Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa
File: 8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa (raw, json)
Hash identifier: WJ/c3V0xtVfehIpz4VwGrqmjfHWv4gawESZRNhITncw=
Subject key identifier: F3:E5:AA:30:67:0B:E1:F2:A6:17:61:55:E8:1B:63:EA:09:BE:57:91
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01851FC0008D92B2EA7433D0671C55A1B9DE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa
Signing time: Sat 17 Dec 2022 11:02:34 +0000
ROA not before: Sat 17 Dec 2022 11:02:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 84.32.174.0/24 maxlen: 24
84.32.173.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:c0:00:8d:92:b2:ea:74:33:d0:67:1c:55:a1:b9:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 17 11:02:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3e5aa30670be1f2a6176155e81b63ea09be5791
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:cf:4b:89:b9:8b:bf:69:19:0b:e2:f0:0b:44:
ba:38:34:4a:a1:73:ab:2c:82:3a:b0:e6:fa:54:e9:
7b:26:89:ae:9e:68:58:1b:e5:70:e7:bf:f7:f1:20:
32:41:1e:ca:d8:b0:24:1e:8b:cf:fc:96:9e:1a:a4:
02:99:73:e1:9e:b3:57:82:7a:9a:f6:6f:21:ed:b4:
f6:45:22:f9:a5:df:2b:49:29:a1:77:09:14:71:56:
9f:b6:17:67:e9:ff:18:64:d2:97:4a:4d:9c:d5:3a:
1f:b4:8c:fa:c1:17:39:9f:41:21:cd:9d:6c:dc:06:
91:bc:aa:11:55:59:a3:32:76:93:b0:4d:a3:b8:ae:
c6:30:f3:f0:8d:50:25:f4:11:07:be:61:ac:ce:06:
cd:ce:43:70:28:8a:8e:c0:01:64:c4:38:0f:13:c9:
f1:94:b9:fd:17:d9:75:3d:7f:81:4c:f5:10:ab:b7:
b1:55:42:41:1e:d6:61:33:a9:94:1b:ee:42:7f:a1:
ff:09:39:8f:3b:c4:05:91:61:52:8b:3e:17:6c:bb:
87:97:ae:83:22:e5:6e:c7:fb:52:12:3d:59:88:0c:
7c:42:6d:99:ab:97:69:78:12:ad:6d:db:87:31:3a:
a7:b0:ff:5c:8d:9b:b1:85:d4:83:d5:47:6c:b3:ef:
9b:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:E5:AA:30:67:0B:E1:F2:A6:17:61:55:E8:1B:63:EA:09:BE:57:91
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8-WqMGcL4fKmF2FV6Btj6gm-V5E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.173.0-84.32.174.255
84.32.223.0/24
84.32.249.0/24
84.32.251.0/24
88.216.181.0/24
Signature Algorithm: sha256WithRSAEncryption
44:81:c4:5e:4f:d8:e0:84:a2:00:26:16:ba:d1:73:52:86:9e:
e4:2f:e9:35:3d:a4:70:ca:a5:96:94:6f:0e:bd:63:6b:8c:2b:
c6:a6:73:0d:02:42:73:11:92:e1:83:d8:a5:8a:ec:67:d6:54:
b1:15:d1:49:6a:4b:05:ec:19:ae:1d:0e:43:33:97:9d:4d:32:
31:cc:c0:c8:9d:ba:00:44:b1:ae:5d:a9:f0:0a:02:68:0b:a8:
f0:1d:72:d0:3d:4a:56:91:c2:dd:cb:f2:fd:59:6c:b3:15:c9:
49:4c:9b:cb:2d:60:37:0f:5d:6b:ff:9c:a8:55:c6:c4:de:4c:
0b:15:14:23:83:52:6d:fe:bd:ad:57:27:ac:1e:82:9a:23:17:
da:f7:3c:ca:e9:58:94:9f:92:2c:72:75:9b:3f:e2:0d:36:e6:
e8:fb:3c:bd:0c:92:7c:9c:db:5e:0f:bc:b6:44:20:6c:22:a4:
6b:8b:51:cb:dc:20:67:e0:38:7e:30:a8:bc:ca:c1:c2:3d:51:
a8:d2:cc:28:a0:ec:70:c4:7c:bc:bd:34:13:a1:b6:a0:77:01:
b9:ed:99:26:b4:1d:d7:6f:92:71:fc:74:f3:c1:b1:0e:d3:af:
68:c3:cb:72:fd:77:7d:4f:15:48:12:46:37:48:db:99:4c:67:
de:37:4f:07
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYUfwACNkrLqdDPQZxxVobneMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE3MTEwMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2U1YWEzMDY3MGJlMWYyYTYxNzYxNTVlODFiNjNlYTA5YmU1NzkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoM9LibmLv2kZC+LwC0S6ODRKoXOr
LII6sOb6VOl7JomunmhYG+Vw57/38SAyQR7K2LAkHovP/JaeGqQCmXPhnrNXgnqa
9m8h7bT2RSL5pd8rSSmhdwkUcVafthdn6f8YZNKXSk2c1ToftIz6wRc5n0EhzZ1s
3AaRvKoRVVmjMnaTsE2juK7GMPPwjVAl9BEHvmGszgbNzkNwKIqOwAFkxDgPE8nx
lLn9F9l1PX+BTPUQq7exVUJBHtZhM6mUG+5Cf6H/CTmPO8QFkWFSiz4XbLuHl66D
IuVux/tSEj1ZiAx8Qm2Zq5dpeBKtbduHMTqnsP9cjZuxhdSD1Udss++bJQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPPlqjBnC+HyphdhVegbY+oJvleRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOC1XcU1HY0w0ZkttRjJGVjZCdGo2Z20tVjVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABUIK0D
BABUIK4DBABUIN8DBABUIPkDBABUIPsDBABY2LUwDQYJKoZIhvcNAQELBQADggEB
AESBxF5P2OCEogAmFrrRc1KGnuQv6TU9pHDKpZaUbw69Y2uMK8amcw0CQnMRkuGD
2KWK7GfWVLEV0UlqSwXsGa4dDkMzl51NMjHMwMidugBEsa5dqfAKAmgLqPAdctA9
SlaRwt3L8v1ZbLMVyUlMm8stYDcPXWv/nKhVxsTeTAsVFCODUm3+va1XJ6wegpoj
F9r3PMrpWJSfkixydZs/4g025uj7PL0Mknyc214PvLZEIGwipGuLUcvcIGfgOH4w
qLzKwcI9UajSzCig7HDEfLy9NBOhtqB3AbntmSa0HddvknH8dPPBsQ7Tr2jDy3L9
d31PFUgSRjdI25lMZ943Twc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:24 2024 by rpki-client on console-ams.rpki-client.org