Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OsCseywHSEcoVCDpnrE2163UMI.roa
File: 1-OsCseywHSEcoVCDpnrE2163UMI.roa (raw, json)
Hash identifier: uFh5S3lPWEFCoz98fY4flqttz2rpUJC2NNO5vtqOrfE=
Subject key identifier: F8:EB:02:B1:EC:B0:1D:21:1C:A1:50:83:A6:7A:C4:DB:5E:B7:50:C2
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184657A4AD909918035013AF19729082CEF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OsCseywHSEcoVCDpnrE2163UMI.roa
Signing time: Fri 11 Nov 2022 06:57:03 +0000
ROA not before: Fri 11 Nov 2022 06:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.82.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:65:7a:4a:d9:09:91:80:35:01:3a:f1:97:29:08:2c:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 11 06:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8eb02b1ecb01d211ca15083a67ac4db5eb750c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:c4:d9:4a:cc:aa:63:f9:f9:34:8b:8a:be:2f:
8f:ea:16:64:c6:94:92:33:2b:83:ba:58:76:4e:4d:
e2:6e:fc:ab:12:f4:4c:6f:a4:ae:b8:ea:d4:32:10:
cf:73:9e:4d:c3:a1:8e:61:89:b7:98:ce:55:9a:40:
1f:f8:d6:84:af:4f:e1:00:5d:5b:b8:f9:6b:1b:c1:
71:58:43:6b:20:3a:eb:d7:87:aa:f6:46:36:76:d1:
ce:19:3f:9c:84:b2:47:3e:a2:f3:7f:c4:0c:9a:07:
6b:00:aa:c2:a9:a1:0a:c5:03:b4:95:51:56:49:fd:
4a:ca:69:89:6e:1b:3d:a7:83:47:26:0e:20:a9:9e:
be:7a:55:f0:f5:19:9e:a5:33:d8:77:bc:7c:03:d6:
fa:55:fd:2f:e9:13:f0:ef:e8:78:68:59:ac:20:94:
ae:3d:02:2e:78:e0:98:9f:e3:46:ae:1f:1c:5e:8f:
cf:f9:11:31:9b:8d:ab:83:f6:4e:70:0d:01:5c:7e:
82:59:54:8e:a1:20:f7:f8:83:aa:40:4e:f2:15:c9:
4d:8c:0a:2d:cc:97:61:cf:1c:de:65:00:05:f2:d3:
8d:2e:29:14:96:2f:52:c3:cd:e2:67:8f:3a:6e:7d:
7a:73:36:a9:19:5b:c7:6a:6c:1e:d1:80:bf:fd:ce:
ed:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:EB:02:B1:EC:B0:1D:21:1C:A1:50:83:A6:7A:C4:DB:5E:B7:50:C2
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-OsCseywHSEcoVCDpnrE2163UMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
84.32.70.0/24
84.32.82.0/24
88.216.18.0/24
88.216.42.0/24
88.216.96.0/24
88.216.128.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
3f:d0:07:ee:a4:54:49:b5:ce:e2:70:e8:49:fd:a0:21:c7:94:
54:c5:7c:4c:2a:f2:a9:3e:c8:98:77:92:a0:d2:e4:0f:4e:97:
cd:6c:5a:55:7a:bb:be:ec:1a:13:85:e3:da:67:bf:16:20:23:
28:fc:62:da:6c:78:4b:5e:89:d4:c2:eb:19:98:82:91:c7:f8:
31:3a:df:37:bb:40:e3:11:6f:48:55:59:b9:10:c0:c2:88:34:
5a:a6:b7:f1:0b:ea:01:9e:36:26:e2:32:9a:ee:99:56:9c:a4:
29:73:1b:f0:91:81:a3:0a:e7:d4:57:5c:5d:b2:a4:22:61:d6:
1a:f7:7f:27:5c:e4:d9:14:d2:0a:40:87:c0:86:59:c9:c8:db:
04:65:71:bb:f4:b2:79:8d:1e:21:1c:47:0b:bc:f1:38:d7:9f:
3c:57:f6:8f:5c:5f:da:4d:cd:85:cd:5f:f3:9a:4b:2a:a4:7a:
f0:7d:05:8d:a1:8b:f6:2e:7b:5e:8d:30:ac:9e:27:ad:74:d2:
2e:b9:d3:ad:e2:eb:23:3d:7c:89:19:6f:a7:1f:49:44:8f:25:
9e:33:ce:6a:b1:12:55:94:61:a9:a5:c3:50:26:dd:9e:53:2d:
eb:16:6d:54:8f:d6:c4:08:32:28:42:9e:1f:3e:c4:d7:65:9e:
87:36:d2:6f
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYRlekrZCZGANQE68ZcpCCzvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTExMDY1NzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGViMDJiMWVjYjAxZDIxMWNhMTUwODNhNjdhYzRkYjVlYjc1MGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm8TZSsyqY/n5NIuKvi+P6hZkxpSS
MyuDulh2Tk3ibvyrEvRMb6SuuOrUMhDPc55Nw6GOYYm3mM5VmkAf+NaEr0/hAF1b
uPlrG8FxWENrIDrr14eq9kY2dtHOGT+chLJHPqLzf8QMmgdrAKrCqaEKxQO0lVFW
Sf1KymmJbhs9p4NHJg4gqZ6+elXw9RmepTPYd7x8A9b6Vf0v6RPw7+h4aFmsIJSu
PQIueOCYn+NGrh8cXo/P+RExm42rg/ZOcA0BXH6CWVSOoSD3+IOqQE7yFclNjAot
zJdhzxzeZQAF8tONLikUli9Sw83iZ486bn16czapGVvHamwe0YC//c7t2QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFPjrArHssB0hHKFQg6Z6xNtet1DCMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1Pc0NzZXl3SFNFY29WQ0RwbnJFMjE2M1VNSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBRBggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAFQgQAME
AFQgRgMEAFQgUgMEAFjYEgMEAFjYKgMEAFjYYAMEAFjYgDAMAwQAWNi5AwQAWNi6
MA0GCSqGSIb3DQEBCwUAA4IBAQA/0AfupFRJtc7icOhJ/aAhx5RUxXxMKvKpPsiY
d5Kg0uQPTpfNbFpVeru+7BoThePaZ78WICMo/GLabHhLXonUwusZmIKRx/gxOt83
u0DjEW9IVVm5EMDCiDRaprfxC+oBnjYm4jKa7plWnKQpcxvwkYGjCufUV1xdsqQi
YdYa938nXOTZFNIKQIfAhlnJyNsEZXG79LJ5jR4hHEcLvPE41588V/aPXF/aTc2F
zV/zmksqpHrwfQWNoYv2LntejTCsnietdNIuudOt4usjPXyJGW+nH0lEjyWeM85q
sRJVlGGppcNQJt2eUy3rFm1Uj9bECDIoQp4fPsTXZZ6HNtJv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org