Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8lz8oqvRX_ZbgPRae1Bf4nFSC7s.roa
File: 8lz8oqvRX_ZbgPRae1Bf4nFSC7s.roa (raw, json)
Hash identifier: Gq8UulRSxnfgMj+IfRLrDH24gi1CeDj/8s1FpxGXZ5U=
Subject key identifier: F2:5C:FC:A2:AB:D1:5F:F6:5B:80:F4:5A:7B:50:5F:E2:71:52:0B:BB
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849E6C6C290CC68D5E2F3FB4B52D5C33D2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8lz8oqvRX_ZbgPRae1Bf4nFSC7s.roa
Signing time: Tue 22 Nov 2022 08:20:16 +0000
ROA not before: Tue 22 Nov 2022 08:20:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:6c:6c:29:0c:c6:8d:5e:2f:3f:b4:b5:2d:5c:33:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 22 08:20:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f25cfca2abd15ff65b80f45a7b505fe271520bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bc:50:80:29:7b:1c:fa:0e:f1:36:19:a9:15:
ed:70:2f:e5:e1:28:08:26:58:6b:97:1c:38:5f:a6:
27:4e:1f:c0:ba:24:bc:7b:41:db:28:41:f2:f8:1c:
ca:9f:34:35:f3:32:05:12:b8:e8:d2:8d:dd:2d:57:
fe:f3:ca:11:a4:c0:4e:a5:55:bb:4f:9f:15:81:27:
b0:73:0e:0a:c0:b4:bc:d9:9f:b0:68:ca:4a:80:32:
73:4d:c9:44:70:82:d4:a6:51:c1:d2:17:3f:6a:13:
98:06:e0:15:0d:3f:dc:51:57:83:ca:1a:e7:3d:6d:
3a:2f:86:4c:84:51:62:a0:b5:15:f2:bc:a0:8e:57:
3c:b9:7e:51:55:7f:39:49:04:93:19:14:d1:35:b6:
2d:e9:c6:69:37:f2:3c:89:41:57:b0:76:51:c6:f7:
e2:aa:e5:cd:e4:1e:cc:f9:e8:a0:06:4f:7f:8d:46:
84:46:c1:9a:ef:cf:1e:c9:dc:85:6c:9e:a7:92:59:
35:4f:fc:59:1c:c4:97:4f:45:18:52:fe:05:60:dc:
17:06:1f:79:92:fb:fe:13:69:b2:d0:c7:c9:c9:34:
78:05:80:06:22:f9:da:6a:16:74:b1:d8:c7:5c:85:
07:36:c5:e8:61:11:9d:92:16:86:2a:46:e3:90:b7:
70:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:5C:FC:A2:AB:D1:5F:F6:5B:80:F4:5A:7B:50:5F:E2:71:52:0B:BB
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/8lz8oqvRX_ZbgPRae1Bf4nFSC7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
84.32.76.0/23
88.216.17.0/24
88.216.98.0/24
88.216.228.0/22
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
5f:d1:96:d9:08:ce:f4:cc:6c:93:e7:24:e3:50:ac:d9:20:d4:
91:13:e9:b9:c8:75:78:46:ad:2e:a5:4c:3a:3f:b2:3e:44:da:
74:eb:57:f6:31:6d:7f:b0:67:02:50:77:73:f8:e5:a8:26:5b:
24:71:63:bf:bb:6a:88:92:57:c0:7a:84:41:bc:4a:0f:7a:de:
12:6c:f0:cf:fa:0b:b8:92:b1:b4:aa:dc:93:f2:75:e1:7d:7b:
35:23:2d:ec:49:a2:76:86:c4:fc:18:88:a0:e8:39:a2:f7:ff:
a1:3a:39:41:2b:4c:57:76:c6:48:cb:1c:ee:3c:e8:60:c8:01:
b9:dc:ad:a8:07:80:e1:7e:b1:b8:e9:09:b2:b3:11:9a:ce:2e:
88:ec:cd:0d:5e:c0:e1:25:8a:c1:d4:c2:aa:45:ce:66:a6:bf:
41:70:58:52:8b:42:8b:1d:f5:7b:68:d0:8e:00:71:68:26:87:
11:67:a5:b5:22:f1:5b:b8:fa:68:e5:fa:61:a2:94:c4:55:a5:
03:70:d6:d6:a3:24:41:89:df:48:58:75:23:f7:fb:9e:f0:83:
4f:a8:cf:cc:c8:32:68:88:f5:03:af:cc:19:ea:89:c0:cd:f4:
f3:78:87:42:d3:cb:43:c6:e7:35:72:c0:1e:a5:88:36:cb:2b:
1d:1d:9d:f0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYSebGwpDMaNXi8/tLUtXDPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIyMDgyMDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjVjZmNhMmFiZDE1ZmY2NWI4MGY0NWE3YjUwNWZlMjcxNTIwYmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbxQgCl7HPoO8TYZqRXtcC/l4SgI
Jlhrlxw4X6YnTh/AuiS8e0HbKEHy+BzKnzQ18zIFErjo0o3dLVf+88oRpMBOpVW7
T58VgSewcw4KwLS82Z+waMpKgDJzTclEcILUplHB0hc/ahOYBuAVDT/cUVeDyhrn
PW06L4ZMhFFioLUV8rygjlc8uX5RVX85SQSTGRTRNbYt6cZpN/I8iUFXsHZRxvfi
quXN5B7M+eigBk9/jUaERsGa788eydyFbJ6nklk1T/xZHMSXT0UYUv4FYNwXBh95
kvv+E2my0MfJyTR4BYAGIvnaahZ0sdjHXIUHNsXoYRGdkhaGKkbjkLdwdwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFPJc/KKr0V/2W4D0WntQX+JxUgu7MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOGx6OG9xdlJYX1piZ1BSYWUxQmY0bkZTQzdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAGAwQC
VCA0AwQBVCBMAwQAWNgRAwQAWNhiAwQCWNjkAwQCWNj8MA0GCSqGSIb3DQEBCwUA
A4IBAQBf0ZbZCM70zGyT5yTjUKzZINSRE+m5yHV4Rq0upUw6P7I+RNp061f2MW1/
sGcCUHdz+OWoJlskcWO/u2qIklfAeoRBvEoPet4SbPDP+gu4krG0qtyT8nXhfXs1
Iy3sSaJ2hsT8GIig6Dmi9/+hOjlBK0xXdsZIyxzuPOhgyAG53K2oB4DhfrG46Qmy
sxGazi6I7M0NXsDhJYrB1MKqRc5mpr9BcFhSi0KLHfV7aNCOAHFoJocRZ6W1IvFb
uPpo5fphopTEVaUDcNbWoyRBid9IWHUj9/ue8INPqM/MyDJoiPUDr8wZ6onAzfTz
eIdC08tDxuc1csAepYg2yysdHZ3w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org