Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-fyegMGAVorFehfRtvxqAWVtDr0.roa
File: 1-fyegMGAVorFehfRtvxqAWVtDr0.roa (raw, json)
Hash identifier: WlazJBH0T1OeApe/DOLYT2zAQJJ6XiNXfTX6t24u/AI=
Subject key identifier: F9:FC:9E:80:C1:80:56:8A:C5:7A:17:D1:B6:FC:6A:01:65:6D:0E:BD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01855D0FEE2AA826869788EA966F1861E873
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-fyegMGAVorFehfRtvxqAWVtDr0.roa
Signing time: Thu 29 Dec 2022 08:46:43 +0000
ROA not before: Thu 29 Dec 2022 08:46:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5d:0f:ee:2a:a8:26:86:97:88:ea:96:6f:18:61:e8:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 29 08:46:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f9fc9e80c180568ac57a17d1b6fc6a01656d0ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ec:fb:33:77:08:b9:2d:a4:e0:d9:b8:36:56:
17:25:11:c9:05:15:2e:65:2b:27:42:14:52:9d:af:
65:76:1e:4f:dc:68:ee:1a:33:61:17:0f:60:2e:9c:
10:eb:e1:85:f2:ad:bc:a3:94:5c:47:07:e5:2c:83:
b0:cc:f6:52:fc:d8:2c:26:fc:d4:5d:70:68:22:ea:
c9:12:d1:ae:97:d3:59:d7:a8:f0:39:e5:91:13:53:
4a:9e:b5:0e:a4:96:95:10:4e:e8:9b:f2:c0:b1:51:
57:80:9d:9e:4d:96:c1:ca:0f:8f:c6:0c:ee:8e:22:
6f:54:45:62:4e:f9:ea:a4:e2:9e:a8:8e:56:8b:5f:
d4:2d:91:cb:23:8f:ba:07:19:ed:ac:4e:11:ff:8e:
ae:03:35:08:e4:a0:1f:6b:b5:e0:18:bd:5b:0f:b2:
27:9b:f6:28:5b:29:8f:1c:82:8a:0f:66:cb:f2:3d:
e6:05:e7:87:64:79:ab:4f:1d:61:16:5e:f4:07:4f:
4a:d9:73:53:11:f0:cd:12:cc:a9:53:94:3a:55:ae:
9a:85:9e:fe:60:e0:3d:af:98:8b:7e:1b:b9:20:ef:
a2:1d:b7:9c:05:3e:09:88:fe:e9:a3:f1:40:7d:74:
34:e8:49:a9:cd:fa:1b:c8:41:a4:38:d8:cd:d4:c5:
0e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:FC:9E:80:C1:80:56:8A:C5:7A:17:D1:B6:FC:6A:01:65:6D:0E:BD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1-fyegMGAVorFehfRtvxqAWVtDr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.57.0/24
84.32.85.0/24
84.32.91.0/24
88.216.38.0/23
88.216.93.0/24
88.216.101.0/24
88.216.130.0/24
Signature Algorithm: sha256WithRSAEncryption
93:61:b0:82:85:4e:61:60:7c:5c:5e:ad:25:61:e4:77:e1:63:
87:e0:6c:1a:58:a8:da:36:69:97:3a:6f:77:cc:a9:0a:df:91:
85:d5:75:89:e1:f5:90:8e:e3:bb:62:7f:13:04:74:1e:35:b9:
81:91:aa:d6:ad:48:aa:53:84:75:c5:a7:76:5e:1b:75:82:03:
07:ea:c8:37:4e:1c:be:ec:01:b9:c2:b2:2f:2f:00:60:04:1b:
e4:3f:fa:74:e0:72:73:fd:ba:a5:0a:2d:95:5f:0b:07:c2:fa:
f3:9e:4c:fb:56:1d:ce:e8:83:be:75:11:12:da:49:b7:12:2c:
fd:50:b8:43:a1:e7:e8:8b:62:c8:2f:2f:55:cd:0c:e5:d0:e6:
84:70:af:42:db:54:04:ca:fe:8c:41:61:ad:c3:e0:1e:27:b0:
4b:c1:44:12:b7:f5:e3:5f:ae:47:f3:07:76:66:07:fa:93:43:
33:ac:57:80:56:96:14:69:8b:37:59:7f:3f:e3:9f:b0:ba:0d:
c6:e5:19:79:6a:bc:72:83:ba:86:97:e9:9f:55:2d:77:7b:d7:
6f:e2:d9:18:fc:f8:ff:da:59:42:4c:cf:66:6f:77:7d:46:d3:
f9:94:7b:cf:59:1c:20:86:dc:2f:73:9b:21:4b:26:f0:b3:1f:
e5:4a:7e:cc
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVdD+4qqCaGl4jqlm8YYehzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjI5MDg0NjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWZjOWU4MGMxODA1NjhhYzU3YTE3ZDFiNmZjNmEwMTY1NmQwZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguz7M3cIuS2k4Nm4NlYXJRHJBRUu
ZSsnQhRSna9ldh5P3GjuGjNhFw9gLpwQ6+GF8q28o5RcRwflLIOwzPZS/NgsJvzU
XXBoIurJEtGul9NZ16jwOeWRE1NKnrUOpJaVEE7om/LAsVFXgJ2eTZbByg+Pxgzu
jiJvVEViTvnqpOKeqI5Wi1/ULZHLI4+6BxntrE4R/46uAzUI5KAfa7XgGL1bD7In
m/YoWymPHIKKD2bL8j3mBeeHZHmrTx1hFl70B09K2XNTEfDNEsypU5Q6Va6ahZ7+
YOA9r5iLfhu5IO+iHbecBT4JiP7po/FAfXQ06EmpzfobyEGkONjN1MUOtwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPn8noDBgFaKxXoX0bb8agFlbQ69MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMS1meWVnTUdBVm9yRmVoZlJ0dnhxQVdWdERyMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFj
My8xL1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAFQgOQME
AFQgVQMEAFQgWwMEAVjYJgMEAFjYXQMEAFjYZQMEAFjYgjANBgkqhkiG9w0BAQsF
AAOCAQEAk2GwgoVOYWB8XF6tJWHkd+Fjh+BsGlio2jZplzpvd8ypCt+RhdV1ieH1
kI7ju2J/EwR0HjW5gZGq1q1IqlOEdcWndl4bdYIDB+rIN04cvuwBucKyLy8AYAQb
5D/6dOByc/26pQotlV8LB8L6855M+1YdzuiDvnUREtpJtxIs/VC4Q6Hn6ItiyC8v
Vc0M5dDmhHCvQttUBMr+jEFhrcPgHiewS8FEErf141+uR/MHdmYH+pNDM6xXgFaW
FGmLN1l/P+OfsLoNxuUZeWq8coO6hpfpn1Utd3vXb+LZGPz4/9pZQkzPZm93fUbT
+ZR7z1kcIIbcL3ObIUsm8LMf5Up+zA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org