Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/lFCF4qRnmsl22v2kcpS-naNtlm8.roa
File: lFCF4qRnmsl22v2kcpS-naNtlm8.roa (raw, json)
Hash identifier: myREJWxYeA6m8ZMM6OPyKrAIv8U1pqc5sflo0j0XOlE=
Subject key identifier: 94:50:85:E2:A4:67:9A:C9:76:DA:FD:A4:72:94:BE:9D:A3:6D:96:6F
Certificate issuer: /CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Certificate serial: 01826DDE05C2B097F3CEB173B58C085745C2
Authority key identifier: 1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/lFCF4qRnmsl22v2kcpS-naNtlm8.roa
Signing time: Fri 05 Aug 2022 11:57:23 +0000
ROA not before: Fri 05 Aug 2022 11:57:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200706
IP address blocks: 185.88.16.0/23 maxlen: 23
185.88.16.0/24 maxlen: 24
185.88.17.0/24 maxlen: 24
185.88.16.0/22 maxlen: 22
185.88.19.0/24 maxlen: 24
185.88.18.0/24 maxlen: 24
185.88.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:6d:de:05:c2:b0:97:f3:ce:b1:73:b5:8c:08:57:45:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d6b6b6a5061a4115d53040cffdc64b3b0d71a78
Validity
Not Before: Aug 5 11:57:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=945085e2a4679ac976dafda47294be9da36d966f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:03:23:38:3c:3f:81:5f:de:88:f9:1d:7c:d2:
90:07:f8:6d:9b:ff:da:47:b0:90:e6:79:b2:3a:a2:
10:de:56:95:08:9e:d4:e7:24:30:3f:a6:70:30:6b:
2a:f6:fe:31:de:c3:60:a9:3e:7f:8d:2f:14:f9:5f:
b4:95:53:19:65:72:66:ac:d6:ef:8c:5b:4c:4c:39:
31:bd:e0:0c:94:0b:67:81:93:d0:3c:d6:1c:b3:b5:
c4:c6:f0:f3:83:22:f3:84:cc:c0:b8:02:a9:f6:6e:
d5:2b:cf:ea:cc:e8:1a:82:d9:6e:32:35:46:2d:c1:
2b:2d:25:37:c8:0a:1b:9e:8e:74:3b:94:9e:40:f2:
66:be:da:bd:0b:90:32:33:72:ad:29:e8:e0:43:d7:
2e:2a:f3:92:ba:39:99:cf:c9:8a:04:1e:b8:2d:bf:
6b:f9:8f:bb:f0:72:f9:4a:8c:d8:a4:bf:fd:8f:04:
98:b7:19:50:48:54:3e:27:c4:56:02:f3:46:ee:d6:
6d:6d:ae:12:a8:16:b7:ff:7f:1f:28:38:dd:73:b1:
12:f4:6d:3e:7c:13:0c:52:b1:ad:79:d4:76:a2:bd:
4a:bf:ca:7b:b1:1b:7a:04:ab:12:7f:66:ef:35:8f:
a9:d4:45:15:d1:56:a6:02:75:46:f4:63:77:d1:7a:
fd:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:50:85:E2:A4:67:9A:C9:76:DA:FD:A4:72:94:BE:9D:A3:6D:96:6F
X509v3 Authority Key Identifier:
keyid:1D:6B:6B:6A:50:61:A4:11:5D:53:04:0C:FF:DC:64:B3:B0:D7:1A:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HWtralBhpBFdUwQM_9xks7DXGng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/lFCF4qRnmsl22v2kcpS-naNtlm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/9e5f54-ba3f-4b6e-9da9-bfafd622e89f/1/HWtralBhpBFdUwQM_9xks7DXGng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.16.0/22
