Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5R1adUMadOHkBzWlBGYYbfzucVI.roa
File: 5R1adUMadOHkBzWlBGYYbfzucVI.roa (raw, json)
Hash identifier: GhDYJHzTFXFwsdQ7PrD6JhGLf14sHVkXFHC4hsYSc24=
Subject key identifier: E5:1D:5A:75:43:1A:74:E1:E4:07:35:A5:04:66:18:6D:FC:EE:71:52
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01851F37986D0B651727E6E1921A9C147B0F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5R1adUMadOHkBzWlBGYYbfzucVI.roa
Signing time: Sat 17 Dec 2022 08:33:35 +0000
ROA not before: Sat 17 Dec 2022 08:33:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.90.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:37:98:6d:0b:65:17:27:e6:e1:92:1a:9c:14:7b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 17 08:33:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e51d5a75431a74e1e40735a50466186dfcee7152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2f:5b:f4:bc:be:ee:02:48:de:98:36:aa:e3:
7d:99:75:1c:89:98:f3:7c:4d:0b:11:01:10:20:ed:
52:7f:c4:19:94:49:7d:e8:a0:11:75:10:ac:20:82:
31:19:8e:89:a3:20:df:75:be:6c:77:92:f9:ce:bd:
ad:d8:e6:f2:98:21:f5:2a:ab:27:08:d1:ab:03:14:
d6:0c:c3:ec:04:6a:22:96:cd:3c:c4:b1:2a:26:99:
26:3c:71:62:e4:b5:67:47:d1:a6:05:87:23:17:34:
d9:66:21:6a:dc:20:76:1a:ea:9a:94:2a:20:1c:4b:
70:36:59:19:4f:f2:6a:92:ba:22:fd:a4:d2:14:09:
bd:3c:6c:17:7e:f3:fd:51:2c:92:0d:81:e2:bc:65:
19:f7:7b:48:39:54:5e:60:05:bc:b0:20:2e:3d:eb:
e0:ad:66:6c:1f:0f:a4:a5:22:d1:dc:40:5b:52:bd:
1f:b6:dc:ea:c3:77:ba:04:dd:bd:8d:d4:a5:b5:d5:
74:2f:85:24:6a:89:62:1c:fe:28:15:99:de:8d:14:
50:81:fe:34:78:2d:6d:27:b5:b3:f1:61:1e:9f:19:
87:b3:21:e8:8b:2e:26:40:10:43:7c:4e:c9:ee:53:
ac:c7:9f:08:4c:80:95:f6:b7:49:73:1b:dc:ab:eb:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:5A:75:43:1A:74:E1:E4:07:35:A5:04:66:18:6D:FC:EE:71:52
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5R1adUMadOHkBzWlBGYYbfzucVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.90.0/23
84.32.178.0/23
84.32.212.0/24
84.32.220.0-84.32.222.255
88.216.42.0/24
88.216.128.0/24
88.216.135.0/24
88.216.224.0/22
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
42:2c:67:27:63:3b:21:f8:8f:47:bb:81:9f:54:fa:a2:1b:e6:
34:ad:a7:ab:53:09:e9:10:49:74:6c:12:16:c5:98:35:29:30:
c3:a1:04:81:00:7b:9e:50:76:79:d7:13:8e:27:3a:16:bc:48:
31:c0:26:84:6e:8d:6c:00:3e:a2:25:42:13:fb:3c:1c:08:6c:
2e:36:cc:d8:c1:59:f3:fb:32:95:1f:46:4b:43:8f:a7:4b:3a:
bf:b1:62:32:57:aa:ec:2c:25:1c:1c:03:77:4b:08:b8:60:34:
01:67:18:d7:0a:fa:14:40:d5:5c:84:5e:23:4e:47:6f:1e:6c:
81:bb:8f:ed:b7:30:8c:54:83:09:05:4d:82:39:78:77:c3:9d:
23:90:80:e3:41:e2:3e:5d:6b:7d:54:f9:e4:b0:10:a5:40:73:
30:84:7b:5b:06:bf:90:8b:f9:ba:14:56:9b:f9:bc:00:48:f8:
f2:86:62:a1:6c:2a:06:ae:9f:87:26:65:d9:d4:42:29:2b:2b:
da:26:f0:11:ce:ff:97:63:6d:85:c3:95:3e:58:6e:06:8e:12:
a0:4e:39:01:3b:6c:b4:b6:3d:a0:37:92:8d:35:74:c8:98:96:
29:a4:d6:e1:58:31:7f:24:88:8d:13:b1:16:d5:c8:75:09:7d:
f4:f8:cf:7e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYUfN5htC2UXJ+bhkhqcFHsPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE3MDgzMzM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkNWE3NTQzMWE3NGUxZTQwNzM1YTUwNDY2MTg2ZGZjZWU3MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvS9b9Ly+7gJI3pg2quN9mXUciZjz
fE0LEQEQIO1Sf8QZlEl96KARdRCsIIIxGY6JoyDfdb5sd5L5zr2t2ObymCH1Kqsn
CNGrAxTWDMPsBGoils08xLEqJpkmPHFi5LVnR9GmBYcjFzTZZiFq3CB2GuqalCog
HEtwNlkZT/Jqkroi/aTSFAm9PGwXfvP9USySDYHivGUZ93tIOVReYAW8sCAuPevg
rWZsHw+kpSLR3EBbUr0fttzqw3e6BN29jdSltdV0L4UkaoliHP4oFZnejRRQgf40
eC1tJ7Wz8WEenxmHsyHoiy4mQBBDfE7J7lOsx58ITICV9rdJcxvcq+urOQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFOUdWnVDGnTh5Ac1pQRmGG387nFSMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNVIxYWRVTWFkT0hrQnpXbEJHWVliZnp1Y1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCVCAYAwQB
VCBaAwQBVCCyAwQAVCDUMAwDBAJUINwDBABUIN4DBABY2CoDBABY2IADBABY2IcD
BAJY2OADBAJY2PgwDQYJKoZIhvcNAQELBQADggEBAEIsZydjOyH4j0e7gZ9U+qIb
5jStp6tTCekQSXRsEhbFmDUpMMOhBIEAe55QdnnXE44nOha8SDHAJoRujWwAPqIl
QhP7PBwIbC42zNjBWfP7MpUfRktDj6dLOr+xYjJXquwsJRwcA3dLCLhgNAFnGNcK
+hRA1VyEXiNOR28ebIG7j+23MIxUgwkFTYI5eHfDnSOQgONB4j5da31U+eSwEKVA
czCEe1sGv5CL+boUVpv5vABI+PKGYqFsKgaun4cmZdnUQikrK9om8BHO/5djbYXD
lT5YbgaOEqBOOQE7bLS2PaA3ko01dMiYlimk1uFYMX8kiI0TsRbVyHUJffT4z34=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:44 2023 by rpki-client on console-fra.rpki-client.org