Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OhLhZHHwEQCEgIiGmFEJ7P-mtg.roa
File: 1-OhLhZHHwEQCEgIiGmFEJ7P-mtg.roa (raw, json)
Hash identifier: OS3jCUKtcd0Sz72V7BIuS5x2d4NiyKsZ6AZxdyI+agI=
Subject key identifier: F8:E8:4B:85:91:C7:C0:44:02:12:02:22:1A:61:44:27:B3:FE:9A:D8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01848F00A9CE1517EE677508583884F1ABAC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OhLhZHHwEQCEgIiGmFEJ7P-mtg.roa
Signing time: Sat 19 Nov 2022 08:28:16 +0000
ROA not before: Sat 19 Nov 2022 08:28:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 84.32.95.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8f:00:a9:ce:15:17:ee:67:75:08:58:38:84:f1:ab:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 19 08:28:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8e84b8591c7c044021202221a614427b3fe9ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:48:0c:8c:7e:59:13:42:a8:c3:c4:c3:0a:40:
40:b9:77:32:8d:41:a4:74:81:ac:6b:ba:4a:8e:8b:
65:d7:f9:cb:b6:2f:2d:f0:c9:40:e1:c0:9d:03:4e:
5a:a4:59:37:89:ff:e9:29:32:ee:e1:79:6e:3f:77:
73:4b:49:c3:df:07:d6:27:3a:d7:86:bf:df:e2:87:
55:57:05:6d:55:d0:dd:e6:f3:b4:3a:6c:ac:72:16:
8d:58:62:06:47:5d:bb:89:74:13:c6:63:5a:3c:97:
54:39:b4:2b:8f:d1:b4:1c:2b:3f:00:55:83:11:5c:
f9:80:38:eb:18:c0:e5:e4:e8:e6:83:c7:56:a3:7a:
83:61:d7:bf:91:14:0b:81:fc:39:33:90:a7:eb:95:
59:28:8c:53:a9:0c:b9:33:69:8c:99:4f:75:24:cf:
31:a4:1c:4d:fb:a8:8e:ca:c1:fd:eb:f6:53:f3:5b:
6f:9f:01:3c:12:43:aa:b9:d2:b7:36:78:1c:73:d7:
53:b1:9d:04:63:eb:6d:49:ea:f6:8a:81:2a:bd:5d:
55:a8:9f:ff:73:1b:12:65:47:f8:07:1e:53:85:99:
90:b1:fa:41:c9:68:fb:e1:ca:1e:44:d4:95:2b:5b:
b7:8e:b0:e1:8b:c1:01:f9:84:6e:3c:c0:93:35:fc:
c1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E8:4B:85:91:C7:C0:44:02:12:02:22:1A:61:44:27:B3:FE:9A:D8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OhLhZHHwEQCEgIiGmFEJ7P-mtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.95.0/24
88.216.0.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:5c:28:f9:72:f2:94:df:0b:c7:71:c2:8b:2b:bb:fe:5f:80:
1f:06:ff:21:9b:26:29:45:1b:89:97:7a:a2:41:c0:67:35:ce:
83:ba:04:c4:0b:a4:e3:fd:06:97:62:2e:a7:28:ad:f7:19:4f:
9f:b9:c6:3d:98:d8:ae:26:99:ab:eb:29:4c:e7:b1:b3:ce:02:
e2:65:5b:b5:d4:a1:90:07:4a:a5:9a:ae:fc:27:b7:2d:6b:6a:
a8:9f:e1:4d:47:b2:91:db:82:6a:79:60:0f:86:ea:67:5f:52:
a0:4a:d8:1b:91:a7:4b:28:e3:36:c8:fb:46:58:9c:0f:a3:b8:
a4:b7:5e:82:40:6d:90:f4:e6:d3:e8:fd:a8:5e:47:ce:8f:14:
35:76:01:94:da:f6:c3:f4:54:38:9b:ac:31:f4:a7:4b:18:ce:
04:30:8b:a5:ce:43:6e:a7:5b:01:cd:76:71:06:d3:fb:ab:c1:
c9:d9:93:b5:f4:58:ab:15:81:e0:1e:b6:53:61:ee:2c:36:85:
dd:18:e2:fd:3e:56:be:00:3d:95:d6:e6:6c:9b:8d:1e:bf:68:
49:a8:ec:b7:62:1e:6e:57:90:39:f3:f5:82:01:1f:40:9d:d6:
b3:6c:69:34:0f:01:9b:28:d2:d0:c3:46:59:9c:59:fe:7e:17:
74:51:ef:6b
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYSPAKnOFRfuZ3UIWDiE8ausMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE5MDgyODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGU4NGI4NTkxYzdjMDQ0MDIxMjAyMjIxYTYxNDQyN2IzZmU5YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0gMjH5ZE0Kow8TDCkBAuXcyjUGk
dIGsa7pKjotl1/nLti8t8MlA4cCdA05apFk3if/pKTLu4XluP3dzS0nD3wfWJzrX
hr/f4odVVwVtVdDd5vO0OmyschaNWGIGR127iXQTxmNaPJdUObQrj9G0HCs/AFWD
EVz5gDjrGMDl5Ojmg8dWo3qDYde/kRQLgfw5M5Cn65VZKIxTqQy5M2mMmU91JM8x
pBxN+6iOysH96/ZT81tvnwE8EkOqudK3Nngcc9dTsZ0EY+ttSer2ioEqvV1VqJ//
cxsSZUf4Bx5ThZmQsfpByWj74coeRNSVK1u3jrDhi8EB+YRuPMCTNfzB+QIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPjoS4WRx8BEAhICIhphRCez/prYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1PaExoWkhId0VRQ0VnSWlHbUZFSjdQLW10Zy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAFQgXwME
AFjYAAMEAFjY3jANBgkqhkiG9w0BAQsFAAOCAQEAK1wo+XLylN8Lx3HCiyu7/l+A
Hwb/IZsmKUUbiZd6okHAZzXOg7oExAuk4/0Gl2Iupyit9xlPn7nGPZjYriaZq+sp
TOexs84C4mVbtdShkAdKpZqu/Ce3LWtqqJ/hTUeykduCanlgD4bqZ19SoErYG5Gn
SyjjNsj7RlicD6O4pLdegkBtkPTm0+j9qF5Hzo8UNXYBlNr2w/RUOJusMfSnSxjO
BDCLpc5DbqdbAc12cQbT+6vBydmTtfRYqxWB4B62U2HuLDaF3Rji/T5WvgA9ldbm
bJuNHr9oSajst2IebleQOfP1ggEfQJ3Ws2xpNA8BmyjS0MNGWZxZ/n4XdFHvaw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org