Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5InKF5tO8WyN5L2QdkDdhhnqBs.roa
File: A5InKF5tO8WyN5L2QdkDdhhnqBs.roa (raw, json)
Hash identifier: mH2mHT7sizKDUVIxKb62+UTOKUGN2fxOHNZ1EsecBkU=
Subject key identifier: 03:92:27:28:5E:6D:3B:C5:B2:37:92:F6:41:D9:03:76:18:67:A8:1B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01846140BFB92D247E3D14A0893ADE6370CC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5InKF5tO8WyN5L2QdkDdhhnqBs.roa
Signing time: Thu 10 Nov 2022 11:15:44 +0000
ROA not before: Thu 10 Nov 2022 11:15:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.212.0/22 maxlen: 24
84.32.210.0/23 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.228.0/22 maxlen: 24
84.32.232.0/23 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
84.32.236.0/23 maxlen: 24
88.216.244.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.252.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:40:bf:b9:2d:24:7e:3d:14:a0:89:3a:de:63:70:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 10 11:15:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=039227285e6d3bc5b23792f641d903761867a81b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:50:89:da:ce:7e:ab:9e:bd:27:cb:1c:f2:34:
61:f2:fb:0c:17:d5:68:09:31:e8:c2:b8:02:e8:e8:
2b:45:64:88:e7:2f:f5:70:f9:eb:4d:2e:a1:e7:6e:
2b:74:bb:7a:1b:19:e8:5f:5c:5d:f5:4f:17:22:b4:
9b:f1:eb:85:6e:2e:d4:7f:69:cb:74:52:8d:1a:92:
01:7e:77:fd:7e:28:f9:f3:05:7c:6b:c4:ce:80:03:
f0:61:94:4f:00:63:e2:24:e1:0e:02:3b:4f:f2:d4:
47:c1:a3:63:67:74:35:cb:64:db:8a:97:92:d8:31:
8a:b4:ad:47:36:4d:43:dc:60:8b:af:5e:2e:5d:31:
fb:01:ca:6b:fe:e1:e9:14:bc:37:88:90:79:5a:04:
5a:3a:e7:3e:7a:3a:20:4e:a2:ee:29:df:f8:7f:4e:
f8:3c:1a:b5:62:df:32:a4:25:5f:62:cf:e2:0c:55:
fb:5c:3c:ee:e1:45:1a:a5:9f:0e:3b:2e:ea:7b:a4:
2d:7a:6a:d6:f5:83:a5:69:44:2f:d9:26:9b:99:7e:
98:bf:39:90:4a:be:10:39:bf:24:eb:ac:72:c9:6a:
29:0a:c1:21:15:cc:ce:aa:04:9f:95:19:4a:25:e7:
0a:ae:37:4d:2b:73:86:f2:72:c3:2e:c2:53:3a:8d:
82:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:92:27:28:5E:6D:3B:C5:B2:37:92:F6:41:D9:03:76:18:67:A8:1B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A5InKF5tO8WyN5L2QdkDdhhnqBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/22
84.32.214.0/23
84.32.232.0/23
84.32.236.0/23
84.32.246.0/23
84.32.252.0/23
88.216.212.0/22
88.216.228.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
32:25:07:19:42:9b:41:eb:e1:5f:63:7a:d6:52:44:5b:27:c4:
55:cc:5f:40:3f:85:05:d5:12:d0:69:51:81:96:79:f1:e6:c8:
6e:72:f5:f7:5b:ad:d2:02:dd:51:70:dd:98:1f:75:9f:e1:ef:
d5:bf:d9:fe:3c:0f:60:ef:32:e4:24:e8:76:6f:bc:70:7c:53:
0b:6a:94:bc:e6:a0:c0:6b:1e:ee:83:85:31:85:50:32:2c:55:
a4:29:f2:6b:31:f7:b4:6e:6d:85:47:22:cf:d9:eb:07:34:b5:
5c:0c:9a:8c:38:9c:8b:55:08:f7:9f:e6:3c:d4:35:27:0a:08:
00:d0:ed:16:58:9b:8d:f5:44:9b:d6:07:77:54:d6:6d:ba:4c:
9e:c6:a4:6d:92:05:a6:a4:cc:44:20:2f:94:b2:ba:87:23:7c:
73:b2:16:7b:67:bc:83:a1:39:ab:4d:d3:8e:36:31:81:e1:e1:
fb:3a:17:4c:4e:74:78:c0:7f:e0:7e:8f:4b:62:f1:1f:58:77:
c5:64:3d:0c:b4:fe:59:24:f4:e8:f9:35:70:5c:bf:bf:37:b6:
7c:ae:39:32:05:17:b1:72:f5:6d:97:26:9b:9d:86:70:2d:f4:
bf:fe:32:7b:c6:e7:89:48:00:db:d9:54:6e:22:ab:40:c1:3b:
ae:f5:7b:cc
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYRhQL+5LSR+PRSgiTreY3DMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTEwMTExNTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzkyMjcyODVlNmQzYmM1YjIzNzkyZjY0MWQ5MDM3NjE4NjdhODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVCJ2s5+q569J8sc8jRh8vsMF9Vo
CTHowrgC6OgrRWSI5y/1cPnrTS6h524rdLt6GxnoX1xd9U8XIrSb8euFbi7Uf2nL
dFKNGpIBfnf9fij58wV8a8TOgAPwYZRPAGPiJOEOAjtP8tRHwaNjZ3Q1y2TbipeS
2DGKtK1HNk1D3GCLr14uXTH7Acpr/uHpFLw3iJB5WgRaOuc+ejogTqLuKd/4f074
PBq1Yt8ypCVfYs/iDFX7XDzu4UUapZ8OOy7qe6QtemrW9YOlaUQv2SabmX6YvzmQ
Sr4QOb8k66xyyWopCsEhFczOqgSflRlKJecKrjdNK3OG8nLDLsJTOo2CRQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFAOSJyhebTvFsjeS9kHZA3YYZ6gbMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQTVJbktGNXRPOFd5TjVMMlFka0RkaGhucUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCVCDQAwQB
VCDWAwQBVCDoAwQBVCDsAwQBVCD2AwQBVCD8AwQCWNjUAwQCWNjkMAwDBAJY2OwD
BANY2PAwDQYJKoZIhvcNAQELBQADggEBADIlBxlCm0Hr4V9jetZSRFsnxFXMX0A/
hQXVEtBpUYGWefHmyG5y9fdbrdIC3VFw3ZgfdZ/h79W/2f48D2DvMuQk6HZvvHB8
UwtqlLzmoMBrHu6DhTGFUDIsVaQp8msx97RubYVHIs/Z6wc0tVwMmow4nItVCPef
5jzUNScKCADQ7RZYm431RJvWB3dU1m26TJ7GpG2SBaakzEQgL5SyuocjfHOyFntn
vIOhOatN0442MYHh4fs6F0xOdHjAf+B+j0ti8R9Yd8VkPQy0/lkk9Oj5NXBcv783
tnyuOTIFF7Fy9W2XJpudhnAt9L/+MnvG54lIANvZVG4iq0DBO671e8w=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:28 2023 by rpki-client on console-ams.rpki-client.org