Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9yZngMMRYNDZ4XeNf94TT5NOl7M.roa
File: 9yZngMMRYNDZ4XeNf94TT5NOl7M.roa (raw, json)
Hash identifier: vveA/uq3GErEb56EtVxEYhnN6gSAfpF4Lrp5vDtMAlc=
Subject key identifier: F7:26:67:80:C3:11:60:D0:D9:E1:77:8D:7F:DE:13:4F:93:4E:97:B3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184A5F2B261DC6F285680ECB57645C36754
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9yZngMMRYNDZ4XeNf94TT5NOl7M.roa
Signing time: Wed 23 Nov 2022 19:24:16 +0000
ROA not before: Wed 23 Nov 2022 19:24:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 84.32.69.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a5:f2:b2:61:dc:6f:28:56:80:ec:b5:76:45:c3:67:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 23 19:24:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f7266780c31160d0d9e1778d7fde134f934e97b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:07:16:7f:e8:4a:de:f6:b3:ff:99:1b:32:79:
70:7d:9d:82:0c:0a:c5:63:ea:a4:48:96:c1:22:f3:
ce:01:ee:b2:79:7b:42:b2:4d:a2:a1:2f:c3:51:47:
49:65:aa:71:ef:97:d0:b0:fe:12:35:55:b1:22:0b:
05:df:98:5e:1c:12:4e:8c:e0:61:17:78:01:7b:a0:
75:14:66:8b:b8:fa:c5:19:87:98:1f:f1:e8:82:e5:
aa:1c:fc:75:54:f6:8e:9e:55:92:62:55:0a:e7:76:
35:b3:d4:58:8c:fc:5a:b4:0e:9f:ee:b4:8c:7e:2f:
1f:41:3b:1b:53:c3:0a:b6:71:06:a4:ca:98:6b:93:
01:f9:ff:08:a5:d1:48:4a:8b:09:5c:c4:5d:99:1d:
02:cc:7e:e2:7d:8f:d4:3f:4d:14:71:65:63:5e:d0:
4d:de:a4:42:e9:5d:6a:d9:af:4c:01:c0:8f:27:9f:
57:13:b7:79:f9:c4:2a:53:41:ca:a9:00:71:f5:ff:
b9:9a:d6:15:7c:4e:aa:6a:cd:4b:11:55:04:2b:db:
6b:db:b8:43:bf:29:50:b0:92:2a:74:d5:9d:21:2d:
ff:3b:1a:6f:7c:56:74:35:58:fb:19:c2:9f:3d:40:
f8:e8:d6:5d:20:ba:38:2d:5e:b3:89:ae:6e:cd:15:
28:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:26:67:80:C3:11:60:D0:D9:E1:77:8D:7F:DE:13:4F:93:4E:97:B3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9yZngMMRYNDZ4XeNf94TT5NOl7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.40.0/24
84.32.43.0/24
84.32.69.0/24
84.32.242.0/24
88.216.41.0/24
88.216.214.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:64:17:0d:b8:8c:89:75:9e:65:6b:5e:c4:43:e9:06:8a:6a:
96:ae:3d:e0:51:a0:8f:ed:3b:93:ab:c3:42:ec:e7:b5:2c:c1:
06:46:45:e9:c1:d6:c4:3f:c6:e5:cf:13:71:63:2d:9e:57:e1:
b0:55:7f:4c:28:22:55:91:52:3f:5a:0f:2e:19:67:64:68:e0:
4b:6d:b8:0c:95:31:02:fa:6c:43:c2:ac:55:a7:2e:33:f7:cc:
98:b5:94:ae:3a:ac:cc:2f:a0:ec:57:01:04:a2:d1:b2:56:38:
99:41:21:d3:56:c9:78:ff:b7:6b:52:8a:64:5b:bf:5a:91:0d:
98:61:b5:73:6a:f4:bf:49:10:86:26:b7:40:1a:39:68:64:81:
73:df:f5:c3:a3:13:c3:5e:23:15:18:39:60:09:b9:ea:7a:f7:
8a:5e:49:1c:d2:68:4a:a4:aa:ef:09:9e:92:58:78:1b:b3:9b:
c2:ad:0e:f3:0e:22:23:46:df:82:b2:29:03:07:07:ad:09:36:
7a:be:fa:1a:20:e0:d1:92:b9:5c:dd:a1:1c:00:ca:75:f4:0b:
78:18:42:f8:31:55:5b:bd:ba:fd:a3:36:25:b5:91:75:d9:5c:
a1:0e:a0:5f:f4:2e:04:2b:49:b2:ca:57:85:f9:2e:7e:b7:e0:
fd:2e:89:e8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSl8rJh3G8oVoDstXZFw2dUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIzMTkyNDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzI2Njc4MGMzMTE2MGQwZDllMTc3OGQ3ZmRlMTM0ZjkzNGU5N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQcWf+hK3vaz/5kbMnlwfZ2CDArF
Y+qkSJbBIvPOAe6yeXtCsk2ioS/DUUdJZapx75fQsP4SNVWxIgsF35heHBJOjOBh
F3gBe6B1FGaLuPrFGYeYH/HoguWqHPx1VPaOnlWSYlUK53Y1s9RYjPxatA6f7rSM
fi8fQTsbU8MKtnEGpMqYa5MB+f8IpdFISosJXMRdmR0CzH7ifY/UP00UcWVjXtBN
3qRC6V1q2a9MAcCPJ59XE7d5+cQqU0HKqQBx9f+5mtYVfE6qas1LEVUEK9tr27hD
vylQsJIqdNWdIS3/OxpvfFZ0NVj7GcKfPUD46NZdILo4LV6zia5uzRUo8QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPcmZ4DDEWDQ2eF3jX/eE0+TTpezMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOXlabmdNTVJZTkRaNFhlTmY5NFRUNU5PbDdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAoAwQA
VCArAwQAVCBFAwQAVCDyAwQAWNgpAwQAWNjWMA0GCSqGSIb3DQEBCwUAA4IBAQCL
ZBcNuIyJdZ5la17EQ+kGimqWrj3gUaCP7TuTq8NC7Oe1LMEGRkXpwdbEP8blzxNx
Yy2eV+GwVX9MKCJVkVI/Wg8uGWdkaOBLbbgMlTEC+mxDwqxVpy4z98yYtZSuOqzM
L6DsVwEEotGyVjiZQSHTVsl4/7drUopkW79akQ2YYbVzavS/SRCGJrdAGjloZIFz
3/XDoxPDXiMVGDlgCbnqeveKXkkc0mhKpKrvCZ6SWHgbs5vCrQ7zDiIjRt+CsikD
BwetCTZ6vvoaIODRkrlc3aEcAMp19At4GEL4MVVbvbr9ozYltZF12VyhDqBf9C4E
K0myyleF+S5+t+D9Lono
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:28 2023 by rpki-client on console-ams.rpki-client.org