Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4R0-E9Yl2UbP7h-G1n75WHZPeF4.roa
File: 4R0-E9Yl2UbP7h-G1n75WHZPeF4.roa (raw, json)
Hash identifier: trm8ZZ/oD250p5o4i0KV83qE2T1zfF3Jsked/rPcx+Y=
Subject key identifier: E1:1D:3E:13:D6:25:D9:46:CF:EE:1F:86:D6:7E:F9:58:76:4F:78:5E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 010471B9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4R0-E9Yl2UbP7h-G1n75WHZPeF4.roa
Signing time: Wed 11 May 2022 10:52:03 +0000
ROA not before: Wed 11 May 2022 10:52:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.180.0/22 maxlen: 24
84.32.84.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.4.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/22 maxlen: 22
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 17068473 (0x10471b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 11 10:52:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e11d3e13d625d946cfee1f86d67ef958764f785e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:67:1d:a1:29:bd:d8:42:76:8c:d1:51:7a:27:
f9:0b:0e:8c:24:e4:d6:30:dc:15:3b:d8:16:0a:73:
f2:5f:a2:d6:d7:c1:19:cd:eb:23:b7:ec:f2:cc:35:
48:59:e1:fb:cc:f7:66:79:36:0d:04:9e:10:b8:db:
ce:51:c1:66:36:f1:58:ab:bb:49:2c:84:b0:d5:a6:
74:65:39:35:0e:47:1c:74:59:74:7d:3f:2b:1c:e9:
6a:92:6e:a3:3e:c8:2c:f8:1e:c5:97:a3:67:0f:50:
d7:5a:89:64:98:cd:84:05:88:3d:75:13:01:aa:af:
bd:43:8e:31:8b:2c:30:8d:c1:a2:3f:04:f8:38:54:
56:72:79:31:c8:a5:dd:1d:26:8d:c6:ea:ea:4c:74:
50:9e:25:52:5b:49:0d:03:dc:ee:ea:7b:85:f2:cb:
22:fb:16:45:97:1a:41:6e:cc:6b:ed:41:f8:91:72:
c7:80:3d:f0:cc:e2:da:99:bb:10:1a:5e:84:38:47:
8c:09:c9:3a:60:3f:1a:39:24:e0:f8:bd:b9:12:91:
31:22:7a:94:2a:be:4e:3e:b7:94:4c:14:28:1d:cc:
80:0a:5e:d4:ff:67:91:ae:e5:0c:42:1f:bc:01:8f:
f6:02:c0:0f:0e:85:14:59:7b:c1:d6:80:1e:3f:16:
dd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:1D:3E:13:D6:25:D9:46:CF:EE:1F:86:D6:7E:F9:58:76:4F:78:5E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/4R0-E9Yl2UbP7h-G1n75WHZPeF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0-84.32.11.255
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0-84.32.87.255
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/23
88.216.90.0/24
88.216.180.0/22
88.216.185.0/24
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
98:75:7c:b8:9a:34:86:2a:37:8d:41:75:24:b3:b6:e7:f6:5c:
d0:6a:ed:c6:d9:70:25:da:87:5f:16:0f:a3:2e:5c:20:a7:1b:
cb:ef:af:45:db:52:36:22:38:9c:c2:3e:10:5d:ec:40:12:c5:
8d:02:2b:3c:e6:a3:c8:4d:79:38:37:62:a7:5d:7e:05:66:91:
90:8a:4f:85:ea:2a:14:d3:ad:48:f0:82:21:66:b9:24:21:62:
ca:e8:4c:30:cf:9d:49:79:69:5f:98:30:8c:94:4d:3c:57:b6:
d0:f9:22:51:3c:d3:c3:f4:14:c2:2d:9f:cf:30:c0:f3:7f:2e:
ca:31:fc:41:6c:23:18:41:a7:dd:0c:8a:1d:b6:fb:b5:48:b4:
a0:6e:60:c4:ed:c7:be:54:00:77:94:60:09:c1:07:96:9a:bc:
b2:df:e2:ec:11:aa:b0:bf:95:7f:d2:c4:9f:c1:6d:c9:eb:b3:
67:33:76:b3:d0:31:03:2a:43:50:f0:bf:a9:a3:3a:46:2c:13:
8c:35:9c:20:8b:3d:18:c1:b4:fb:ad:9f:ce:a6:2f:d6:8d:f6:
07:05:f9:b2:c6:66:fc:71:03:96:79:43:e2:a0:a7:83:18:ad:
19:95:18:97:0d:78:d9:3e:01:0a:fe:a1:fa:23:cc:c7:d3:ce:
2d:64:26:f4
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEAQRxuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUx
MTEwNTIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTExZDNlMTNkNjI1
ZDk0NmNmZWUxZjg2ZDY3ZWY5NTg3NjRmNzg1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ5nHaEpvdhCdozRUXon+QsOjCTk1jDcFTvYFgpz8l+i1tfB
Gc3rI7fs8sw1SFnh+8z3Znk2DQSeELjbzlHBZjbxWKu7SSyEsNWmdGU5NQ5HHHRZ
dH0/KxzpapJuoz7ILPgexZejZw9Q11qJZJjNhAWIPXUTAaqvvUOOMYssMI3Boj8E
+DhUVnJ5Mcil3R0mjcbq6kx0UJ4lUltJDQPc7up7hfLLIvsWRZcaQW7Ma+1B+JFy
x4A98Mzi2pm7EBpehDhHjAnJOmA/Gjkk4Pi9uRKRMSJ6lCq+Tj63lEwUKB3MgApe
1P9nka7lDEIfvAGP9gLADw6FFFl7wdaAHj8W3c0CAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBThHT4T1iXZRs/uH4bWfvlYdk94XjAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzRSMC1FOVlsMlViUDdoLUcxbjc1V0haUGVGNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHowDAMEAlQgBAMEAlQgCAMEA1Qg
GAMEA1QgKAMEA1QgQDAMAwQBVCBSAwQDVCBQAwQCWNgAAwQAWNgQMAwDBABY2BMD
BANY2BADBABY2CADBAFY2C4DBABY2FoDBAJY2LQDBABY2LkDBAJY2MQwDAMEAFjY
0QMEA1jY0DANBgkqhkiG9w0BAQsFAAOCAQEAmHV8uJo0hio3jUF1JLO25/Zc0Grt
xtlwJdqHXxYPoy5cIKcby++vRdtSNiI4nMI+EF3sQBLFjQIrPOajyE15ODdip11+
BWaRkIpPheoqFNOtSPCCIWa5JCFiyuhMMM+dSXlpX5gwjJRNPFe20PkiUTzTw/QU
wi2fzzDA838uyjH8QWwjGEGn3QyKHbb7tUi0oG5gxO3HvlQAd5RgCcEHlpq8st/i
7BGqsL+Vf9LEn8FtyeuzZzN2s9AxAypDUPC/qaM6RiwTjDWcIIs9GMG0+62fzqYv
1o32BwX5ssZm/HEDlnlD4qCngxitGZUYlw142T4BCv6h+iPMx9POLWQm9A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org