Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4EjCZBJnSK45_hjU2qGnRWUg_-g.roa
File: 4EjCZBJnSK45_hjU2qGnRWUg_-g.roa (raw, json)
Hash identifier: QgSqHl9umzcilHYvokd5jdZB4NiXv9GQOKMTtdwSfe4=
Subject key identifier: E0:48:C2:64:12:67:48:AE:39:FE:18:D4:DA:A1:A7:45:65:20:FF:E8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: F70DE9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4EjCZBJnSK45_hjU2qGnRWUg_-g.roa
Signing time: Fri 06 May 2022 12:47:07 +0000
ROA not before: Fri 06 May 2022 12:47:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.180.0/22 maxlen: 24
84.32.84.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 16190953 (0xf70de9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 6 12:47:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e048c264126748ae39fe18d4daa1a7456520ffe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d7:f6:a5:0e:80:8f:60:50:f2:4e:8d:f2:fe:
f3:1f:c4:42:82:3b:d3:ca:5d:ec:cd:a8:77:09:8a:
82:28:a9:81:28:ef:a2:1a:b6:15:5f:06:66:3e:9a:
d6:01:b6:9d:ce:7b:47:08:01:0e:a3:57:72:4e:87:
56:19:95:cd:c2:93:86:68:36:08:fb:f3:c3:2a:b5:
e5:7f:09:f9:f3:04:48:d1:1b:bb:a5:8f:f2:c5:62:
43:fd:4e:e6:ee:4c:23:49:3a:04:bb:61:26:e3:69:
7e:8f:56:3e:bc:52:a4:2d:a4:bf:c3:d6:b8:76:28:
6d:cf:f0:17:fb:99:32:23:eb:76:c1:76:13:a1:db:
a6:8a:5b:07:c8:78:a4:00:30:0e:54:f6:53:a7:72:
8f:cf:4c:7a:ea:df:b0:71:9f:c1:3a:48:0d:18:0f:
0f:b8:ce:c6:dd:0a:1c:3c:be:da:70:54:0e:c6:ae:
5d:9e:8b:6f:b7:09:2f:76:61:ad:20:aa:47:ee:1b:
62:27:81:a8:6f:24:67:95:b1:ab:f5:33:07:ba:f5:
b6:b0:a8:7e:59:be:9d:b8:c5:d5:63:ac:d4:cd:7e:
e0:ef:d2:69:b9:af:15:d3:db:6f:8b:1a:42:f0:10:
8c:94:83:43:bf:ee:7d:09:38:69:de:af:73:a3:11:
01:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:48:C2:64:12:67:48:AE:39:FE:18:D4:DA:A1:A7:45:65:20:FF:E8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4EjCZBJnSK45_hjU2qGnRWUg_-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0-84.32.87.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/23
88.216.90.0/24
88.216.180.0/22
88.216.185.0/24
88.216.188.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
43:9a:9e:ce:5c:b3:a5:99:5d:18:26:95:78:63:6d:7d:1b:f4:
5d:9e:9e:45:55:a6:f8:ca:ed:cf:3b:db:99:5b:95:71:1d:d2:
5d:13:c9:5b:bd:40:58:36:15:7b:70:b5:c3:dc:0f:4f:e0:14:
18:fc:84:aa:aa:df:66:79:d3:2c:7b:c9:30:7c:3f:09:89:1f:
b7:78:0b:70:7e:99:6f:49:89:f2:bb:7d:35:ec:6b:5a:71:7b:
1d:b3:f5:57:9a:53:54:63:60:01:b6:68:2a:7b:35:3b:bf:bf:
92:ff:d8:9a:6f:b6:e8:5c:9f:46:e9:ff:90:27:83:25:33:64:
f6:96:72:5f:dc:fb:81:13:19:0e:fc:72:54:8a:5a:25:f0:d7:
34:2e:16:af:96:d1:a3:9b:c5:8c:32:85:ef:00:2a:e7:82:cb:
fd:5f:c3:50:17:bb:11:dd:a1:ff:61:29:a8:d0:94:91:8c:12:
02:35:a4:ae:7f:8c:78:3f:62:b1:72:bb:94:23:59:cf:a7:1d:
97:b4:38:cc:a8:0e:c4:cc:c0:90:21:91:78:ad:58:a7:56:df:
9c:ce:37:75:47:78:83:77:c3:52:6b:e9:af:12:51:1a:7c:f2:
0b:80:7a:e5:96:c2:f3:92:07:f7:af:eb:18:d2:c8:ec:4a:35:
41:a0:72:2b
-----BEGIN CERTIFICATE-----
MIIFbjCCBFagAwIBAgIEAPcN6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUw
NjEyNDcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTA0OGMyNjQxMjY3
NDhhZTM5ZmUxOGQ0ZGFhMWE3NDU2NTIwZmZlODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjX9qUOgI9gUPJOjfL+8x/EQoI708pd7M2odwmKgiipgSjv
ohq2FV8GZj6a1gG2nc57RwgBDqNXck6HVhmVzcKThmg2CPvzwyq15X8J+fMESNEb
u6WP8sViQ/1O5u5MI0k6BLthJuNpfo9WPrxSpC2kv8PWuHYobc/wF/uZMiPrdsF2
E6HbpopbB8h4pAAwDlT2U6dyj89MeurfsHGfwTpIDRgPD7jOxt0KHDy+2nBUDsau
XZ6Lb7cJL3ZhrSCqR+4bYieBqG8kZ5Wxq/UzB7r1trCoflm+nbjF1WOs1M1+4O/S
abmvFdPbb4saQvAQjJSDQ7/ufQk4ad6vc6MRASMCAwEAAaOCAogwggKEMB0GA1Ud
DgQWBBTgSMJkEmdIrjn+GNTaoadFZSD/6DAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzRFakNaQkpuU0s0NV9oalUycUduUldVZ18tZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
nQYIKwYBBQUHAQcBAf8EgY0wgYowgYcEAgABMIGAMAwDBAJUIAQDBAJUIAgDBANU
IBgDBANUICgDBANUIEAwDAMEAVQgUgMEA1QgUAMEAljYAAMEAFjYEDAMAwQAWNgT
AwQDWNgQAwQAWNggAwQBWNguAwQAWNhaAwQCWNi0AwQAWNi5AwQCWNi8AwQCWNjE
MAwDBABY2NEDBANY2NAwDQYJKoZIhvcNAQELBQADggEBAEOans5cs6WZXRgmlXhj
bX0b9F2enkVVpvjK7c8725lblXEd0l0TyVu9QFg2FXtwtcPcD0/gFBj8hKqq32Z5
0yx7yTB8PwmJH7d4C3B+mW9JifK7fTXsa1pxex2z9VeaU1RjYAG2aCp7NTu/v5L/
2Jpvtuhcn0bp/5AngyUzZPaWcl/c+4ETGQ78clSKWiXw1zQuFq+W0aObxYwyhe8A
KueCy/1fw1AXuxHdof9hKajQlJGMEgI1pK5/jHg/YrFyu5QjWc+nHZe0OMyoDsTM
wJAhkXitWKdW35zON3VHeIN3w1Jr6a8SURp88guAeuWWwvOSB/ev6xjSyOxKNUGg
cis=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org