Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9zt-X5BQECU596rfdaRn54TnhiE.roa
File: 9zt-X5BQECU596rfdaRn54TnhiE.roa (raw, json)
Hash identifier: +NYXoHvk2kFEfX5t3wvzenUmpVtkgqk7iSr8Pzidi1U=
Subject key identifier: F7:3B:7E:5F:90:50:10:25:39:F7:AA:DF:75:A4:67:E7:84:E7:86:21
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184241ED6E01EF713AFC131F828039A97DA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9zt-X5BQECU596rfdaRn54TnhiE.roa
Signing time: Sat 29 Oct 2022 14:21:51 +0000
ROA not before: Sat 29 Oct 2022 14:21:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.60.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:24:1e:d6:e0:1e:f7:13:af:c1:31:f8:28:03:9a:97:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 29 14:21:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f73b7e5f9050102539f7aadf75a467e784e78621
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3d:dd:cb:1a:96:66:64:8c:a1:51:76:4d:2a:
ef:3b:c9:58:64:5a:0d:14:8b:e9:77:31:3c:4c:46:
73:70:44:bb:91:1a:e0:fb:2e:89:06:59:f6:e2:47:
aa:51:ca:08:06:42:a3:c9:e5:56:aa:99:b9:68:b6:
9e:fe:5d:18:33:4a:d1:a2:08:4a:a6:0b:a7:b1:89:
9a:cb:7e:98:16:b6:92:38:a2:c8:9e:6d:ae:7d:9b:
fa:9f:7e:87:f3:57:c1:72:43:2e:f0:df:ba:c8:f9:
09:b3:39:f4:49:f8:4b:96:00:32:2f:15:73:2e:2e:
d1:7d:cf:07:62:84:20:8c:14:fc:60:fc:28:d8:c5:
e3:b7:62:bc:ac:95:b0:1e:d7:87:7a:7a:4b:e9:2a:
4b:75:ad:2c:73:dd:ea:6d:51:8a:33:bd:92:d6:33:
f3:ac:f7:96:80:26:08:a0:61:14:14:5b:30:a0:c0:
bb:65:ec:08:2d:93:37:f6:c1:61:60:d7:bd:db:e5:
a2:59:be:54:fd:56:09:9f:62:90:bb:d3:9e:d6:4d:
e5:4a:00:98:fc:2d:42:e3:07:23:d6:ba:0a:39:56:
93:13:fd:15:a2:a6:be:58:a1:53:cf:21:7f:f6:e4:
8a:63:15:c9:fe:78:42:d5:02:ff:34:aa:22:9f:83:
52:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:3B:7E:5F:90:50:10:25:39:F7:AA:DF:75:A4:67:E7:84:E7:86:21
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9zt-X5BQECU596rfdaRn54TnhiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.15.0/24
84.32.42.0/24
84.32.44.0/24
84.32.46.0/23
84.32.49.0/24
84.32.60.0/24
84.32.63.0/24
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.77.0/24
84.32.86.0/24
84.32.92.0/24
84.32.94.0/24
88.216.2.0/24
88.216.35.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/24
88.216.188.0/24
88.216.190.0/24
88.216.198.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:84:31:d3:b2:a6:f3:00:a9:21:e6:94:c4:e2:c7:12:b7:b5:
73:a5:e7:e6:8d:42:48:e9:5f:68:28:f2:2c:56:a4:24:23:74:
40:0e:9d:7d:07:43:13:2e:a5:a4:05:c2:6a:12:2c:75:93:80:
05:19:e2:9c:eb:3c:01:11:d5:97:a6:27:58:80:ab:c8:eb:ee:
00:9e:56:bf:19:cc:57:53:0f:d2:d1:a0:2d:d0:62:8e:8c:cd:
31:52:fe:79:db:fc:5c:25:d1:7e:f9:a5:f7:3b:27:73:f8:53:
55:bb:a2:88:07:fc:85:7f:db:0d:70:b3:0c:f9:03:18:43:e0:
b7:ec:b6:3e:fa:78:03:aa:9f:f4:ca:3a:00:a6:4f:76:6b:c9:
5d:60:93:b6:d9:ee:85:b3:ac:5b:c7:55:65:76:b0:88:35:29:
4e:d0:4f:49:be:24:69:1b:59:5c:d0:7c:61:f8:c1:67:50:1e:
93:58:3e:ab:33:7a:af:18:50:b1:df:a9:62:23:c5:8f:fa:a1:
d9:c4:d1:48:23:ba:7b:8a:48:eb:85:d7:1a:32:98:84:c1:d6:
94:a5:4b:96:37:84:6e:8f:52:71:3f:50:ea:ea:fc:ff:e4:8d:
28:b9:e1:98:bf:7d:44:86:9d:6c:19:20:cd:ba:8d:ea:58:c4:
27:8a:3c:9c
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYQkHtbgHvcTr8Ex+CgDmpfaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI5MTQyMTUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzNiN2U1ZjkwNTAxMDI1MzlmN2FhZGY3NWE0NjdlNzg0ZTc4NjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD3dyxqWZmSMoVF2TSrvO8lYZFoN
FIvpdzE8TEZzcES7kRrg+y6JBln24keqUcoIBkKjyeVWqpm5aLae/l0YM0rRoghK
pgunsYmay36YFraSOKLInm2ufZv6n36H81fBckMu8N+6yPkJszn0SfhLlgAyLxVz
Li7Rfc8HYoQgjBT8YPwo2MXjt2K8rJWwHteHenpL6SpLda0sc93qbVGKM72S1jPz
rPeWgCYIoGEUFFswoMC7ZewILZM39sFhYNe92+WiWb5U/VYJn2KQu9Oe1k3lSgCY
/C1C4wcj1roKOVaTE/0Voqa+WKFTzyF/9uSKYxXJ/nhC1QL/NKoin4NSRQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFPc7fl+QUBAlOfeq33WkZ+eE54YhMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOXp0LVg1QlFFQ1U1OTZyZmRhUm41NFRuaGlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBABU
IAcDBABUIA8DBABUICoDBABUICwDBAFUIC4DBABUIDEDBABUIDwDBABUID8wDAME
AFQgQQMEAFQgQgMEAFQgRAMEAFQgTQMEAFQgVgMEAFQgXAMEAFQgXgMEAFjYAgME
AFjYIwMEAFjYKAMEAFjYWwMEAFjYZgMEAFjYvAMEAFjYvgMEAFjYxjANBgkqhkiG
9w0BAQsFAAOCAQEAPoQx07Km8wCpIeaUxOLHEre1c6Xn5o1CSOlfaCjyLFakJCN0
QA6dfQdDEy6lpAXCahIsdZOABRninOs8ARHVl6YnWICryOvuAJ5WvxnMV1MP0tGg
LdBijozNMVL+edv8XCXRfvml9zsnc/hTVbuiiAf8hX/bDXCzDPkDGEPgt+y2Pvp4
A6qf9Mo6AKZPdmvJXWCTttnuhbOsW8dVZXawiDUpTtBPSb4kaRtZXNB8YfjBZ1Ae
k1g+qzN6rxhQsd+pYiPFj/qh2cTRSCO6e4pI64XXGjKYhMHWlKVLljeEbo9ScT9Q
6ur8/+SNKLnhmL99RIadbBkgzbqN6ljEJ4o8nA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org