Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nuRfnTNf4EWD5P9Hi7LDndaKD_A.roa
File: nuRfnTNf4EWD5P9Hi7LDndaKD_A.roa (raw, json)
Hash identifier: bsWT1LHGngdyyWhwD0B0yLYmKPQ3sz0DYQgoS7184+Y=
Subject key identifier: 9E:E4:5F:9D:33:5F:E0:45:83:E4:FF:47:8B:B2:C3:9D:D6:8A:0F:F0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 316E16
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nuRfnTNf4EWD5P9Hi7LDndaKD_A.roa
Signing time: Fri 04 Mar 2022 19:25:32 +0000
ROA not before: Fri 04 Mar 2022 19:25:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22333
IP address blocks: 88.216.17.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.36.0/22 maxlen: 24
88.216.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3239446 (0x316e16)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 19:25:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ee45f9d335fe04583e4ff478bb2c39dd68a0ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4d:1c:c9:11:94:c8:3f:de:ae:90:57:9e:e2:
fc:26:2a:a1:db:65:12:15:9f:3e:db:5a:50:13:f9:
b0:38:6f:6b:96:45:b2:58:53:f4:8c:2f:a9:a1:1e:
86:d2:de:a3:1a:cd:ff:1c:9d:65:2b:b4:1b:c6:17:
8b:c8:84:ca:13:20:28:7c:79:8d:2c:d0:4e:e4:84:
26:ea:cf:d8:01:9d:cc:7f:8e:bc:6b:7a:cf:54:3a:
21:40:b3:40:ab:fb:af:b4:06:7d:62:ab:c2:74:31:
db:e1:ca:a0:7b:39:1c:03:58:bf:a0:d0:bc:55:1f:
be:f9:78:c6:2d:13:0a:09:c4:99:3a:7d:86:30:62:
9b:26:7a:43:47:5f:3a:54:b9:56:c8:3a:85:ef:5f:
65:41:d8:4f:0d:1f:b1:d0:32:bf:2b:f6:4c:ac:ae:
dc:7b:b7:ce:1e:b2:32:42:b6:31:d1:0f:57:e0:3b:
d6:79:b1:70:ed:ab:4c:78:e8:44:f5:bb:a1:c2:15:
33:14:34:ad:b7:53:31:c6:cf:50:ad:57:94:8f:6c:
04:9a:d0:bb:e7:9d:2f:50:9b:e3:83:c0:58:31:9b:
6d:58:34:9a:82:0b:72:4e:64:0e:e2:d8:ff:0d:04:
10:2b:39:63:11:00:cf:2d:a5:e5:03:ba:bf:7c:a9:
83:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:E4:5F:9D:33:5F:E0:45:83:E4:FF:47:8B:B2:C3:9D:D6:8A:0F:F0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nuRfnTNf4EWD5P9Hi7LDndaKD_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.216.17.0-88.216.18.255
88.216.36.0-88.216.43.255
Signature Algorithm: sha256WithRSAEncryption
7d:c2:a5:63:ef:60:72:69:8c:4c:43:93:cb:27:59:09:4d:53:
3a:34:11:2a:4f:57:48:60:18:a8:6b:c2:35:79:7b:45:14:a4:
c5:2f:e1:23:b2:3a:ac:6d:44:0d:f5:92:b6:3d:03:56:6c:9c:
de:2d:a4:1c:a7:13:36:23:a8:18:29:09:d6:c5:6a:f7:60:c9:
8e:76:37:9c:c8:d3:45:e8:eb:3e:d2:2e:97:75:36:fd:3d:a5:
6f:aa:8b:3e:64:6e:28:f1:0e:34:11:5a:e0:6e:28:ec:80:38:
ec:61:2f:d7:0a:2e:e2:ee:3d:86:f8:27:98:e4:04:ab:3b:2a:
1f:cd:7b:02:53:a2:c1:b2:7e:4e:ee:73:0d:18:8f:f1:21:fe:
10:b8:5b:af:4b:76:bb:38:74:b1:e5:6f:f2:09:f2:12:ec:42:
1e:f0:e1:8b:ed:ff:4f:64:4b:ec:01:5c:1c:ae:ec:71:04:f0:
87:65:5e:84:9c:a1:8d:fc:16:e5:2f:23:a7:81:25:72:e7:41:
56:b9:dd:7a:27:0e:ea:ee:c8:e6:0b:eb:72:bd:27:c5:5a:5c:
54:b4:04:8d:c9:d7:80:d9:29:45:79:ac:f1:a7:80:5f:2d:0f:
4b:57:bb:da:e8:43:5a:40:50:bf:e8:cb:26:44:e3:22:6a:c5:
29:54:f1:ed
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIDMW4WMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzA0
MTkyNTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5ZWU0NWY5ZDMzNWZl
MDQ1ODNlNGZmNDc4YmIyYzM5ZGQ2OGEwZmYwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAmk0cyRGUyD/erpBXnuL8Jiqh22USFZ8+21pQE/mwOG9rlkWy
WFP0jC+poR6G0t6jGs3/HJ1lK7QbxheLyITKEyAofHmNLNBO5IQm6s/YAZ3Mf468
a3rPVDohQLNAq/uvtAZ9YqvCdDHb4cqgezkcA1i/oNC8VR+++XjGLRMKCcSZOn2G
MGKbJnpDR186VLlWyDqF719lQdhPDR+x0DK/K/ZMrK7ce7fOHrIyQrYx0Q9X4DvW
ebFw7atMeOhE9buhwhUzFDStt1Mxxs9QrVeUj2wEmtC7550vUJvjg8BYMZttWDSa
ggtyTmQO4tj/DQQQKzljEQDPLaXlA7q/fKmDCQIDAQABo4ICHzCCAhswHQYDVR0O
BBYEFJ7kX50zX+BFg+T/R4uyw53Wig/wMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
bnVSZm5UTmY0RVdENVA5SGk3TERuZGFLRF9BLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDUG
CCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBABY2BEDBABY2BIwDAMEAljYJAME
AljYKDANBgkqhkiG9w0BAQsFAAOCAQEAfcKlY+9gcmmMTEOTyydZCU1TOjQRKk9X
SGAYqGvCNXl7RRSkxS/hI7I6rG1EDfWStj0DVmyc3i2kHKcTNiOoGCkJ1sVq92DJ
jnY3nMjTRejrPtIul3U2/T2lb6qLPmRuKPEONBFa4G4o7IA47GEv1wou4u49hvgn
mOQEqzsqH817AlOiwbJ+Tu5zDRiP8SH+ELhbr0t2uzh0seVv8gnyEuxCHvDhi+3/
T2RL7AFcHK7scQTwh2VehJyhjfwW5S8jp4ElcudBVrndeicO6u7I5gvrcr0nxVpc
VLQEjcnXgNkpRXms8aeAXy0PS1e72uhDWkBQv+jLJkTjImrFKVTx7Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org