Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lqy2uyArkr4gWDsDdEhElG1--A4.roa
File: lqy2uyArkr4gWDsDdEhElG1--A4.roa (raw, json)
Hash identifier: U1nc1Kim3R1I8G8gtiJWFbF69o5P36XIBSoZNlQtfek=
Subject key identifier: 96:AC:B6:BB:20:2B:92:BE:20:58:3B:03:74:48:44:94:6D:7E:F8:0E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018498F0007E4C46DA3A31DD88CCF339AE68
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lqy2uyArkr4gWDsDdEhElG1--A4.roa
Signing time: Mon 21 Nov 2022 06:46:16 +0000
ROA not before: Mon 21 Nov 2022 06:46:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.212.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:98:f0:00:7e:4c:46:da:3a:31:dd:88:cc:f3:39:ae:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 21 06:46:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96acb6bb202b92be20583b03744844946d7ef80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:1a:7f:cf:95:e2:2c:8e:9f:0c:1c:b4:35:08:
0d:b7:58:9c:5d:8a:22:a2:81:09:65:68:3c:2d:8d:
92:75:68:4e:1b:67:e0:e1:5b:81:0a:c5:fd:b7:c7:
2f:d8:d0:1c:d8:3d:1f:4f:f3:70:3f:f4:89:0f:c4:
e5:23:5d:71:c9:e0:98:a2:99:44:1d:3d:71:27:3f:
7d:11:d2:48:fb:b1:f0:a1:c4:e3:d1:36:77:fe:ee:
2c:00:f8:5c:db:ca:bb:bb:b5:80:ed:18:9a:53:b3:
ea:07:ad:5f:3b:3e:5d:70:c2:0e:f3:2c:fb:9f:65:
34:38:a4:a2:1e:78:58:2d:b7:15:5b:f8:0d:45:d4:
5a:d9:52:50:aa:03:32:83:37:e6:70:93:5d:e9:07:
da:c9:14:9d:da:13:65:3b:d5:d3:1d:dd:f2:86:bd:
d6:2b:c8:8b:60:2f:53:bc:47:12:cb:74:f4:bd:bc:
07:68:d4:7c:14:c8:cf:b9:4f:68:23:6a:6e:87:1a:
93:02:56:d8:67:8d:92:44:57:30:40:85:1b:89:ce:
fe:19:7f:92:1d:b4:9a:46:fa:ff:ca:78:1b:4d:d9:
0b:40:51:11:f4:a8:6b:bc:a1:12:68:7c:bb:45:3b:
58:64:f2:28:93:fe:da:95:7b:e1:df:a2:0a:0e:81:
ad:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AC:B6:BB:20:2B:92:BE:20:58:3B:03:74:48:44:94:6D:7E:F8:0E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lqy2uyArkr4gWDsDdEhElG1--A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.16.0/24
88.216.46.0/24
88.216.209.0/24
88.216.212.0/22
Signature Algorithm: sha256WithRSAEncryption
27:48:c5:d3:6e:05:55:98:6d:d4:4f:7a:54:92:23:46:de:80:
99:79:0d:fb:96:d1:6c:21:e2:d2:cf:02:35:5e:c9:80:4f:1f:
e7:11:35:ad:2a:11:10:90:f6:5f:b8:20:75:07:19:bd:46:a7:
aa:6e:ca:80:9b:ea:54:4b:5a:79:6e:34:c6:f1:10:7d:c1:ee:
af:c0:3b:59:58:ed:05:f2:93:cb:2e:ec:6a:c1:0e:f9:28:9a:
f9:4b:1c:e3:e5:e9:04:c6:ff:51:96:4a:9e:b2:83:d6:1f:4d:
0a:c9:90:fc:c3:01:08:e3:50:66:29:0f:8d:68:89:a2:90:bb:
aa:3b:8a:03:be:3e:ff:3a:74:8e:5d:3d:cd:d4:0b:4d:4b:a9:
d1:14:a5:8a:69:9b:34:e6:a3:f1:9e:26:22:13:78:9b:a4:1f:
ec:90:27:e3:e6:01:36:83:11:10:7e:3f:fa:dd:9f:b4:e3:ba:
53:9b:dc:a8:99:9c:70:52:48:27:cc:ea:d1:d4:3f:30:f1:7e:
c9:58:a7:7d:75:fc:9b:ba:a4:37:2c:21:0f:30:20:06:82:b0:
84:5f:95:00:04:05:0d:59:67:1f:02:f9:e3:03:15:d3:5f:01:
d9:9f:37:f8:b6:2f:fc:92:bd:30:56:c3:85:e8:fd:38:ba:d6:
f8:ab:99:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYSY8AB+TEbaOjHdiMzzOa5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIxMDY0NjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFjYjZiYjIwMmI5MmJlMjA1ODNiMDM3NDQ4NDQ5NDZkN2VmODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhp/z5XiLI6fDBy0NQgNt1icXYoi
ooEJZWg8LY2SdWhOG2fg4VuBCsX9t8cv2NAc2D0fT/NwP/SJD8TlI11xyeCYoplE
HT1xJz99EdJI+7HwocTj0TZ3/u4sAPhc28q7u7WA7RiaU7PqB61fOz5dcMIO8yz7
n2U0OKSiHnhYLbcVW/gNRdRa2VJQqgMygzfmcJNd6QfayRSd2hNlO9XTHd3yhr3W
K8iLYC9TvEcSy3T0vbwHaNR8FMjPuU9oI2puhxqTAlbYZ42SRFcwQIUbic7+GX+S
HbSaRvr/yngbTdkLQFER9KhrvKESaHy7RTtYZPIok/7alXvh36IKDoGtlwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJastrsgK5K+IFg7A3RIRJRtfvgOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbHF5MnV5QXJrcjRnV0RzRGRFaEVsRzEtLUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWNgQAwQA
WNguAwQAWNjRAwQCWNjUMA0GCSqGSIb3DQEBCwUAA4IBAQAnSMXTbgVVmG3UT3pU
kiNG3oCZeQ37ltFsIeLSzwI1XsmATx/nETWtKhEQkPZfuCB1Bxm9RqeqbsqAm+pU
S1p5bjTG8RB9we6vwDtZWO0F8pPLLuxqwQ75KJr5Sxzj5ekExv9RlkqesoPWH00K
yZD8wwEI41BmKQ+NaImikLuqO4oDvj7/OnSOXT3N1AtNS6nRFKWKaZs05qPxniYi
E3ibpB/skCfj5gE2gxEQfj/63Z+047pTm9yomZxwUkgnzOrR1D8w8X7JWKd9dfyb
uqQ3LCEPMCAGgrCEX5UABAUNWWcfAvnjAxXTXwHZnzf4ti/8kr0wVsOF6P04utb4
q5lK
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org