Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0rwTOOVfhXxkSmCbFTopmpIJlrY.roa
File: 0rwTOOVfhXxkSmCbFTopmpIJlrY.roa (raw, json)
Hash identifier: gB2xErSumCfcFvcdfJWNIw6TjqVIXyIQ9FQbWjslFRo=
Subject key identifier: D2:BC:13:38:E5:5F:85:7C:64:4A:60:9B:15:3A:29:9A:92:09:96:B6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018267591A10266908EA76B7D6986D1BC5F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0rwTOOVfhXxkSmCbFTopmpIJlrY.roa
Signing time: Thu 04 Aug 2022 05:34:28 +0000
ROA not before: Thu 04 Aug 2022 05:34:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:67:59:1a:10:26:69:08:ea:76:b7:d6:98:6d:1b:c5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 4 05:34:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2bc1338e55f857c644a609b153a299a920996b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d1:d9:7e:e3:69:be:23:3a:eb:16:6b:46:1c:
ca:dd:ff:42:58:30:15:ab:1b:b1:8d:12:3f:1d:a5:
74:6b:cd:a7:45:c1:f7:b8:de:be:48:77:e8:11:fb:
45:c8:97:67:75:55:80:5c:f8:c6:d3:d7:87:ff:e3:
3c:25:e0:96:e8:98:63:4b:19:60:74:e7:10:84:c9:
d9:18:65:b2:c6:86:ef:57:99:4f:62:a8:4c:a0:0e:
e3:1e:fe:dc:59:68:6e:8b:d2:8d:e2:3d:da:d4:61:
13:b9:28:25:7a:38:f9:0a:b4:99:4f:05:c2:7e:76:
e9:7f:06:26:c4:61:3e:7f:0b:83:ac:ad:a3:3f:ce:
47:19:8f:54:36:1b:60:9b:94:0d:4c:b6:79:9c:cb:
35:83:d6:3a:64:d3:53:4b:2f:2a:e0:95:7b:9a:cb:
b3:41:33:67:bd:8e:10:f9:fd:8d:e0:03:74:17:27:
25:44:02:06:c3:6d:b5:ae:dc:fa:2f:13:f5:24:ae:
50:0c:41:26:75:14:9f:a7:73:d2:00:9a:ad:ce:6e:
e8:b3:63:a7:7e:81:0b:25:71:cf:8f:6d:20:b5:b0:
cb:91:5d:30:24:65:47:7e:ea:15:02:cd:85:c6:f7:
91:21:4e:91:f6:44:c6:34:ec:0f:f5:ef:65:55:3d:
74:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BC:13:38:E5:5F:85:7C:64:4A:60:9B:15:3A:29:9A:92:09:96:B6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0rwTOOVfhXxkSmCbFTopmpIJlrY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.129.0-88.216.130.255
88.216.224.0/22
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:f2:ed:b8:c0:b9:45:cc:67:04:7f:9e:94:ef:f9:ad:19:38:
a9:58:c8:fa:38:c5:c3:f8:05:8f:ed:56:c3:25:75:2a:bb:51:
1b:cd:18:5f:49:1f:88:24:b1:15:ed:d5:a7:2e:7d:6d:98:8e:
14:36:4c:32:b8:e4:ce:4b:d5:b0:60:ef:a4:7f:ee:e5:50:70:
97:7b:24:7e:b6:24:b6:a8:71:41:c4:35:cc:3e:55:c8:77:c4:
7b:48:57:ac:73:1f:f8:21:fd:ec:a7:af:01:d5:af:e0:5d:4f:
8e:da:c8:a2:e4:2b:6d:9f:4a:4f:80:4c:6c:43:3a:7e:f9:40:
f8:ae:ad:7d:2a:bd:7b:ee:04:d4:90:40:fa:02:81:3f:f2:91:
9f:d8:e9:2b:be:f0:87:a8:b6:15:f8:4e:7d:4f:57:ce:b2:a1:
f6:85:c2:0c:22:a8:36:4d:ec:10:95:c3:ed:67:c4:28:9f:f4:
4c:bd:8c:ce:d9:a8:27:c5:83:2d:29:39:91:35:22:89:01:12:
6b:2d:26:c4:87:41:bd:3c:c2:e6:e2:c5:6b:ef:a2:ff:f2:66:
ae:ba:41:87:80:9d:a5:81:dd:a5:72:52:23:f3:a7:c5:8f:38:
fc:0c:20:2e:90:ca:66:3d:d5:58:7c:ce:92:b9:37:d9:cd:5b:
f5:48:43:1e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYJnWRoQJmkI6na31phtG8XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODA0MDUzNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmJjMTMzOGU1NWY4NTdjNjQ0YTYwOWIxNTNhMjk5YTkyMDk5NmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdHZfuNpviM66xZrRhzK3f9CWDAV
qxuxjRI/HaV0a82nRcH3uN6+SHfoEftFyJdndVWAXPjG09eH/+M8JeCW6JhjSxlg
dOcQhMnZGGWyxobvV5lPYqhMoA7jHv7cWWhui9KN4j3a1GETuSglejj5CrSZTwXC
fnbpfwYmxGE+fwuDrK2jP85HGY9UNhtgm5QNTLZ5nMs1g9Y6ZNNTSy8q4JV7msuz
QTNnvY4Q+f2N4AN0FyclRAIGw221rtz6LxP1JK5QDEEmdRSfp3PSAJqtzm7os2On
foELJXHPj20gtbDLkV0wJGVHfuoVAs2FxveRIU6R9kTGNOwP9e9lVT10GwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNK8EzjlX4V8ZEpgmxU6KZqSCZa2MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMHJ3VE9PVmZoWHhrU21DYkZUb3BtcElKbHJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCBTAwQA
WNghMAwDBABY2IEDBABY2IIDBAJY2OADBAJY2OgwDQYJKoZIhvcNAQELBQADggEB
AGry7bjAuUXMZwR/npTv+a0ZOKlYyPo4xcP4BY/tVsMldSq7URvNGF9JH4gksRXt
1acufW2YjhQ2TDK45M5L1bBg76R/7uVQcJd7JH62JLaocUHENcw+Vch3xHtIV6xz
H/gh/eynrwHVr+BdT47ayKLkK22fSk+ATGxDOn75QPiurX0qvXvuBNSQQPoCgT/y
kZ/Y6Su+8IeothX4Tn1PV86yofaFwgwiqDZN7BCVw+1nxCif9Ey9jM7ZqCfFgy0p
OZE1IokBEmstJsSHQb08wubixWvvov/yZq66QYeAnaWB3aVyUiPzp8WPOPwMIC6Q
ymY91Vh8zpK5N9nNW/VIQx4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org