Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rSSMjh4VgS1RZZH1YQpjPsdnaro.roa
File: rSSMjh4VgS1RZZH1YQpjPsdnaro.roa (raw, json)
Hash identifier: COBEKKloFI/7unWI8n+Qr/uk/rSQVpscttzPfk4r6xA=
Subject key identifier: AD:24:8C:8E:1E:15:81:2D:51:65:91:F5:61:0A:63:3E:C7:67:6A:BA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E7E3DCD8C792AC45E6E5DBD693D3865C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rSSMjh4VgS1RZZH1YQpjPsdnaro.roa
Signing time: Tue 06 Dec 2022 14:43:00 +0000
ROA not before: Tue 06 Dec 2022 14:43:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:e3:dc:d8:c7:92:ac:45:e6:e5:db:d6:93:d3:86:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 6 14:43:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad248c8e1e15812d516591f5610a633ec7676aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:52:8a:fd:ea:02:62:9f:b7:86:1c:80:fa:9c:
49:f1:b7:d6:ce:32:76:49:7f:93:c6:d2:43:a8:b4:
a2:86:5e:20:c8:f9:52:32:3b:40:44:67:36:1a:67:
d5:be:04:bf:a1:b9:62:42:59:7d:39:63:b9:a3:aa:
15:d7:50:00:eb:b8:3a:92:af:50:a7:3f:78:45:f1:
66:49:ca:4e:ce:38:8d:a1:67:b2:66:41:10:e3:96:
35:85:8a:ec:33:fd:dd:44:86:9f:f1:2a:a3:38:39:
9f:12:ad:9f:a1:c2:b1:57:8d:24:1c:0e:e2:0f:7e:
3a:40:13:8c:df:d1:23:96:f7:56:df:34:7a:ab:88:
c7:5d:31:aa:ad:b4:56:35:42:1d:5e:c4:9f:78:60:
7e:51:95:19:c6:e6:e4:12:16:91:13:d3:c8:b3:37:
0d:09:50:27:55:72:ec:a9:49:80:82:dc:09:80:45:
43:f6:8e:53:d4:88:00:3a:85:b6:fd:b4:92:ef:10:
1c:62:a2:f7:dd:4e:30:df:cf:ae:d2:e5:5f:6e:e1:
fa:5e:ac:6e:e3:ee:d8:84:3d:85:84:c6:41:80:76:
3c:39:6f:2c:74:c6:e9:44:b4:da:8c:5a:a9:f5:34:
e8:f3:67:07:98:b0:ad:0a:e2:b0:53:28:b4:37:df:
d3:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:24:8C:8E:1E:15:81:2D:51:65:91:F5:61:0A:63:3E:C7:67:6A:BA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rSSMjh4VgS1RZZH1YQpjPsdnaro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
88.216.20.0/24
88.216.23.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
43:df:da:16:60:aa:2a:97:cd:4c:21:dd:b8:a4:ca:86:13:a5:
43:a9:0e:ef:c9:27:93:cb:76:cd:c7:b4:68:7b:00:d6:cd:a5:
ec:44:ab:45:0c:02:b9:e0:84:2f:52:99:43:d9:33:42:e2:34:
62:df:99:c1:99:a5:83:cc:cf:c5:f0:12:9c:22:0c:db:8f:2e:
35:23:e1:a3:d4:52:ce:e7:5c:81:2c:d7:b3:06:ce:fe:68:f0:
a2:a7:1f:fd:b7:d4:7e:24:fb:42:29:cc:84:5a:44:9d:a8:04:
e7:08:62:c7:45:f6:04:8a:c7:d2:bf:de:47:9b:d2:0e:62:35:
ae:4a:0f:d9:17:03:0f:5f:2d:6f:1a:de:5a:b5:f1:76:1e:f6:
c0:a1:16:31:f9:a1:7e:7e:1a:7a:ac:e1:c1:96:64:d0:a8:6f:
18:d0:3a:10:df:9a:fd:03:87:c3:55:1c:e9:77:38:ad:19:59:
9a:3b:ef:c4:0e:74:75:5b:ca:e0:3d:5a:1c:81:e1:5a:62:c4:
25:1b:3c:49:42:91:38:8f:43:0b:86:f1:60:36:77:35:72:a9:
87:80:e9:11:ed:e2:70:82:eb:3c:8d:53:b1:0b:d3:23:83:f9:
f7:f4:53:9b:78:f5:70:aa:01:4c:1b:01:e0:3d:92:da:39:5c:
60:e3:b8:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTn49zYx5KsRebl29aT04ZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA2MTQ0MzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI0OGM4ZTFlMTU4MTJkNTE2NTkxZjU2MTBhNjMzZWM3Njc2YWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsFKK/eoCYp+3hhyA+pxJ8bfWzjJ2
SX+TxtJDqLSihl4gyPlSMjtARGc2GmfVvgS/obliQll9OWO5o6oV11AA67g6kq9Q
pz94RfFmScpOzjiNoWeyZkEQ45Y1hYrsM/3dRIaf8SqjODmfEq2focKxV40kHA7i
D346QBOM39EjlvdW3zR6q4jHXTGqrbRWNUIdXsSfeGB+UZUZxubkEhaRE9PIszcN
CVAnVXLsqUmAgtwJgEVD9o5T1IgAOoW2/bSS7xAcYqL33U4w38+u0uVfbuH6Xqxu
4+7YhD2FhMZBgHY8OW8sdMbpRLTajFqp9TTo82cHmLCtCuKwUyi0N9/TNQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK0kjI4eFYEtUWWR9WEKYz7HZ2q6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvclNTTWpoNFZnUzFSWlpIMVlRcGpQc2RuYXJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAfAwQA
WNgUAwQAWNgXAwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQBD39oWYKoq
l81MId24pMqGE6VDqQ7vySeTy3bNx7RoewDWzaXsRKtFDAK54IQvUplD2TNC4jRi
35nBmaWDzM/F8BKcIgzbjy41I+Gj1FLO51yBLNezBs7+aPCipx/9t9R+JPtCKcyE
WkSdqATnCGLHRfYEisfSv95Hm9IOYjWuSg/ZFwMPXy1vGt5atfF2HvbAoRYx+aF+
fhp6rOHBlmTQqG8Y0DoQ35r9A4fDVRzpdzitGVmaO+/EDnR1W8rgPVocgeFaYsQl
GzxJQpE4j0MLhvFgNnc1cqmHgOkR7eJwgus8jVOxC9Mjg/n39FObePVwqgFMGwHg
PZLaOVxg47gV
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org