Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3KahNBLmzoMGPvO8qQnIjEhU7Mo.roa
File: 3KahNBLmzoMGPvO8qQnIjEhU7Mo.roa (raw, json)
Hash identifier: cfP4K5Q82BmnERTLZEMUgAf+QFF95Z4fuhdavQudNAE=
Subject key identifier: DC:A6:A1:34:12:E6:CE:83:06:3E:F3:BC:A9:09:C8:8C:48:54:EC:CA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01570632
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3KahNBLmzoMGPvO8qQnIjEhU7Mo.roa
Signing time: Wed 01 Jun 2022 15:44:20 +0000
ROA not before: Wed 01 Jun 2022 15:44:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
88.216.0.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22480434 (0x1570632)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 1 15:44:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=dca6a13412e6ce83063ef3bca909c88c4854ecca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ea:3d:7e:2f:9b:d7:34:8a:b5:3a:1b:28:72:
01:ba:ed:c3:58:0d:dc:1b:f7:75:74:c4:47:bc:6f:
9c:dd:77:04:fd:e8:cb:ea:02:a4:f8:50:10:05:16:
06:dd:61:b7:4e:db:03:b0:f2:21:a6:23:f3:dc:ef:
7d:b5:d4:31:5c:db:9e:c9:fb:b2:56:23:7d:63:67:
39:96:ec:a2:75:45:9d:c2:b2:e6:92:e2:44:88:fe:
ad:e9:3f:95:31:91:2b:41:ce:09:52:31:5d:76:40:
df:6d:63:7e:7d:e6:06:b6:be:4a:d8:10:c8:31:8c:
91:88:6e:87:2f:66:e9:dd:bd:07:45:5c:c7:d7:cd:
c2:9c:be:96:15:9d:7b:f4:83:83:2b:96:e5:53:36:
a9:24:3a:ec:97:c4:84:76:4d:1c:41:ce:1a:28:b7:
29:6a:24:97:62:5c:c4:db:37:64:d0:4b:a9:dd:81:
85:c7:e9:0e:a1:e2:90:97:fe:b5:a4:98:af:27:78:
cf:33:b8:07:53:34:91:48:e0:a0:21:58:c5:80:37:
86:82:e3:a9:77:f6:c7:21:64:52:bf:f2:c1:6e:46:
c3:c2:cf:a6:dc:8f:e4:fa:27:c8:d9:b2:18:d1:55:
da:43:d0:b2:58:01:cd:91:af:fa:7b:14:80:2a:f9:
71:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:A6:A1:34:12:E6:CE:83:06:3E:F3:BC:A9:09:C8:8C:48:54:EC:CA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3KahNBLmzoMGPvO8qQnIjEhU7Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.64.0/21
88.216.0.0/22
88.216.196.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:cd:e9:5d:49:eb:75:4d:b6:74:5c:b7:3f:d3:3c:5d:ba:7f:
78:dd:cc:3c:6d:da:e1:3c:8a:4b:0b:66:ab:d0:98:66:1e:89:
ab:74:27:54:49:4a:e7:0c:4c:4e:4a:08:b9:fe:cd:e3:ae:b3:
ef:e6:ad:ff:9e:35:c4:66:26:57:81:8c:5f:f7:6b:21:95:3f:
b9:20:4b:bd:d9:ce:ea:6c:e0:5f:1e:b2:51:a7:71:c4:7a:f4:
db:cc:f0:a3:55:f1:e3:12:e9:17:ac:af:9a:90:9f:4a:b7:14:
7a:8f:d3:2d:f6:81:df:9e:8d:d8:43:7e:65:60:a3:ec:8e:b8:
02:2b:4c:7c:1d:f6:dd:9c:32:b4:e0:c3:fc:d2:bc:26:d2:8d:
45:f2:85:29:b1:0b:bd:e3:c7:ff:06:e8:b9:16:8b:d0:fa:47:
e2:b9:24:0c:cc:81:18:1e:34:ca:45:ea:95:85:13:fc:db:20:
81:cd:24:31:a3:22:21:bf:b9:f9:33:e9:ee:91:8f:58:5e:78:
8d:8f:a9:53:f7:23:d6:18:20:24:f8:cc:74:00:91:81:b5:ff:
e5:b2:0b:1a:23:b2:96:fd:11:5d:b3:1a:ef:9c:a9:9e:70:9d:
6f:b4:d7:ea:0a:a4:c0:4c:56:66:55:04:59:63:9c:d3:ee:55:
b6:84:e9:e3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEAVcGMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDYw
MTE1NDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZGNhNmExMzQxMmU2
Y2U4MzA2M2VmM2JjYTkwOWM4OGM0ODU0ZWNjYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKbqPX4vm9c0irU6GyhyAbrtw1gN3Bv3dXTER7xvnN13BP3o
y+oCpPhQEAUWBt1ht07bA7DyIaYj89zvfbXUMVzbnsn7slYjfWNnOZbsonVFncKy
5pLiRIj+rek/lTGRK0HOCVIxXXZA321jfn3mBra+StgQyDGMkYhuhy9m6d29B0Vc
x9fNwpy+lhWde/SDgyuW5VM2qSQ67JfEhHZNHEHOGii3KWokl2JcxNs3ZNBLqd2B
hcfpDqHikJf+taSYryd4zzO4B1M0kUjgoCFYxYA3hoLjqXf2xyFkUr/ywW5Gw8LP
ptyP5PonyNmyGNFV2kPQslgBzZGv+nsUgCr5cZECAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBTcpqE0EubOgwY+87ypCciMSFTsyjAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzNLYWhOQkxtem9NR1B2TzhxUW5JakVoVTdNby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIDAMAwQCVCAEAwQCVCAIAwQDVCBAAwQC
WNgAAwQCWNjEMA0GCSqGSIb3DQEBCwUAA4IBAQAPzeldSet1TbZ0XLc/0zxdun94
3cw8bdrhPIpLC2ar0JhmHomrdCdUSUrnDExOSgi5/s3jrrPv5q3/njXEZiZXgYxf
92shlT+5IEu92c7qbOBfHrJRp3HEevTbzPCjVfHjEukXrK+akJ9KtxR6j9Mt9oHf
no3YQ35lYKPsjrgCK0x8HfbdnDK04MP80rwm0o1F8oUpsQu948f/Bui5FovQ+kfi
uSQMzIEYHjTKReqVhRP82yCBzSQxoyIhv7n5M+nukY9YXniNj6lT9yPWGCAk+Mx0
AJGBtf/lsgsaI7KW/RFdsxrvnKmecJ1vtNfqCqTATFZmVQRZY5zT7lW2hOnj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org