Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5zGyxOXUF8vhv82Y0_By9z4IGRA.roa
File: 5zGyxOXUF8vhv82Y0_By9z4IGRA.roa (raw, json)
Hash identifier: lLNdvhmV3Qgxep+MubZsDFisJ67NyFCO7AN2+NPXERA=
Subject key identifier: E7:31:B2:C4:E5:D4:17:CB:E1:BF:CD:98:D3:F0:72:F7:3E:08:19:10
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E8221D83A76A1071AEE751A1CD599808
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5zGyxOXUF8vhv82Y0_By9z4IGRA.roa
Signing time: Tue 06 Dec 2022 15:51:00 +0000
ROA not before: Tue 06 Dec 2022 15:51:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:22:1d:83:a7:6a:10:71:ae:e7:51:a1:cd:59:98:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 6 15:51:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e731b2c4e5d417cbe1bfcd98d3f072f73e081910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:2b:29:5b:b9:a1:56:f6:92:cc:3b:a9:cf:51:
c6:33:2a:92:c9:ff:fa:2e:44:7f:28:b3:c4:61:90:
34:c6:ac:6f:18:fe:2f:b6:f7:75:bf:c5:1b:5b:75:
24:df:92:fd:6d:10:83:a6:23:ee:00:01:98:bc:ba:
68:40:fc:54:7f:0e:77:7f:b0:ff:89:c3:fd:95:bf:
7c:fc:d6:f5:ae:e8:1d:6c:ac:54:2d:1c:fb:61:cc:
0c:8e:f3:b7:6a:8e:56:fe:f4:13:6d:cf:43:4b:cd:
21:ab:6e:d6:a6:2c:dd:7d:d7:a8:c0:54:9b:f9:84:
0a:01:16:ab:15:c3:21:7e:28:1e:ca:63:1e:e1:98:
f3:84:66:27:96:ff:1b:f8:eb:51:84:24:5d:36:0c:
69:62:f8:72:2d:ee:e6:b9:17:95:a2:93:a2:7d:84:
3f:53:91:59:aa:b8:1b:27:11:77:a9:32:e4:ce:e4:
a3:3a:d5:60:32:31:d1:ae:6a:4b:47:84:71:f6:23:
8a:f8:4c:91:b6:f3:01:bc:12:de:33:c5:23:b1:5d:
83:ce:d8:5b:77:64:64:b3:b1:63:b3:ef:d3:b8:43:
93:6f:77:ca:be:77:db:49:9f:92:83:e2:77:49:8a:
1f:08:94:82:45:de:10:d4:1f:07:53:0b:a8:96:7c:
c2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:31:B2:C4:E5:D4:17:CB:E1:BF:CD:98:D3:F0:72:F7:3E:08:19:10
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/5zGyxOXUF8vhv82Y0_By9z4IGRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
84.32.63.0/24
84.32.95.0/24
84.32.228.0/24
88.216.2.0/24
88.216.34.0/24
88.216.36.0/24
88.216.180.0/24
Signature Algorithm: sha256WithRSAEncryption
08:15:ae:93:b1:dd:1f:50:3e:90:4b:65:56:a2:43:c6:7c:b3:
0d:12:f6:99:9a:2b:77:1f:62:60:8e:d6:dd:de:5d:a5:32:2e:
37:2f:49:d9:01:d7:44:7e:9d:3f:41:00:f2:f4:41:f4:66:e8:
cf:9d:11:0a:75:ac:1f:44:91:9a:93:99:f2:c0:fb:7f:84:cf:
38:80:fb:d1:12:10:65:4c:29:e4:dd:de:07:72:a0:a7:5b:41:
90:42:8e:f4:c1:81:33:92:56:e6:fa:17:6c:2f:3d:b8:20:13:
f2:a7:e3:79:fc:dd:3f:39:43:5b:76:40:a5:82:22:d7:11:5e:
c4:5f:bd:49:55:b2:db:c4:90:71:a8:45:67:c5:ff:a4:e7:1f:
32:dc:32:9e:5c:ac:25:e6:83:dc:4c:13:7d:a0:5a:30:f6:c1:
8e:14:c1:37:01:cc:15:b3:71:d9:5a:31:bc:a1:f8:59:67:36:
4d:40:a2:30:ae:b4:3a:43:e7:9f:40:70:9c:b5:31:e8:b0:ec:
99:16:f3:a0:3d:49:3d:c3:02:17:f0:45:ec:e5:36:15:0a:76:
7e:d1:d1:97:e3:bc:c8:ac:a6:1a:04:4e:80:45:73:68:bb:8c:
67:80:6e:39:ff:5d:3a:dc:01:ee:ed:f6:0c:db:5a:f2:95:90:
0b:a3:85:a9
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYToIh2Dp2oQca7nUaHNWZgIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA2MTU1MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzMxYjJjNGU1ZDQxN2NiZTFiZmNkOThkM2YwNzJmNzNlMDgxOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnispW7mhVvaSzDupz1HGMyqSyf/6
LkR/KLPEYZA0xqxvGP4vtvd1v8UbW3Uk35L9bRCDpiPuAAGYvLpoQPxUfw53f7D/
icP9lb98/Nb1rugdbKxULRz7YcwMjvO3ao5W/vQTbc9DS80hq27WpizdfdeowFSb
+YQKARarFcMhfigeymMe4ZjzhGYnlv8b+OtRhCRdNgxpYvhyLe7muReVopOifYQ/
U5FZqrgbJxF3qTLkzuSjOtVgMjHRrmpLR4Rx9iOK+EyRtvMBvBLeM8UjsV2Dzthb
d2Rks7Fjs+/TuEOTb3fKvnfbSZ+Sg+J3SYofCJSCRd4Q1B8HUwuolnzC0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOcxssTl1BfL4b/NmNPwcvc+CBkQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvNXpHeXhPWFVGOHZodjgyWTBfQnk5ejRJR1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCA4AwQA
VCA/AwQAVCBfAwQAVCDkAwQAWNgCAwQAWNgiAwQAWNgkAwQAWNi0MA0GCSqGSIb3
DQEBCwUAA4IBAQAIFa6Tsd0fUD6QS2VWokPGfLMNEvaZmit3H2Jgjtbd3l2lMi43
L0nZAddEfp0/QQDy9EH0ZujPnREKdawfRJGak5nywPt/hM84gPvREhBlTCnk3d4H
cqCnW0GQQo70wYEzklbm+hdsLz24IBPyp+N5/N0/OUNbdkClgiLXEV7EX71JVbLb
xJBxqEVnxf+k5x8y3DKeXKwl5oPcTBN9oFow9sGOFME3AcwVs3HZWjG8ofhZZzZN
QKIwrrQ6Q+efQHCctTHosOyZFvOgPUk9wwIX8EXs5TYVCnZ+0dGX47zIrKYaBE6A
RXNou4xngG45/1063AHu7fYM21rylZALo4Wp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org