Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l8kTYq7YNJ8S2CMt6m78QKqr5_c.roa
File: l8kTYq7YNJ8S2CMt6m78QKqr5_c.roa (raw, json)
Hash identifier: cX8wsRNxPasd9/xr6n4RiQGTmrbG52ZkRs5vIui7hP8=
Subject key identifier: 97:C9:13:62:AE:D8:34:9F:12:D8:23:2D:EA:6E:FC:40:AA:AB:E7:F7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184D1982D28420DE7A1704E07CAD56B6C7D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l8kTYq7YNJ8S2CMt6m78QKqr5_c.roa
Signing time: Fri 02 Dec 2022 06:48:41 +0000
ROA not before: Fri 02 Dec 2022 06:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210443
IP address blocks: 88.216.184.0/23 maxlen: 24
88.216.186.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:98:2d:28:42:0d:e7:a1:70:4e:07:ca:d5:6b:6c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 2 06:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97c91362aed8349f12d8232dea6efc40aaabe7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:77:b1:75:91:d4:c9:8e:f9:74:26:f1:87:5f:
cb:5e:25:f5:40:e6:4c:8e:08:46:33:bd:0a:14:49:
3c:41:cc:70:0d:c5:51:ac:f1:14:49:de:3a:e8:6a:
7d:7d:5e:3c:f0:5f:3c:cc:72:2a:b1:a7:1f:a7:88:
e9:40:1b:e0:c3:47:ce:e0:82:1c:40:fc:b2:93:4c:
8b:07:3c:ee:fc:4b:2f:06:4d:06:12:4b:52:85:23:
1e:2b:7d:d5:2a:b3:10:19:b6:f5:8f:2e:5b:47:11:
34:3b:3a:0e:12:3c:9a:7a:99:a3:ae:ae:91:28:92:
34:cf:c7:27:01:cf:ae:39:f4:88:36:7e:9c:0b:e8:
46:92:27:24:8c:01:85:10:0d:4f:e6:4e:27:57:7c:
48:25:f9:f4:c5:81:c5:5b:1a:9c:8a:c9:ba:04:21:
e3:fe:b1:7d:94:4d:47:b2:f3:6f:a9:b3:98:a1:4f:
d7:f9:21:85:80:db:4a:e1:b2:cd:44:08:3c:41:c0:
bd:11:c0:75:66:fe:7c:e6:1b:e2:5f:40:aa:a4:a8:
9f:a8:a5:0a:1c:8a:c7:18:9c:68:d3:69:b9:67:6e:
8a:81:1b:f8:f0:c5:56:a6:74:c9:ee:d7:30:9f:88:
ac:38:8d:a7:0d:4b:2c:d6:98:9a:45:18:35:75:f0:
91:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:C9:13:62:AE:D8:34:9F:12:D8:23:2D:EA:6E:FC:40:AA:AB:E7:F7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/l8kTYq7YNJ8S2CMt6m78QKqr5_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.184.0/22
Signature Algorithm: sha256WithRSAEncryption
62:12:67:d3:d6:bb:34:e8:9a:1e:d7:ed:1c:5c:88:66:3b:f1:
dd:b8:f2:b4:a5:2d:92:3a:73:c5:11:d8:eb:ec:3f:63:ce:d3:
39:6c:31:ac:36:97:dc:dc:50:29:28:58:08:23:52:db:65:7d:
b2:1e:dc:99:9c:c0:6c:d4:87:e9:19:3d:ec:4f:42:06:f8:71:
35:f8:eb:a9:db:69:26:73:60:b5:eb:1b:6a:27:a2:ea:8c:31:
ea:87:71:51:10:6e:55:f3:96:09:54:16:42:ba:d0:27:3f:ab:
c3:77:03:11:3d:1f:2b:28:c1:67:ab:ac:5f:0a:d2:4d:c3:d0:
2f:95:f4:9c:ee:48:f0:bb:2d:d3:43:01:0e:44:97:fb:8c:0c:
9b:d0:90:e5:2b:48:10:3e:8c:a4:9a:a3:07:5b:09:5e:ad:27:
a2:73:91:59:db:d8:30:69:71:29:ff:33:e0:ea:f0:32:39:13:
d3:90:8b:9e:77:50:a7:e0:ce:60:8f:bd:02:4e:bd:ac:1c:17:
86:b4:f7:b1:52:3c:6c:a2:1d:49:3e:00:54:73:b5:0f:6c:8a:
85:e4:88:27:c7:41:1b:54:cf:cd:8b:39:95:9c:d3:f6:e7:d3:
6b:00:7d:af:31:bf:c8:d4:bb:3f:bd:ac:4d:23:22:b1:f3:40:
b3:01:ae:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTRmC0oQg3noXBOB8rVa2x9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjAyMDY0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2M5MTM2MmFlZDgzNDlmMTJkODIzMmRlYTZlZmM0MGFhYWJlN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHexdZHUyY75dCbxh1/LXiX1QOZM
jghGM70KFEk8QcxwDcVRrPEUSd466Gp9fV488F88zHIqsacfp4jpQBvgw0fO4IIc
QPyyk0yLBzzu/EsvBk0GEktShSMeK33VKrMQGbb1jy5bRxE0OzoOEjyaepmjrq6R
KJI0z8cnAc+uOfSINn6cC+hGkickjAGFEA1P5k4nV3xIJfn0xYHFWxqcism6BCHj
/rF9lE1HsvNvqbOYoU/X+SGFgNtK4bLNRAg8QcC9EcB1Zv585hviX0CqpKifqKUK
HIrHGJxo02m5Z26KgRv48MVWpnTJ7tcwn4isOI2nDUss1piaRRg1dfCRVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfJE2Ku2DSfEtgjLepu/ECqq+f3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbDhrVFlxN1lOSjhTMkNNdDZtNzhRS3FyNV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWNi4MA0G
CSqGSIb3DQEBCwUAA4IBAQBiEmfT1rs06Joe1+0cXIhmO/HduPK0pS2SOnPFEdjr
7D9jztM5bDGsNpfc3FApKFgII1LbZX2yHtyZnMBs1IfpGT3sT0IG+HE1+Oup22km
c2C16xtqJ6LqjDHqh3FREG5V85YJVBZCutAnP6vDdwMRPR8rKMFnq6xfCtJNw9Av
lfSc7kjwuy3TQwEORJf7jAyb0JDlK0gQPoykmqMHWwlerSeic5FZ29gwaXEp/zPg
6vAyORPTkIued1Cn4M5gj70CTr2sHBeGtPexUjxsoh1JPgBUc7UPbIqF5Ignx0Eb
VM/NizmVnNP259NrAH2vMb/I1Ls/vaxNIyKx80CzAa6k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org