Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/47cmDQeqN1e5OLhYR64sD92wquo.roa
File: 47cmDQeqN1e5OLhYR64sD92wquo.roa (raw, json)
Hash identifier: VgXvQsqm4VYRsS1foILxM8fw3vplyxmICu1iLU1TwlE=
Subject key identifier: E3:B7:26:0D:07:AA:37:57:B9:38:B8:58:47:AE:2C:0F:DD:B0:AA:EA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018524663141028F330C44F2B05080CFD81F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/47cmDQeqN1e5OLhYR64sD92wquo.roa
Signing time: Sun 18 Dec 2022 08:42:35 +0000
ROA not before: Sun 18 Dec 2022 08:42:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:24:66:31:41:02:8f:33:0c:44:f2:b0:50:80:cf:d8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 18 08:42:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3b7260d07aa3757b938b85847ae2c0fddb0aaea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:50:be:11:91:d7:df:63:91:84:76:3f:39:b6:
3f:f7:25:5e:aa:a7:b1:57:c1:81:04:58:c6:09:75:
48:36:1c:dd:55:42:28:f6:9b:67:2a:c4:ef:ff:e0:
4e:61:94:07:fc:e7:ef:84:f3:c7:2d:68:72:b0:76:
4b:ba:75:2d:8f:90:ad:4e:65:9f:1a:ed:b9:42:32:
34:68:50:0b:1b:df:68:00:7f:b5:e0:cd:e2:7c:8c:
4b:a5:0d:4b:bc:26:29:e8:46:4b:31:85:11:46:bd:
b3:89:a7:b9:4f:87:06:aa:c5:e2:f8:bc:50:f6:88:
26:e3:c5:a3:3a:a7:19:ea:8a:81:33:05:a5:2f:44:
09:79:ab:85:5d:08:9e:26:11:56:fd:d9:f2:bd:59:
3c:c7:a6:95:06:5c:bb:5b:34:9c:bb:fb:5e:31:63:
7b:1b:a3:bc:6e:21:a1:95:ce:59:7d:0f:15:b6:9a:
f2:83:0c:68:60:d6:ff:ce:2d:f6:88:ea:83:41:13:
a4:3f:ec:e7:1f:11:da:37:ef:81:04:f0:01:4b:22:
25:5b:1e:6f:ca:18:0d:88:a5:e3:93:dd:4e:f1:06:
f3:d9:27:c6:b4:19:be:59:89:51:ed:fc:a9:ff:e4:
6c:22:bb:ba:cd:95:d5:52:a3:8d:5a:c5:e4:e1:8a:
0e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:B7:26:0D:07:AA:37:57:B9:38:B8:58:47:AE:2C:0F:DD:B0:AA:EA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/47cmDQeqN1e5OLhYR64sD92wquo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
84.32.70.0/24
88.216.96.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
2d:57:cc:8c:02:19:fa:7f:cd:26:ef:20:62:c5:7b:13:6a:8c:
24:7d:1b:7a:0a:60:03:25:70:7f:54:9c:61:94:1f:a3:fd:ff:
eb:c4:bc:a1:d2:a7:b5:aa:72:a7:28:f2:53:14:4f:85:f8:cd:
c7:13:8e:25:26:2e:2c:76:f2:a5:cc:e3:a5:ec:b7:8c:d5:4e:
96:82:93:90:f3:55:eb:f4:48:83:75:eb:47:89:bf:21:8f:a2:
03:07:bf:df:24:03:a0:9a:42:cc:69:53:20:69:e8:f4:75:aa:
78:ba:8c:ad:10:cc:bb:1c:2c:2a:67:9b:d0:56:cf:ca:99:40:
91:27:86:3d:5e:cc:24:81:7b:9a:b6:aa:f5:87:88:54:de:38:
2e:e1:90:f9:85:18:16:7e:09:0a:e1:20:a7:ff:10:d8:77:e2:
e5:36:4f:9f:57:77:94:cf:7f:8d:b3:d0:70:bb:6c:a0:18:60:
a1:0b:1c:3a:95:6f:6e:1d:a1:06:93:d7:68:a9:04:72:b6:1f:
e1:78:18:f8:0b:e6:24:5b:6c:70:41:ed:7b:20:27:40:aa:9a:
6f:bf:85:19:ec:18:61:e0:a9:f1:45:11:00:a0:5e:84:b7:a8:
df:e8:dd:9a:81:2a:8c:47:6f:88:53:e7:24:42:68:44:6f:4e:
ab:69:59:b5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYUkZjFBAo8zDETysFCAz9gfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE4MDg0MjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2I3MjYwZDA3YWEzNzU3YjkzOGI4NTg0N2FlMmMwZmRkYjBhYWVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjFC+EZHX32ORhHY/ObY/9yVeqqex
V8GBBFjGCXVINhzdVUIo9ptnKsTv/+BOYZQH/OfvhPPHLWhysHZLunUtj5CtTmWf
Gu25QjI0aFALG99oAH+14M3ifIxLpQ1LvCYp6EZLMYURRr2ziae5T4cGqsXi+LxQ
9ogm48WjOqcZ6oqBMwWlL0QJeauFXQieJhFW/dnyvVk8x6aVBly7WzScu/teMWN7
G6O8biGhlc5ZfQ8VtprygwxoYNb/zi32iOqDQROkP+znHxHaN++BBPABSyIlWx5v
yhgNiKXjk91O8Qbz2SfGtBm+WYlR7fyp/+RsIru6zZXVUqONWsXk4YoOzwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOO3Jg0HqjdXuTi4WEeuLA/dsKrqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNDdjbURRZXFOMWU1T0xoWVI2NHNEOTJ3cXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVCBAAwQA
VCBGAwQAWNhgMAwDBABY2LkDBABY2LowDQYJKoZIhvcNAQELBQADggEBAC1XzIwC
Gfp/zSbvIGLFexNqjCR9G3oKYAMlcH9UnGGUH6P9/+vEvKHSp7Wqcqco8lMUT4X4
zccTjiUmLix28qXM46Xst4zVTpaCk5DzVev0SIN160eJvyGPogMHv98kA6CaQsxp
UyBp6PR1qni6jK0QzLscLCpnm9BWz8qZQJEnhj1ezCSBe5q2qvWHiFTeOC7hkPmF
GBZ+CQrhIKf/ENh34uU2T59Xd5TPf42z0HC7bKAYYKELHDqVb24doQaT12ipBHK2
H+F4GPgL5iRbbHBB7XsgJ0Cqmm+/hRnsGGHgqfFFEQCgXoS3qN/o3ZqBKoxHb4hT
5yRCaERvTqtpWbU=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org