Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAlinOr_xpnwOKUiXFJIdFpGCM.roa
File: 1BAlinOr_xpnwOKUiXFJIdFpGCM.roa (raw, json)
Hash identifier: MSfJL+Pq8u1ceTuRbkqmqLWfTjLMkrbOo/Lpm1JM/uo=
Subject key identifier: D4:10:25:8A:73:AB:FF:1A:67:C0:E2:94:89:71:49:21:D1:69:18:23
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184ADA259B90E42389A41EF37B39E0C80A1
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAlinOr_xpnwOKUiXFJIdFpGCM.roa
Signing time: Fri 25 Nov 2022 07:13:28 +0000
ROA not before: Fri 25 Nov 2022 07:13:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.212.0/22 maxlen: 24
84.32.210.0/23 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.232.0/23 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.236.0/23 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.252.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ad:a2:59:b9:0e:42:38:9a:41:ef:37:b3:9e:0c:80:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 25 07:13:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d410258a73abff1a67c0e29489714921d1691823
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:bf:0d:3d:92:a6:9c:96:1e:15:26:77:55:63:
29:07:d9:73:18:67:d3:c4:1f:b9:bb:63:43:5e:ac:
39:c5:9d:ec:9d:66:81:85:21:04:e4:25:52:30:f0:
c0:0e:7b:75:b4:26:a0:bc:0b:7f:4a:88:b2:2f:e3:
25:ed:6b:5e:6b:7a:ad:25:03:2f:aa:8a:22:66:fc:
93:55:56:3b:cc:b7:5f:74:cc:43:d1:b2:8d:f5:4d:
21:6e:4c:b5:59:fc:65:b7:e4:b4:da:d7:e5:cb:44:
d3:93:02:4c:6e:54:0d:94:57:c7:55:5d:cf:1d:1a:
44:d7:0f:0d:55:c3:bc:c7:5a:39:4d:67:a9:1e:93:
8d:ba:ca:c5:12:e6:3e:3d:3d:83:fc:64:8a:dc:fa:
57:e2:fc:6e:b7:38:41:d2:ac:d1:7e:7f:15:2e:a3:
f0:e1:a4:22:8f:10:b3:fe:38:d6:6e:6b:96:e6:77:
07:8c:1e:e7:89:b1:ab:4c:6d:6a:21:74:66:f3:ad:
76:72:f6:95:d0:58:f4:2b:16:e9:9d:2c:1d:8b:56:
3d:b2:9f:5d:a0:52:c9:e1:59:b0:7f:40:f6:a6:fc:
6b:c7:28:db:5a:28:5d:e1:f8:6d:2e:95:89:0c:19:
b0:23:68:20:a9:a6:c8:dc:4c:90:33:cf:eb:ca:ac:
1f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:10:25:8A:73:AB:FF:1A:67:C0:E2:94:89:71:49:21:D1:69:18:23
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/1BAlinOr_xpnwOKUiXFJIdFpGCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/22
84.32.214.0/23
84.32.232.0/23
84.32.236.0/23
84.32.246.0/23
84.32.252.0/23
88.216.212.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
43:3f:fe:20:36:6e:e4:01:58:92:7b:29:7c:cd:e7:36:5c:81:
b6:85:9b:76:bc:49:70:6a:6e:14:00:3c:7e:98:80:ce:ac:84:
c2:e0:1f:dc:c1:1e:2f:59:f8:c7:1c:64:84:e8:21:23:b8:11:
40:1d:a3:2d:4b:a8:fd:bd:b4:f1:d6:f7:1a:ca:10:ee:f2:73:
9e:14:e9:46:ba:24:0a:9d:d7:f4:fa:ea:90:96:2e:ae:42:5b:
1c:a2:4d:06:18:88:11:73:fd:41:ee:7d:83:a4:b5:b4:06:f1:
63:bf:ac:c4:3a:55:58:b0:50:65:07:c4:30:f6:5e:d6:35:d0:
be:e1:e9:5c:93:17:ab:50:e3:9c:32:71:71:c0:39:76:1b:c2:
6c:d0:b1:93:2c:7f:6f:79:70:5a:f0:1b:a0:2f:84:41:54:15:
58:05:4f:34:da:70:d0:c6:1c:4b:eb:b7:cd:39:d8:4a:08:87:
06:ef:39:7f:75:58:ac:5b:54:b9:99:4b:0b:dc:41:19:d6:d8:
d1:d1:3e:44:92:09:d0:62:dd:0c:70:c6:b7:d2:dd:5a:30:cb:
32:cf:a0:ee:51:3a:3f:a8:00:f0:11:49:92:52:cd:4b:a2:8e:
5e:f0:49:e2:58:36:c7:2f:cd:c1:96:65:2d:8a:52:b5:e9:7a:
cd:c0:18:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYStolm5DkI4mkHvN7OeDIChMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI1MDcxMzI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDEwMjU4YTczYWJmZjFhNjdjMGUyOTQ4OTcxNDkyMWQxNjkxODIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArr8NPZKmnJYeFSZ3VWMpB9lzGGfT
xB+5u2NDXqw5xZ3snWaBhSEE5CVSMPDADnt1tCagvAt/SoiyL+Ml7Wtea3qtJQMv
qooiZvyTVVY7zLdfdMxD0bKN9U0hbky1Wfxlt+S02tfly0TTkwJMblQNlFfHVV3P
HRpE1w8NVcO8x1o5TWepHpONusrFEuY+PT2D/GSK3PpX4vxutzhB0qzRfn8VLqPw
4aQijxCz/jjWbmuW5ncHjB7nibGrTG1qIXRm8612cvaV0Fj0KxbpnSwdi1Y9sp9d
oFLJ4Vmwf0D2pvxrxyjbWihd4fhtLpWJDBmwI2ggqabI3EyQM8/ryqwfzwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNQQJYpzq/8aZ8DilIlxSSHRaRgjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMUJBbGluT3JfeHBud09LVWlYRkpJZEZwR0NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCVCDQAwQB
VCDWAwQBVCDoAwQBVCDsAwQBVCD2AwQBVCD8AwQCWNjUAwQCWNjsMA0GCSqGSIb3
DQEBCwUAA4IBAQBDP/4gNm7kAViSeyl8zec2XIG2hZt2vElwam4UADx+mIDOrITC
4B/cwR4vWfjHHGSE6CEjuBFAHaMtS6j9vbTx1vcayhDu8nOeFOlGuiQKndf0+uqQ
li6uQlscok0GGIgRc/1B7n2DpLW0BvFjv6zEOlVYsFBlB8Qw9l7WNdC+4elckxer
UOOcMnFxwDl2G8Js0LGTLH9veXBa8BugL4RBVBVYBU802nDQxhxL67fNOdhKCIcG
7zl/dVisW1S5mUsL3EEZ1tjR0T5EkgnQYt0McMa30t1aMMsyz6DuUTo/qADwEUmS
Us1Loo5e8EniWDbHL83BlmUtilK16XrNwBgp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org