Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HxrGsknav4p_LzE0AKrpOfcwf8.roa
File: 2HxrGsknav4p_LzE0AKrpOfcwf8.roa (raw, json)
Hash identifier: xQree3MAoYvGzumXj9kTgziRQJ4nkOsCRydmUzVVf9A=
Subject key identifier: D8:7C:6B:1A:C9:27:6A:FE:29:FC:BC:C4:D0:02:AB:A4:E7:DC:C1:FF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184804915B8D707B7E90F3F63B3E62CEE40
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HxrGsknav4p_LzE0AKrpOfcwf8.roa
Signing time: Wed 16 Nov 2022 11:53:04 +0000
ROA not before: Wed 16 Nov 2022 11:53:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 88.216.189.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.234.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:49:15:b8:d7:07:b7:e9:0f:3f:63:b3:e6:2c:ee:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 16 11:53:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d87c6b1ac9276afe29fcbcc4d002aba4e7dcc1ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:11:a0:a7:a5:3b:3a:db:90:de:b9:1d:2e:d8:
a4:82:1c:86:81:cc:82:98:a4:bd:d4:37:f5:5a:dc:
a4:f9:66:fd:a7:36:f6:c8:7c:24:dd:ad:46:09:8a:
d4:4b:05:a1:b3:0a:da:f4:ad:34:23:db:00:36:7b:
ab:3b:58:bf:b0:e3:37:35:34:e2:89:0a:40:21:d5:
a2:33:7d:16:05:dd:ad:ee:36:6c:a7:2e:f1:9a:2b:
06:52:67:45:4e:08:9c:f0:eb:9d:e5:40:bc:0b:ec:
c3:c7:17:14:32:31:1b:41:f7:9b:0c:58:ae:b6:16:
22:4b:c8:5a:4d:fd:6d:ac:08:20:ff:d5:0d:65:e3:
ce:fc:87:67:44:fb:9f:47:98:d4:c2:e0:b7:7e:92:
b8:15:6e:a5:f6:3f:8c:73:03:49:2e:3f:15:8c:83:
a0:28:2b:e3:f7:7a:1b:ca:4d:0b:d3:2e:e7:f0:74:
85:7f:d0:e0:fa:a9:75:52:57:e7:de:fe:17:66:1d:
ea:a4:f3:cc:49:44:4b:f8:20:c2:cc:f7:1c:f6:82:
75:c8:ea:6c:17:66:2b:d9:04:03:d1:89:6e:a5:85:
39:3b:90:ed:51:44:de:5a:f4:38:bf:b2:35:77:35:
a6:a8:c2:d1:bf:f7:b8:05:62:f3:e1:d7:13:88:3a:
e2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:7C:6B:1A:C9:27:6A:FE:29:FC:BC:C4:D0:02:AB:A4:E7:DC:C1:FF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2HxrGsknav4p_LzE0AKrpOfcwf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.231.0/24
84.32.234.0/24
88.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:d7:3d:b1:23:33:40:25:66:9f:75:b8:79:c6:c0:47:f5:9d:
95:dc:f6:c5:f9:c8:52:4e:4c:25:c1:21:a0:81:ac:1f:82:b7:
99:ee:35:ff:4a:11:c4:de:54:0e:ef:06:05:f5:8c:75:67:c2:
9a:2d:0e:07:e8:d7:16:8f:ce:64:bb:ae:06:a6:e6:fa:cc:53:
37:5a:2a:da:64:93:8a:05:65:7d:9c:ba:76:48:56:db:6c:ce:
e8:35:40:19:d9:f9:2b:62:6f:54:12:ee:05:19:33:3b:05:0e:
7b:35:42:2d:c1:64:2d:1e:25:bf:51:04:74:87:1d:7b:06:d9:
75:b0:d3:b6:3e:7e:0b:7c:e8:5c:14:f5:43:94:32:64:28:35:
20:b6:e3:91:58:2c:1c:8a:80:82:3b:e9:d5:e1:f4:2e:94:4f:
84:41:96:02:66:a0:32:a3:ad:13:15:d4:e7:cb:fd:d7:fc:6e:
ed:c1:60:03:bc:01:a9:e8:4d:59:ec:4d:b7:59:cd:45:25:d9:
9d:ee:59:5a:8a:af:08:fe:ad:6a:a7:61:36:2c:50:eb:0f:4d:
d1:a4:ef:8b:64:25:1a:93:c3:83:44:17:19:c6:c9:65:c9:8f:
3c:3e:a4:ec:95:87:ee:10:43:97:c6:4d:4e:92:07:21:f3:f7:
93:43:ae:ea
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYSASRW41we36Q8/Y7PmLO5AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE2MTE1MzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODdjNmIxYWM5Mjc2YWZlMjlmY2JjYzRkMDAyYWJhNGU3ZGNjMWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBGgp6U7OtuQ3rkdLtikghyGgcyC
mKS91Df1Wtyk+Wb9pzb2yHwk3a1GCYrUSwWhswra9K00I9sANnurO1i/sOM3NTTi
iQpAIdWiM30WBd2t7jZspy7xmisGUmdFTgic8Oud5UC8C+zDxxcUMjEbQfebDFiu
thYiS8haTf1trAgg/9UNZePO/IdnRPufR5jUwuC3fpK4FW6l9j+McwNJLj8VjIOg
KCvj93obyk0L0y7n8HSFf9Dg+ql1Ulfn3v4XZh3qpPPMSURL+CDCzPcc9oJ1yOps
F2Yr2QQD0YlupYU5O5DtUUTeWvQ4v7I1dzWmqMLRv/e4BWLz4dcTiDriJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNh8axrJJ2r+Kfy8xNACq6Tn3MH/MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMkh4ckdza25hdjRwX0x6RTBBS3JwT2Zjd2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCDnAwQA
VCDqAwQAWNi9MA0GCSqGSIb3DQEBCwUAA4IBAQAs1z2xIzNAJWafdbh5xsBH9Z2V
3PbF+chSTkwlwSGggawfgreZ7jX/ShHE3lQO7wYF9Yx1Z8KaLQ4H6NcWj85ku64G
pub6zFM3WiraZJOKBWV9nLp2SFbbbM7oNUAZ2fkrYm9UEu4FGTM7BQ57NUItwWQt
HiW/UQR0hx17Btl1sNO2Pn4LfOhcFPVDlDJkKDUgtuORWCwcioCCO+nV4fQulE+E
QZYCZqAyo60TFdTny/3X/G7twWADvAGp6E1Z7E23Wc1FJdmd7llaiq8I/q1qp2E2
LFDrD03RpO+LZCUak8ODRBcZxsllyY88PqTslYfuEEOXxk1Okgch8/eTQ67q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org