Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nac68ibcsKLTbh0utDPUxtcL9qw.roa
File: nac68ibcsKLTbh0utDPUxtcL9qw.roa (raw, json)
Hash identifier: UWTaf3MZfCkICSD5lvKnL1QSDXlhx0cbKFc+nrZQPbw=
Subject key identifier: 9D:A7:3A:F2:26:DC:B0:A2:D3:6E:1D:2E:B4:33:D4:C6:D7:0B:F6:AC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018484E35D410B530A8FA2F9B5EFA000A6AA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nac68ibcsKLTbh0utDPUxtcL9qw.roa
Signing time: Thu 17 Nov 2022 09:20:03 +0000
ROA not before: Thu 17 Nov 2022 09:20:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:84:e3:5d:41:0b:53:0a:8f:a2:f9:b5:ef:a0:00:a6:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 17 09:20:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9da73af226dcb0a2d36e1d2eb433d4c6d70bf6ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:61:4a:06:48:d1:0f:15:87:4e:7d:c7:8e:83:
48:db:6a:53:39:8a:e8:60:35:b6:ce:04:26:b0:40:
11:e0:7d:a3:7f:de:45:2b:b3:f6:bf:88:ce:80:c5:
8b:f5:78:85:d5:ac:e4:c9:f7:00:6d:82:83:cd:53:
15:c3:d8:ac:2e:d7:7a:92:28:97:9a:b7:bb:46:6a:
44:d9:9a:13:39:19:2d:b7:d2:e3:4f:c8:52:4d:51:
7d:7f:28:6a:72:e7:f4:77:32:2f:b7:a9:b1:c1:0e:
18:fe:8a:3f:c3:37:fb:4a:18:3d:14:f5:2a:66:fc:
46:76:36:fd:1a:4f:e1:70:13:90:6e:48:2c:fe:2b:
2f:ed:6e:9d:e1:51:7f:cf:5e:8f:52:f0:b8:fe:94:
03:ad:c7:da:4f:8e:17:79:8d:71:9f:4c:a9:75:97:
30:b5:d5:31:63:2b:fd:6b:19:38:4e:0d:61:d1:36:
ba:b9:6c:79:95:a5:1a:56:de:cb:e7:23:ca:fe:d5:
36:7b:b2:44:20:fb:a9:86:12:ae:7e:ec:e9:40:9e:
e8:8c:54:30:12:bb:e3:39:f1:cc:61:e3:cc:79:5f:
83:eb:fd:57:93:2d:82:55:14:58:b8:a1:98:2a:b2:
c5:62:26:e1:da:84:93:e2:2c:9a:eb:09:da:dc:87:
fc:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:A7:3A:F2:26:DC:B0:A2:D3:6E:1D:2E:B4:33:D4:C6:D7:0B:F6:AC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nac68ibcsKLTbh0utDPUxtcL9qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.16.0/24
88.216.19.0/24
88.216.22.0/24
88.216.32.0/24
88.216.46.0/24
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
97:a8:db:19:99:5b:c5:96:f7:b5:e4:71:fb:7f:40:d4:db:08:
2a:bd:ed:ac:75:fd:1b:99:25:8f:c0:06:00:db:2f:27:af:05:
c4:95:87:56:ad:47:dc:cb:3b:66:9f:48:e5:1f:26:26:c0:0b:
80:fe:59:11:6b:67:01:5d:be:12:4f:03:b4:53:a7:5f:41:a6:
3c:f3:74:e8:8e:a1:58:67:aa:59:49:c4:3c:bb:f1:f7:e5:e7:
3c:0d:07:05:55:61:aa:3c:5c:53:67:90:66:dd:40:35:26:20:
d2:47:d5:86:bb:f6:a5:4e:ed:5f:45:4d:96:71:33:96:08:0a:
fa:ce:d5:3e:d9:99:a0:94:37:9f:dc:ce:63:f9:d7:42:1a:97:
b4:09:bb:b7:21:a8:47:b9:33:5b:7b:58:cd:27:91:e9:32:c9:
f6:25:56:26:cf:8c:61:6d:2f:a2:03:07:78:c5:9f:77:3a:66:
c9:38:03:cc:10:ea:b8:ea:da:4e:5d:1e:c0:0d:7d:57:39:7f:
52:3d:7e:c9:75:a1:4e:64:ba:a5:48:fd:1a:73:fc:94:88:06:
18:0c:dd:75:58:28:f9:43:98:4d:ac:44:83:d7:50:7d:11:a0:
67:96:c2:94:ec:67:65:9a:2d:52:e2:53:28:f5:1b:15:83:92:
14:50:95:9c
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYSE411BC1MKj6L5te+gAKaqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE3MDkyMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGE3M2FmMjI2ZGNiMGEyZDM2ZTFkMmViNDMzZDRjNmQ3MGJmNmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjGFKBkjRDxWHTn3HjoNI22pTOYro
YDW2zgQmsEAR4H2jf95FK7P2v4jOgMWL9XiF1azkyfcAbYKDzVMVw9isLtd6kiiX
mre7RmpE2ZoTORktt9LjT8hSTVF9fyhqcuf0dzIvt6mxwQ4Y/oo/wzf7Shg9FPUq
ZvxGdjb9Gk/hcBOQbkgs/isv7W6d4VF/z16PUvC4/pQDrcfaT44XeY1xn0ypdZcw
tdUxYyv9axk4Tg1h0Ta6uWx5laUaVt7L5yPK/tU2e7JEIPuphhKufuzpQJ7ojFQw
ErvjOfHMYePMeV+D6/1Xky2CVRRYuKGYKrLFYibh2oST4iya6wna3If8xQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJ2nOvIm3LCi024dLrQz1MbXC/asMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbmFjNjhpYmNzS0xUYmgwdXREUFV4dGNMOXF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWNgQAwQA
WNgTAwQAWNgWAwQAWNggAwQAWNguMAwDBABY2NEDBANY2NAwDQYJKoZIhvcNAQEL
BQADggEBAJeo2xmZW8WW97Xkcft/QNTbCCq97ax1/RuZJY/ABgDbLyevBcSVh1at
R9zLO2afSOUfJibAC4D+WRFrZwFdvhJPA7RTp19BpjzzdOiOoVhnqllJxDy78ffl
5zwNBwVVYao8XFNnkGbdQDUmINJH1Ya79qVO7V9FTZZxM5YICvrO1T7ZmaCUN5/c
zmP510Ial7QJu7chqEe5M1t7WM0nkekyyfYlVibPjGFtL6IDB3jFn3c6Zsk4A8wQ
6rjq2k5dHsANfVc5f1I9fsl1oU5kuqVI/Rpz/JSIBhgM3XVYKPlDmE2sRIPXUH0R
oGeWwpTsZ2WaLVLiUyj1GxWDkhRQlZw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:31 2024 by rpki-client on console-ams.rpki-client.org