkkS23jxWGQq+sL
jPF5PuW+yLK1tXUKFf0eX94/7TajnMM2NhMC4CeaBVNRc91vE44o4mV6jNpB
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org