Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/re08N2DAoHtxKIDZlSRfZuRUIkI.roa
File: re08N2DAoHtxKIDZlSRfZuRUIkI.roa (raw, json)
Hash identifier: lHXFc+DvM3F+j5pvPvRdnVXKsKLWI7GpzsBJMCGd4a4=
Subject key identifier: AD:ED:3C:37:60:C0:A0:7B:71:28:80:D9:95:24:5F:66:E4:54:22:42
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 5EABA4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/re08N2DAoHtxKIDZlSRfZuRUIkI.roa
Signing time: Tue 22 Mar 2022 06:15:33 +0000
ROA not before: Tue 22 Mar 2022 06:15:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 88.216.180.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.33.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 6204324 (0x5eaba4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Mar 22 06:15:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aded3c3760c0a07b712880d995245f66e4542242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:95:63:7f:ee:ca:a1:d8:d9:7c:4d:5b:b2:e9:
28:6c:79:55:cc:a9:9b:e8:83:53:00:2b:f3:54:0d:
13:60:78:46:2b:10:7d:72:13:5a:8d:21:01:3e:43:
c3:49:44:7c:d6:8e:1d:2c:70:70:37:b9:d5:28:a9:
20:d9:2a:fb:a9:25:f3:bf:a9:60:b9:b5:06:66:eb:
3e:54:fa:26:63:35:2a:5d:09:e4:3c:a9:08:c2:c8:
6d:93:53:3c:29:eb:47:c6:19:02:ec:db:83:98:4a:
b0:ca:f1:36:01:d1:f2:73:d6:c3:37:58:01:8f:8e:
8d:f4:bb:e4:63:7a:53:a5:85:0c:65:21:09:75:85:
70:5e:c9:b5:af:23:75:29:43:84:ac:8f:2f:2c:a8:
f9:dc:07:7c:1a:29:26:e5:24:6f:bd:e1:30:0d:d6:
b2:e5:f1:12:e7:b7:54:87:6b:8a:c1:d1:9e:cd:0a:
ac:a5:2f:c6:4f:00:91:25:cc:51:69:54:e0:bb:b4:
af:41:fc:5b:40:5f:a5:29:7b:d0:30:44:6a:84:41:
8e:e0:41:c0:b2:a4:17:95:45:b4:32:da:80:a7:dd:
89:a9:44:6e:3b:62:8c:6b:55:56:cb:fd:e4:9f:39:
cd:3b:65:c4:0f:60:d0:ad:5b:a2:11:72:99:ad:4d:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:ED:3C:37:60:C0:A0:7B:71:28:80:D9:95:24:5F:66:E4:54:22:42
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/re08N2DAoHtxKIDZlSRfZuRUIkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/22
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/23
88.216.46.0/23
88.216.180.0/22
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
51:a7:40:a5:06:d2:7a:5a:eb:46:89:b1:5d:85:ca:71:b6:81:
78:0b:95:b3:25:ad:c9:74:f4:67:88:b9:fe:94:ea:85:66:a0:
30:63:9c:d6:26:c0:41:ca:a7:ae:32:b6:b9:47:c9:21:0b:12:
ca:b9:f7:93:05:5d:1e:ff:99:1b:4b:84:da:46:7a:e8:b5:a7:
55:63:75:c3:2b:60:3d:94:bc:50:d1:93:fd:8d:26:7c:1e:c8:
d7:f1:f1:cc:2a:65:92:2b:66:60:27:13:47:87:9f:2b:21:98:
cc:d3:c2:07:ce:bc:a2:ae:ed:8c:2b:a8:af:28:86:87:d5:33:
8b:7c:f7:2f:2d:c8:d4:c1:30:12:1c:7a:c0:d4:30:ce:ee:00:
b3:a0:e2:28:b8:c4:84:1a:73:24:49:62:f7:82:c2:d3:24:a4:
51:38:93:4b:ec:54:b2:26:b8:25:60:38:37:d0:8c:dd:db:09:
45:d2:a2:8c:75:eb:18:f4:68:f4:97:d4:11:8d:90:fa:01:c5:
c0:2f:d5:cb:8d:76:57:d4:04:98:a2:4d:7d:d0:7a:3d:9a:1a:
fd:35:41:27:7c:d0:41:fd:0a:3d:0d:99:70:04:71:4c:94:f5:
2c:45:66:73:ed:b0:47:06:1a:0d:c0:86:80:56:bf:53:3f:21:
2e:a3:7a:74
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgIDXqukMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRm
YmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZiZGEzYzUwHhcNMjIwMzIy
MDYxNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhhZGVkM2MzNzYwYzBh
MDdiNzEyODgwZDk5NTI0NWY2NmU0NTQyMjQyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlpVjf+7KodjZfE1bsukobHlVzKmb6INTACvzVA0TYHhGKxB9
chNajSEBPkPDSUR81o4dLHBwN7nVKKkg2Sr7qSXzv6lgubUGZus+VPomYzUqXQnk
PKkIwshtk1M8KetHxhkC7NuDmEqwyvE2AdHyc9bDN1gBj46N9LvkY3pTpYUMZSEJ
dYVwXsm1ryN1KUOErI8vLKj53Ad8Gikm5SRvveEwDday5fES57dUh2uKwdGezQqs
pS/GTwCRJcxRaVTgu7SvQfxbQF+lKXvQMERqhEGO4EHAsqQXlUW0MtqAp92JqURu
O2KMa1VWy/3knznNO2XED2DQrVuiEXKZrU2vPwIDAQABo4ICTzCCAkswHQYDVR0O
BBYEFK3tPDdgwKB7cSiA2ZUkX2bkVCJCMB8GA1UdIwQYMBaAFE+9RfzjVuKmXx5N
Ha94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEv
cmUwOE4yREFvSHR4S0lEWmxTUmZadVJVSWtJLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8z
OTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMzLzEvVDcxRl9PTlc0cVpm
SGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMGUG
CCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCVCAEAwQCWNgAAwQAWNgQMAwDBABY
2BMDBANY2BADBAFY2CADBAFY2C4DBAJY2LQDBAJY2LwDBAJY2MQwDAMEAFjY0QME
A1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAUadApQbSelrrRomxXYXKcbaBeAuVsyWt
yXT0Z4i5/pTqhWagMGOc1ibAQcqnrjK2uUfJIQsSyrn3kwVdHv+ZG0uE2kZ66LWn
VWN1wytgPZS8UNGT/Y0mfB7I1/HxzCplkitmYCcTR4efKyGYzNPCB868oq7tjCuo
ryiGh9Uzi3z3Ly3I1MEwEhx6wNQwzu4As6DiKLjEhBpzJEli94LC0ySkUTiTS+xU
sia4JWA4N9CM3dsJRdKijHXrGPRo9JfUEY2Q+gHFwC/Vy412V9QEmKJNfdB6PZoa
/TVBJ3zQQf0KPQ2ZcARxTJT1LEVmc+2wRwYaDcCGgFa/Uz8hLqN6dA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org