Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pTOKkVfZWmfQAPBG3w_cATtcn9s.roa
File: pTOKkVfZWmfQAPBG3w_cATtcn9s.roa (raw, json)
Hash identifier: f5YqfIwzGA9ruBIezlevUIcoKtxFoVg/qrO3laFInPw=
Subject key identifier: A5:33:8A:91:57:D9:5A:67:D0:00:F0:46:DF:0F:DC:01:3B:5C:9F:DB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 2E839B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pTOKkVfZWmfQAPBG3w_cATtcn9s.roa
Signing time: Fri 04 Mar 2022 09:53:52 +0000
ROA not before: Fri 04 Mar 2022 09:53:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.33.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3048347 (0x2e839b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 4 09:53:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5338a9157d95a67d000f046df0fdc013b5c9fdb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e5:6b:4d:9d:4c:a4:32:ed:e1:4a:e4:c7:2c:
be:dc:62:04:e6:c4:8a:93:30:07:17:fe:15:22:2f:
7d:d9:bb:58:c5:11:ba:63:81:49:56:4d:f2:70:06:
7a:0b:8a:ac:a9:2f:e0:c3:e3:f4:3d:c7:94:c8:a5:
a8:d4:fe:f9:81:f1:0c:42:c9:14:7c:43:8c:b5:8f:
8d:82:9f:f6:4c:45:1a:43:1c:bd:a5:38:b0:d2:63:
39:20:63:6c:7d:82:5f:0b:ef:0f:f6:17:90:82:14:
79:1f:43:a5:a9:cc:f7:b8:f7:53:d0:86:e2:5e:d3:
23:4e:91:bb:04:15:cb:c8:0b:3f:fc:7b:6d:d9:7a:
05:e0:16:38:47:1b:4d:05:aa:b6:a8:4c:0e:fe:f7:
51:09:79:26:b5:fd:9e:9c:51:54:d8:a3:11:31:f5:
18:f8:9b:00:e7:df:02:6b:6b:d3:87:e8:eb:d6:ee:
a9:0f:ea:e8:2e:52:d7:0b:e7:08:0e:46:63:16:a7:
f2:3a:67:2d:5d:9d:a8:e3:63:cf:46:fc:1b:84:a7:
26:a8:28:f1:90:12:0c:a4:6b:f2:51:e2:3a:84:c5:
24:c7:ba:99:70:2d:30:3b:a4:bc:c1:85:5a:a8:6d:
5d:ad:21:85:14:0b:a0:4d:b3:a0:d5:80:58:02:ce:
e5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:33:8A:91:57:D9:5A:67:D0:00:F0:46:DF:0F:DC:01:3B:5C:9F:DB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/pTOKkVfZWmfQAPBG3w_cATtcn9s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/22
88.216.16.0/24
88.216.20.0/22
88.216.32.0/23
88.216.46.0/23
88.216.180.0/22
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
5a:5f:ae:3d:a8:d4:aa:8f:79:b1:a9:3c:4b:02:d3:68:b4:66:
7c:66:c5:f9:48:59:40:5c:ef:6d:8e:7f:e5:71:0e:55:48:e0:
ae:c5:be:03:de:f3:3a:4e:50:7b:64:55:bc:31:c6:0b:e9:97:
8a:7a:33:c8:a6:c7:66:d9:14:a3:2f:b8:df:3d:51:e3:9c:3b:
00:31:e5:24:b4:e5:22:e4:04:0c:eb:27:55:f8:76:48:ed:2a:
97:df:67:ce:11:db:58:23:22:03:bf:ce:c1:11:20:df:0c:98:
30:46:38:91:86:12:44:41:ad:ce:3a:96:6b:43:8d:3d:f5:a6:
3f:cf:e6:33:13:30:ad:b0:2e:49:73:14:bb:96:9d:76:af:5d:
55:c9:92:94:d1:72:7b:d5:79:1a:be:f5:08:c1:81:7f:57:83:
18:78:88:c8:ae:c2:5e:19:f2:ae:96:a5:be:32:99:3e:9b:e4:
78:75:28:d1:60:01:91:e1:56:29:e7:96:da:8d:e4:c3:09:e9:
c3:f0:58:c3:24:79:f8:90:e2:9a:17:75:8c:f6:69:70:a7:f6:
dc:a9:61:c4:2c:d2:5a:9e:84:85:34:85:47:bf:d6:fb:fb:02:
4d:7b:fa:af:10:29:bd:c8:6c:c1:35:a7:27:32:80:0b:b1:75:
e8:d0:ee:2b
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgIDLoObMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzA0
MDk1MzUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhNTMzOGE5MTU3ZDk1
YTY3ZDAwMGYwNDZkZjBmZGMwMTNiNWM5ZmRiMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoeVrTZ1MpDLt4Urkxyy+3GIE5sSKkzAHF/4VIi992btYxRG6
Y4FJVk3ycAZ6C4qsqS/gw+P0PceUyKWo1P75gfEMQskUfEOMtY+Ngp/2TEUaQxy9
pTiw0mM5IGNsfYJfC+8P9heQghR5H0Olqcz3uPdT0IbiXtMjTpG7BBXLyAs//Htt
2XoF4BY4RxtNBaq2qEwO/vdRCXkmtf2enFFU2KMRMfUY+JsA598Ca2vTh+jr1u6p
D+roLlLXC+cIDkZjFqfyOmctXZ2o42PPRvwbhKcmqCjxkBIMpGvyUeI6hMUkx7qZ
cC0wO6S8wYVaqG1drSGFFAugTbOg1YBYAs7lswIDAQABo4ICQTCCAj0wHQYDVR0O
BBYEFKUzipFX2Vpn0ADwRt8P3AE7XJ/bMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
cFRPS2tWZlpXbWZRQVBCRzN3X2NBVHRjbjlzLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFcG
CCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCVCAEAwQAWNgQAwQCWNgUAwQBWNgg
AwQBWNguAwQCWNi0AwQCWNi8AwQCWNjEMAwDBABY2NEDBANY2NAwDQYJKoZIhvcN
AQELBQADggEBAFpfrj2o1KqPebGpPEsC02i0ZnxmxflIWUBc722Of+VxDlVI4K7F
vgPe8zpOUHtkVbwxxgvpl4p6M8imx2bZFKMvuN89UeOcOwAx5SS05SLkBAzrJ1X4
dkjtKpffZ84R21gjIgO/zsERIN8MmDBGOJGGEkRBrc46lmtDjT31pj/P5jMTMK2w
LklzFLuWnXavXVXJkpTRcnvVeRq+9QjBgX9Xgxh4iMiuwl4Z8q6Wpb4ymT6b5Hh1
KNFgAZHhVinnltqN5MMJ6cPwWMMkefiQ4poXdYz2aXCn9typYcQs0lqehIU0hUe/
1vv7Ak17+q8QKb3IbME1pycygAuxdejQ7is=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org