Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H48fb7_53A38DwGB1CaEZEchblg.roa
File: H48fb7_53A38DwGB1CaEZEchblg.roa (raw, json)
Hash identifier: nMTDjCA+zqoUolDzBz8BL/77DVZ8d4i5xh5CseWgw6A=
Subject key identifier: 1F:8F:1F:6F:BF:F9:DC:0D:FC:0F:01:81:D4:26:84:64:47:21:6E:58
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018249DC80A13DF471EF60F40BC9D630F101
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H48fb7_53A38DwGB1CaEZEchblg.roa
Signing time: Fri 29 Jul 2022 12:09:23 +0000
ROA not before: Fri 29 Jul 2022 12:09:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47169
IP address blocks: 88.209.250.0/23 maxlen: 23
45.88.92.0/24 maxlen: 24
92.52.192.0/21 maxlen: 21
92.52.200.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:49:dc:80:a1:3d:f4:71:ef:60:f4:0b:c9:d6:30:f1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 29 12:09:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f8f1f6fbff9dc0dfc0f0181d426846447216e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:53:dd:e6:dc:ee:b3:cc:69:98:58:07:5a:1e:
47:ba:3f:67:03:93:e2:d9:ce:c5:c2:1d:74:b3:17:
47:3b:03:62:38:9b:44:31:81:f1:95:81:e8:c7:6b:
d6:32:46:5f:19:bd:a5:8a:72:38:dc:25:a1:11:29:
0c:7b:98:cc:73:b0:c1:d4:f5:00:a1:eb:ab:f9:7b:
4b:87:7b:c5:99:0a:7b:5a:bc:f3:56:ef:79:e4:90:
b2:d0:3a:14:e8:66:ed:58:85:7c:1b:92:cd:5c:30:
52:02:66:cc:16:36:ce:fb:fb:d8:6e:2a:3d:61:f8:
88:07:04:43:6e:38:90:47:26:2a:74:c4:66:b4:2c:
f5:fc:64:59:46:c7:fd:1e:65:c3:7d:9a:d2:6f:f0:
1b:79:6a:97:da:2c:71:c7:f2:5c:30:2a:2b:26:3e:
e5:0e:3d:bd:d7:76:d1:5c:54:57:19:3a:c6:20:be:
56:3a:39:48:f1:de:27:86:89:d7:a8:9b:61:59:d8:
71:54:b8:8c:bc:7c:64:d3:73:94:4c:cd:b2:6f:24:
dd:9d:93:10:98:39:46:13:63:09:cc:9a:cc:fd:c7:
ad:cb:64:44:1b:d0:b3:0e:15:1e:d1:5b:61:57:16:
69:43:0f:dd:e2:56:c7:5d:be:c5:80:3a:a2:96:fd:
18:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:8F:1F:6F:BF:F9:DC:0D:FC:0F:01:81:D4:26:84:64:47:21:6E:58
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/H48fb7_53A38DwGB1CaEZEchblg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.92.0/24
88.209.250.0/23
92.52.192.0-92.52.203.255
Signature Algorithm: sha256WithRSAEncryption
89:d8:c9:c4:67:07:bd:91:dc:52:80:dd:68:ba:28:6d:9f:9e:
8b:bc:c4:3a:38:cb:10:f2:0d:59:f8:ce:a7:d9:32:7d:17:08:
90:5e:e9:69:c3:67:03:d9:e2:48:c8:47:54:f5:4f:b6:b1:56:
bc:60:9a:35:3b:84:a4:38:4d:b4:44:7e:97:d7:e0:01:9f:1e:
f4:ad:8f:0a:bb:9a:6b:0e:de:50:40:1c:5a:b6:95:19:50:c5:
4e:92:cf:1b:f7:69:ae:85:8d:b9:94:e2:87:0a:cc:e1:c5:4e:
7c:96:92:9c:f6:fc:20:d6:3b:61:e1:2e:f9:09:d9:1a:5b:03:
47:b0:9e:65:01:37:66:c5:d8:ed:43:c1:63:f2:7b:61:c4:6b:
54:42:07:69:a9:62:b8:de:fb:72:4d:eb:4e:6d:bb:51:64:0e:
56:52:33:65:d1:5c:3d:fa:01:2c:c2:15:77:18:c8:a2:0b:23:
fd:e3:5d:3a:25:cb:3e:5c:b8:e1:4b:e2:13:ba:1f:a1:5d:3e:
38:10:33:19:8e:28:d7:d0:25:4b:e1:51:1f:a9:2a:7a:ad:0d:
70:5a:ab:45:4d:ee:b2:29:53:ae:02:d7:6a:13:d0:5c:13:8f:
64:42:72:d1:49:17:ed:24:25:95:30:cd:a3:08:98:f9:a4:91:
af:49:f8:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYJJ3IChPfRx72D0C8nWMPEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI5MTIwOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjhmMWY2ZmJmZjlkYzBkZmMwZjAxODFkNDI2ODQ2NDQ3MjE2ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlPd5tzus8xpmFgHWh5Huj9nA5Pi
2c7Fwh10sxdHOwNiOJtEMYHxlYHox2vWMkZfGb2linI43CWhESkMe5jMc7DB1PUA
oeur+XtLh3vFmQp7WrzzVu955JCy0DoU6GbtWIV8G5LNXDBSAmbMFjbO+/vYbio9
YfiIBwRDbjiQRyYqdMRmtCz1/GRZRsf9HmXDfZrSb/AbeWqX2ixxx/JcMCorJj7l
Dj2913bRXFRXGTrGIL5WOjlI8d4nhonXqJthWdhxVLiMvHxk03OUTM2ybyTdnZMQ
mDlGE2MJzJrM/cety2REG9CzDhUe0VthVxZpQw/d4lbHXb7FgDqilv0YawIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB+PH2+/+dwN/A8BgdQmhGRHIW5YMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSDQ4ZmI3XzUzQTM4RHdHQjFDYUVaRWNoYmxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALVhcAwQB
WNH6MAwDBAZcNMADBAJcNMgwDQYJKoZIhvcNAQELBQADggEBAInYycRnB72R3FKA
3Wi6KG2fnou8xDo4yxDyDVn4zqfZMn0XCJBe6WnDZwPZ4kjIR1T1T7axVrxgmjU7
hKQ4TbREfpfX4AGfHvStjwq7mmsO3lBAHFq2lRlQxU6Szxv3aa6FjbmU4ocKzOHF
TnyWkpz2/CDWO2HhLvkJ2RpbA0ewnmUBN2bF2O1DwWPye2HEa1RCB2mpYrje+3JN
605tu1FkDlZSM2XRXD36ASzCFXcYyKILI/3jXTolyz5cuOFL4hO6H6FdPjgQMxmO
KNfQJUvhUR+pKnqtDXBaq0VN7rIpU64C12oT0FwTj2RCctFJF+0kJZUwzaMImPmk
ka9J+Gc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org