Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6DTZYXeifoo9z_ApK9-y8XNsjtw.roa
File: 6DTZYXeifoo9z_ApK9-y8XNsjtw.roa (raw, json)
Hash identifier: yaMR8fADq/8gmsJwmjGXUCJqRgkjhapETj/5wFT7MME=
Subject key identifier: E8:34:D9:61:77:A2:7E:8A:3D:CF:F0:29:2B:DF:B2:F1:73:6C:8E:DC
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01351855
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6DTZYXeifoo9z_ApK9-y8XNsjtw.roa
Signing time: Sun 22 May 2022 19:08:38 +0000
ROA not before: Sun 22 May 2022 19:08:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.188.0/22 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.92.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.90.0/23 maxlen: 24
88.216.100.0/22 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.36.0/22 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20256853 (0x1351855)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: May 22 19:08:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e834d96177a27e8a3dcff0292bdfb2f1736c8edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:fd:0a:e9:c3:2c:be:79:a4:bb:fb:f5:a4:c8:
17:aa:c5:0a:d0:e4:d8:d4:2f:01:ff:10:8d:2c:74:
99:da:d7:d1:68:55:e8:14:6f:fc:03:1a:8b:3b:d1:
39:8b:7f:4c:e9:ea:b9:7c:67:43:4d:b2:2f:68:60:
9f:0f:1b:74:ae:6b:96:fc:a0:5c:58:f3:d5:e1:3f:
fd:13:9a:11:59:68:a3:9f:3a:35:8b:c0:85:7f:1e:
d2:4a:cf:b5:07:01:cf:0e:f2:8c:25:a8:61:90:be:
00:68:11:51:6d:f2:d6:3a:74:fc:08:14:15:20:96:
27:08:40:fd:3b:79:91:fe:bf:c6:33:a2:6c:3b:bb:
f2:ce:ea:c6:25:93:fc:27:0c:6a:c3:94:9b:2a:86:
15:2b:36:30:9c:bc:75:fd:9b:74:9e:a3:4e:12:24:
ab:f5:f0:4d:41:4b:24:92:43:59:cc:b7:79:01:51:
16:c7:89:dd:00:2c:d1:d9:28:37:6c:f1:c4:3d:9d:
ea:49:8a:df:ab:f6:41:86:c5:b5:f9:53:e3:bd:e9:
53:1f:d0:7c:d0:3c:bb:2c:08:7d:eb:90:1d:7b:b0:
aa:1b:64:a0:49:a2:b2:02:bc:a3:13:7f:50:c6:57:
25:be:23:5d:97:ca:47:37:49:7c:87:e8:ae:64:85:
7c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:34:D9:61:77:A2:7E:8A:3D:CF:F0:29:2B:DF:B2:F1:73:6C:8E:DC
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/6DTZYXeifoo9z_ApK9-y8XNsjtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.92.0/22
88.216.16.0-88.216.18.255
88.216.35.0-88.216.41.255
88.216.43.0/24
88.216.90.0/23
88.216.100.0/22
88.216.187.0-88.216.191.255
Signature Algorithm: sha256WithRSAEncryption
72:b9:51:5f:f5:9c:fc:eb:01:bc:1f:36:da:d6:0d:1b:46:0d:
bf:3e:b2:cd:9a:76:1c:e0:04:ee:15:51:1c:e9:ca:a2:38:d9:
09:54:d8:76:0d:d0:94:b1:03:54:54:ad:5f:a0:d7:e2:ce:23:
8e:5c:b8:a5:14:61:78:ee:fa:d6:41:52:35:82:cd:60:a4:c6:
94:37:bd:8f:b6:05:de:05:bd:a0:b6:76:5c:8f:cd:34:0d:e8:
c4:7a:02:50:60:c1:cb:2d:45:21:36:5d:17:b8:eb:dc:72:68:
e4:56:40:2e:4c:5a:92:dd:00:d6:79:cf:e3:56:fd:07:11:c0:
a6:ba:9d:dc:0b:32:88:88:12:0a:bc:c0:c7:b2:3a:65:1a:11:
86:8c:83:f3:46:5e:34:bb:6c:15:33:b4:a5:ed:6d:b1:b4:5e:
1d:d7:2b:30:09:23:42:14:6b:4a:78:e5:a5:f4:bf:69:f9:a9:
01:78:81:c6:ef:fc:ef:11:6e:8f:48:7c:4c:8c:57:e0:3c:07:
ca:ad:bc:d5:11:65:8c:1d:b1:94:06:c1:73:6e:4f:72:b9:33:
a5:a1:f7:7b:73:68:e6:ad:bd:71:c5:3f:34:ff:bd:c2:93:f0:
0c:15:b1:15:24:09:e3:50:70:e9:19:dd:2d:4f:39:87:a2:97:
2e:53:f9:e0
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEATUYVTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDUy
MjE5MDgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTgzNGQ5NjE3N2Ey
N2U4YTNkY2ZmMDI5MmJkZmIyZjE3MzZjOGVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOv9CunDLL55pLv79aTIF6rFCtDk2NQvAf8QjSx0mdrX0WhV
6BRv/AMaizvROYt/TOnquXxnQ02yL2hgnw8bdK5rlvygXFjz1eE//ROaEVloo586
NYvAhX8e0krPtQcBzw7yjCWoYZC+AGgRUW3y1jp0/AgUFSCWJwhA/Tt5kf6/xjOi
bDu78s7qxiWT/CcMasOUmyqGFSs2MJy8df2bdJ6jThIkq/XwTUFLJJJDWcy3eQFR
FseJ3QAs0dkoN2zxxD2d6kmK36v2QYbFtflT473pUx/QfNA8uywIfeuQHXuwqhtk
oEmisgK8oxN/UMZXJb4jXZfKRzdJfIformSFfGcCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBToNNlhd6J+ij3P8Ckr37Lxc2yO3DAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzZEVFpZWGVpZm9vOXpfQXBLOS15OFhOc2p0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAFQgDgMEAFQgIgMEAlQgXDAMAwQE
WNgQAwQAWNgSMAwDBABY2CMDBAFY2CgDBABY2CsDBAFY2FoDBAJY2GQwDAMEAFjY
uwMEBljYgDANBgkqhkiG9w0BAQsFAAOCAQEAcrlRX/Wc/OsBvB822tYNG0YNvz6y
zZp2HOAE7hVRHOnKojjZCVTYdg3QlLEDVFStX6DX4s4jjly4pRRheO761kFSNYLN
YKTGlDe9j7YF3gW9oLZ2XI/NNA3oxHoCUGDByy1FITZdF7jr3HJo5FZALkxakt0A
1nnP41b9BxHAprqd3AsyiIgSCrzAx7I6ZRoRhoyD80ZeNLtsFTO0pe1tsbReHdcr
MAkjQhRrSnjlpfS/afmpAXiBxu/87xFuj0h8TIxX4DwHyq281RFljB2xlAbBc25P
crkzpaH3e3No5q29ccU/NP+9wpPwDBWxFSQJ41Bw6RndLU85h6KXLlP54A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:30 2024 by rpki-client on console-fra.rpki-client.org