Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8G4d6Puuk9kUykNWY-nPd7g2RFs.roa
File: 8G4d6Puuk9kUykNWY-nPd7g2RFs.roa (raw, json)
Hash identifier: tHpGY+64VLvti6YLYzpN35zRRCInMWimO9o0uy7cdLg=
Subject key identifier: F0:6E:1D:E8:FB:AE:93:D9:14:CA:43:56:63:E9:CF:77:B8:36:44:5B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01AC1424
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8G4d6Puuk9kUykNWY-nPd7g2RFs.roa
Signing time: Fri 01 Jul 2022 15:50:25 +0000
ROA not before: Fri 01 Jul 2022 15:50:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.0.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28054564 (0x1ac1424)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 1 15:50:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f06e1de8fbae93d914ca435663e9cf77b836445b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:d8:a8:45:84:2f:03:f8:ea:7e:f8:11:ec:9b:
6e:d5:98:db:4d:80:52:6b:43:92:c3:0e:df:49:ff:
96:b2:75:81:fb:0a:c8:5d:54:c8:a0:d3:21:7d:fd:
2f:e7:76:5a:41:69:2a:75:f7:15:bb:4c:d6:54:0b:
e9:60:25:2b:58:d4:ba:f0:33:d5:81:a7:18:ad:9e:
65:16:f6:99:2e:1d:39:f8:39:f4:2e:d2:31:b2:0f:
58:4b:b9:b6:ef:34:8e:29:af:a1:33:f5:a9:ac:d3:
25:4c:d1:0d:3c:e9:99:fb:23:5d:09:92:b0:57:6d:
25:7e:0a:bc:38:fe:1e:e9:5b:b4:d7:b8:d6:6b:3c:
56:b0:f1:c6:0c:15:c3:9e:f6:b3:d3:f1:27:89:a4:
f4:f9:b4:fc:fc:ac:94:33:90:f0:38:52:87:3d:0f:
4c:03:ed:3b:e9:f3:f4:b5:27:df:ff:64:93:6d:9f:
8d:dd:e7:39:d8:26:f8:fb:9e:25:9b:e6:9c:85:71:
e9:42:22:6f:c6:7c:e2:80:4e:a5:97:0e:35:03:94:
15:3b:2f:8d:fb:cf:75:2c:d4:35:0b:12:05:8e:0e:
8a:98:4e:ec:95:a4:48:52:dc:fc:8b:21:34:21:77:
45:b1:94:48:e6:53:2f:56:af:84:c6:6c:ff:06:9b:
4f:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6E:1D:E8:FB:AE:93:D9:14:CA:43:56:63:E9:CF:77:B8:36:44:5B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8G4d6Puuk9kUykNWY-nPd7g2RFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/22
84.32.64.0/21
88.216.0.0/22
88.216.196.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:7d:7f:91:86:16:e6:49:77:97:46:67:13:c2:94:60:af:0a:
f3:e8:76:f2:d0:14:1a:a3:c1:dd:eb:93:2c:2c:b1:f4:a4:5e:
d3:8c:ca:ab:a6:b5:8d:6d:5e:1d:a1:e4:9e:30:06:0b:c3:6d:
e3:76:94:bc:94:92:ee:ff:85:2e:dd:90:11:b8:dc:45:5b:10:
76:ed:21:95:5d:96:c6:1a:5d:fc:6d:40:de:11:f8:c0:5f:db:
c9:9d:98:9c:5a:d5:a0:e7:74:3e:06:a1:0c:cf:90:c9:63:05:
9d:07:a8:19:50:07:ce:5a:93:70:b0:cb:8f:b5:77:97:6b:70:
f9:35:02:d1:12:a1:d1:ef:19:89:d6:6a:6f:bc:b8:ab:28:a7:
36:d8:9c:8c:e8:86:14:d5:02:4d:81:3c:0b:3a:92:7d:73:ee:
d4:55:e4:a1:1a:12:30:9d:6d:cc:c2:e3:69:d7:70:28:30:8d:
68:99:71:64:e1:35:d3:92:a7:19:b7:e9:fc:bc:9c:ae:78:8e:
94:ad:39:15:eb:ca:ad:7e:87:26:1f:88:62:87:cb:e1:2c:1d:
75:7e:c3:b1:ad:bc:5d:69:f7:66:b4:13:b6:f6:3a:5e:09:d7:
a3:1b:52:ee:18:d3:43:f2:9e:56:11:7b:83:0f:12:bb:ca:d6:
6e:10:06:49
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEAawUJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDcw
MTE1NTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjA2ZTFkZThmYmFl
OTNkOTE0Y2E0MzU2NjNlOWNmNzdiODM2NDQ1YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJjYqEWELwP46n74EeybbtWY202AUmtDksMO30n/lrJ1gfsK
yF1UyKDTIX39L+d2WkFpKnX3FbtM1lQL6WAlK1jUuvAz1YGnGK2eZRb2mS4dOfg5
9C7SMbIPWEu5tu80jimvoTP1qazTJUzRDTzpmfsjXQmSsFdtJX4KvDj+HulbtNe4
1ms8VrDxxgwVw572s9PxJ4mk9Pm0/PyslDOQ8DhShz0PTAPtO+nz9LUn3/9kk22f
jd3nOdgm+PueJZvmnIVx6UIib8Z84oBOpZcONQOUFTsvjfvPdSzUNQsSBY4OiphO
7JWkSFLc/IshNCF3RbGUSOZTL1avhMZs/wabT4cCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTwbh3o+66T2RTKQ1Zj6c93uDZEWzAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
LzhHNGQ2UHV1azlrVXlrTldZLW5QZDdnMlJGcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlQgCAMEA1QgQAMEAljYAAMEAljY
xDANBgkqhkiG9w0BAQsFAAOCAQEAC31/kYYW5kl3l0ZnE8KUYK8K8+h28tAUGqPB
3euTLCyx9KRe04zKq6a1jW1eHaHknjAGC8Nt43aUvJSS7v+FLt2QEbjcRVsQdu0h
lV2Wxhpd/G1A3hH4wF/byZ2YnFrVoOd0PgahDM+QyWMFnQeoGVAHzlqTcLDLj7V3
l2tw+TUC0RKh0e8ZidZqb7y4qyinNticjOiGFNUCTYE8CzqSfXPu1FXkoRoSMJ1t
zMLjaddwKDCNaJlxZOE105KnGbfp/LycrniOlK05FevKrX6HJh+IYofL4SwddX7D
sa28XWn3ZrQTtvY6XgnXoxtS7hjTQ/KeVhF7gw8Su8rWbhAGSQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org