Signature Algorithm: sha256WithRSAEncryption
47:e4:e9:9d:2a:1a:e5:20:f5:bd:2d:02:8c:e4:8e:a7:4f:4f:
fc:95:4e:46:83:b7:d3:fa:93:50:b4:dd:c9:9e:21:54:e5:72:
c7:61:f9:b0:e2:59:63:f1:b8:f0:1c:f0:6c:4d:d4:a5:89:bd:
2c:f4:03:cb:2b:c0:45:a6:75:6e:3c:af:73:9f:e1:44:f1:cf:
e4:af:1c:2c:e5:0b:47:03:ef:c3:86:d6:e3:11:8a:a0:57:b9:
5b:85:dc:66:4b:28:0e:08:12:10:24:a2:b6:5d:e6:69:e6:f1:
47:11:2b:c5:83:ee:1c:4f:bb:de:91:e0:da:25:4f:f9:93:18:
25:ac:9b:0c:f7:82:c7:aa:1d:a7:21:8b:d9:22:d4:c7:29:c4:
89:50:32:c6:57:08:8d:5d:37:c4:4b:8f:b3:3f:b6:95:32:98:
84:30:6d:4e:82:41:96:2e:10:98:34:aa:a8:43:e9:b5:8e:5f:
eb:4c:86:de:73:43:07:6b:0a:ab:90:ec:b1:36:bf:87:79:fa:
88:13:b0:f4:4a:c3:01:a2:fc:58:a2:46:2d:a6:9d:4e:08:cc:
0a:9c:89:67:65:26:b9:0c:08:0c:f5:69:5e:0b:b5:7d:e8:20:
c9:03:d8:bb:19:47:93:ea:03:12:d9:25:b4:5a:1a:13:b9:d7:
a1:4f:85:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJt3gXCsJfzzrFztYwIV0XCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkNmI2YjZhNTA2MWE0MTE1ZDUzMDQwY2ZmZGM2NGIzYjBk
NzFhNzgwHhcNMjIwODA1MTE1NzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUwODVlMmE0Njc5YWM5NzZkYWZkYTQ3Mjk0YmU5ZGEzNmQ5NjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAMjODw/gV/eiPkdfNKQB/htm//a
R7CQ5nmyOqIQ3laVCJ7U5yQwP6ZwMGsq9v4x3sNgqT5/jS8U+V+0lVMZZXJmrNbv
jFtMTDkxveAMlAtngZPQPNYcs7XExvDzgyLzhMzAuAKp9m7VK8/qzOgagtluMjVG
LcErLSU3yAobno50O5SeQPJmvtq9C5AyM3KtKejgQ9cuKvOSujmZz8mKBB64Lb9r
+Y+78HL5SozYpL/9jwSYtxlQSFQ+J8RWAvNG7tZtba4SqBa3/38fKDjdc7ES9G0+
fBMMUrGtedR2or1Kv8p7sRt6BKsSf2bvNY+p1EUV0VamAnVG9GN30Xr90QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRQheKkZ5rJdtr9pHKUvp2jbZZvMB8GA1UdIwQY
MBaAFB1ra2pQYaQRXVMEDP/cZLOw1xp4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTkt
YmZhZmQ2MjJlODlmLzEvbEZDRjRxUm5tc2wyMnYya2NwUy1uYU50bG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85ZTVmNTQtYmEzZi00YjZlLTlkYTktYmZhZmQ2MjJlODlm
LzEvSFd0cmFsQmhwQkZkVXdRTV85eGtzN0RYR25nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVgQMA0G
CSqGSIb3DQEBCwUAA4IBAQBH5OmdKhrlIPW9LQKM5I6nT0/8lU5Gg7fT+pNQtN3J
niFU5XLHYfmw4llj8bjwHPBsTdSlib0s9APLK8BFpnVuPK9zn+FE8c/krxws5QtH
A+/DhtbjEYqgV7lbhdxmSygOCBIQJKK2XeZp5vFHESvFg+4cT7vekeDaJU/5kxgl
rJsM94LHqh2nIYvZItTHKcSJUDLGVwiNXTfES4+zP7aVMpiEMG1OgkGWLhCYNKqo
Q+m1jl/rTIbec0MHawqrkOyxNr+HefqIE7D0SsMBovxYokYtpp1OCMwKnIlnZSa5
DAgM9WleC7V96CDJA9i7GUeT6gMS2SW0WhoTudehT4VF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:59 2024 by rpki-client on console-ams.rpki-client.org