Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3dS_tQ7G-KBaXV3dV9A3_J2x7ZU.roa
File: 3dS_tQ7G-KBaXV3dV9A3_J2x7ZU.roa (raw, json)
Hash identifier: tPxJ9VafMiTQgqT5+EVpwU1vtUxGPTamkbz3zVJpmHc=
Subject key identifier: DD:D4:BF:B5:0E:C6:F8:A0:5A:5D:5D:DD:57:D0:37:FC:9D:B1:ED:95
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183C1EB2589F112E4FC7E21595EDDCF85CD
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3dS_tQ7G-KBaXV3dV9A3_J2x7ZU.roa
Signing time: Mon 10 Oct 2022 12:42:36 +0000
ROA not before: Mon 10 Oct 2022 12:42:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.90.0/23 maxlen: 24
84.32.88.0/23 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
84.32.24.0/22 maxlen: 22
88.216.134.0/24 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.28.0/22 maxlen: 22
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.16.0/23 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c1:eb:25:89:f1:12:e4:fc:7e:21:59:5e:dd:cf:85:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 10 12:42:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ddd4bfb50ec6f8a05a5d5ddd57d037fc9db1ed95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:6d:83:79:58:11:f8:65:01:f6:5b:9b:ab:04:
fd:a2:cc:75:07:23:21:02:44:a3:2f:27:91:b9:3c:
f5:ab:94:8f:73:b0:dc:64:b5:12:74:97:9d:07:f8:
c3:d6:1d:7d:2f:f0:40:03:27:02:44:7b:62:b3:0d:
d5:47:dd:48:fc:1f:20:10:6f:46:82:44:3d:0e:8c:
28:d1:e3:85:9b:ad:4a:b1:cc:3b:d9:84:83:e7:c7:
7a:e6:f2:8f:63:70:b8:ca:d8:8b:7c:6c:e0:60:a7:
26:9e:1f:3c:01:1d:0d:a2:f5:67:71:7a:3d:0f:fa:
48:df:9b:e2:23:c5:e5:0b:6d:fb:e9:3e:15:1a:f5:
8d:3b:a8:7c:0c:68:0c:ea:3a:7a:df:b4:92:01:7f:
95:98:bc:67:4f:89:0d:33:11:fe:70:5d:f7:f2:cd:
3a:12:1f:27:08:6f:c8:3b:ac:0c:e8:99:d7:e8:db:
6e:3b:af:7f:5d:2b:73:e6:49:11:e8:65:0a:6b:72:
24:92:f1:66:68:d0:28:e1:b4:bd:7f:b0:f7:16:1f:
1f:23:2e:4e:6f:3c:a6:ab:1e:d4:2b:01:47:2b:27:
64:d0:f3:c3:b5:3e:b7:33:93:1e:6b:66:db:f8:c1:
32:27:6d:2b:44:58:0d:b6:0e:fe:06:e1:79:aa:b1:
95:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:D4:BF:B5:0E:C6:F8:A0:5A:5D:5D:DD:57:D0:37:FC:9D:B1:ED:95
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/3dS_tQ7G-KBaXV3dV9A3_J2x7ZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/21
84.32.88.0/22
88.216.16.0/23
88.216.33.0/24
88.216.44.0/23
88.216.92.0/22
88.216.128.0/24
88.216.131.0-88.216.135.255
88.216.224.0/22
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
04:93:81:24:bc:60:6d:e9:21:0e:d4:f6:de:72:b4:ba:22:81:
50:ee:65:2a:fb:62:3a:e9:a4:f6:40:a2:14:03:89:32:f9:5a:
46:ce:97:2c:12:e4:e9:f9:3e:50:4a:5a:8b:29:14:c3:4e:84:
98:d6:47:ea:99:70:55:e6:da:fe:e6:5b:38:27:30:50:ad:f6:
ca:1c:74:0c:f0:c1:a9:0b:41:91:df:ad:be:4f:83:b5:c2:8d:
b0:2f:1c:df:a1:35:a6:6e:4b:32:aa:ce:57:e0:7b:a7:ef:a6:
d8:b3:ea:45:1f:30:a2:f9:32:de:84:3c:c3:2d:78:32:ed:40:
73:e4:26:c4:1d:7f:e3:40:1e:27:c1:f8:ba:68:4c:57:c2:aa:
84:fa:82:96:85:ed:7c:86:57:04:f1:d0:8d:21:ab:37:2b:9e:
78:91:08:80:1a:09:d6:1c:fb:c8:0d:62:84:b6:5e:f1:93:77:
d2:ad:ad:1a:89:12:bf:a8:f7:17:a0:b3:e9:8b:45:94:55:ef:
20:03:16:50:70:2f:66:ea:0a:94:e7:38:06:f6:c7:cd:2b:7b:
10:82:47:33:5b:d7:f1:e4:1b:13:d2:56:11:b7:df:42:8e:70:
a8:ef:f7:20:2b:2b:76:c2:14:68:c0:7d:c8:e2:c9:71:75:83:
c8:29:ae:cc
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYPB6yWJ8RLk/H4hWV7dz4XNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDEwMTI0MjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZGQ0YmZiNTBlYzZmOGEwNWE1ZDVkZGQ1N2QwMzdmYzlkYjFlZDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh22DeVgR+GUB9lubqwT9osx1ByMh
AkSjLyeRuTz1q5SPc7DcZLUSdJedB/jD1h19L/BAAycCRHtisw3VR91I/B8gEG9G
gkQ9Dowo0eOFm61Kscw72YSD58d65vKPY3C4ytiLfGzgYKcmnh88AR0NovVncXo9
D/pI35viI8XlC2376T4VGvWNO6h8DGgM6jp637SSAX+VmLxnT4kNMxH+cF338s06
Eh8nCG/IO6wM6JnX6NtuO69/XStz5kkR6GUKa3IkkvFmaNAo4bS9f7D3Fh8fIy5O
bzymqx7UKwFHKydk0PPDtT63M5Mea2bb+MEyJ20rRFgNtg7+BuF5qrGV6QIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFN3Uv7UOxvigWl1d3VfQN/ydse2VMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvM2RTX3RRN0ctS0JhWFYzZFY5QTNfSjJ4N1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQDVCAYAwQC
VCBYAwQBWNgQAwQAWNghAwQBWNgsAwQCWNhcAwQAWNiAMAwDBABY2IMDBANY2IAD
BAJY2OADBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAASTgSS8YG3pIQ7U9t5ytLoi
gVDuZSr7YjrppPZAohQDiTL5WkbOlywS5On5PlBKWospFMNOhJjWR+qZcFXm2v7m
WzgnMFCt9socdAzwwakLQZHfrb5Pg7XCjbAvHN+hNaZuSzKqzlfge6fvptiz6kUf
MKL5Mt6EPMMteDLtQHPkJsQdf+NAHifB+LpoTFfCqoT6gpaF7XyGVwTx0I0hqzcr
nniRCIAaCdYc+8gNYoS2XvGTd9KtrRqJEr+o9xegs+mLRZRV7yADFlBwL2bqCpTn
OAb2x80rexCCRzNb1/HkGxPSVhG330KOcKjv9yArK3bCFGjAfcjiyXF1g8gprsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org