Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A6fMvGiqczIvIZ0w_ao6Ctc3kAU.roa
File: A6fMvGiqczIvIZ0w_ao6Ctc3kAU.roa (raw, json)
Hash identifier: YdLaEdo3ssmGgj0irV8bsMTBXhyAy41NK0JWeLS4mLc=
Subject key identifier: 03:A7:CC:BC:68:AA:73:32:2F:21:9D:30:FD:AA:3A:0A:D7:37:90:05
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184FB358AA5F18B8F7B57833B98288D572A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A6fMvGiqczIvIZ0w_ao6Ctc3kAU.roa
Signing time: Sat 10 Dec 2022 08:45:00 +0000
ROA not before: Sat 10 Dec 2022 08:45:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
84.32.220.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.42.0/24 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:35:8a:a5:f1:8b:8f:7b:57:83:3b:98:28:8d:57:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 10 08:45:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=03a7ccbc68aa73322f219d30fdaa3a0ad7379005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:09:d1:f7:1d:36:7a:22:74:28:4a:de:94:97:
72:89:d6:c1:25:c7:ff:84:b2:49:c7:16:ef:48:ed:
c3:a9:a3:a3:82:70:8a:27:13:f9:5a:58:1e:6c:db:
9b:5c:20:67:23:d7:fb:f4:86:e8:03:e2:54:21:eb:
cf:f2:53:c5:17:70:e4:7a:5d:f7:80:ec:fe:d4:c3:
75:bb:04:ad:d4:a9:84:17:64:4d:40:19:c1:d6:75:
f8:84:a3:bf:49:f4:2a:f4:77:5e:28:0e:11:96:4c:
25:79:f9:0e:73:eb:13:f0:91:26:9b:bc:4d:40:ac:
80:21:de:8b:5f:9c:88:e3:d2:1f:70:cc:c9:60:d2:
b6:10:8e:fd:0e:74:b1:d8:9c:6b:7b:cf:66:4f:50:
68:eb:42:ee:59:59:d4:5a:2c:56:2c:3d:ba:76:fa:
5f:87:35:2d:b9:70:6b:71:25:6f:8b:bf:5b:e4:39:
ec:1f:5f:b9:2b:5c:e0:1a:d0:1a:88:62:2c:ef:5d:
80:52:20:ca:47:2d:bb:89:5c:11:c3:25:c8:88:18:
b1:81:49:b5:62:65:72:a5:b8:04:f4:f8:84:c2:17:
34:c9:45:27:18:09:94:44:48:f7:50:dc:84:c1:76:
8b:00:1e:21:a2:95:7c:5b:b4:df:4d:32:5c:12:59:
06:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:A7:CC:BC:68:AA:73:32:2F:21:9D:30:FD:AA:3A:0A:D7:37:90:05
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/A6fMvGiqczIvIZ0w_ao6Ctc3kAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.90.0/23
84.32.178.0/23
84.32.212.0/24
84.32.220.0-84.32.222.255
88.216.42.0/24
88.216.44.0/23
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.135.0/24
88.216.224.0/22
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
30:69:f6:63:e2:f6:9c:54:0b:33:77:3e:a2:98:bd:21:25:4e:
d6:4b:aa:6b:5c:62:30:ff:62:50:da:0a:73:cc:94:40:2b:54:
89:83:d9:b7:45:ac:a4:5e:96:89:fc:e8:e9:bb:b9:97:5c:0e:
8e:67:54:dc:45:be:03:fa:3b:21:32:1d:b5:fd:14:3d:21:84:
ad:95:bc:5d:c8:bb:76:c6:f7:f6:10:c5:d2:2d:f3:4c:97:42:
68:04:a3:ec:d7:bc:59:48:a6:eb:4b:58:50:b2:43:dc:e7:1b:
4b:8b:38:5a:2d:57:d0:a9:37:4a:6d:90:7b:bc:9c:50:ec:a1:
bd:8f:4c:d6:8f:10:97:68:e7:bf:0e:99:5a:e1:be:6f:0d:aa:
5b:21:3e:30:a2:2b:8f:67:4a:35:c4:9c:15:35:11:af:7e:d5:
44:38:4d:ed:9b:54:16:3f:8d:23:28:e9:ce:65:df:3e:1c:a4:
53:95:24:ae:d2:cd:df:b9:b9:ce:18:62:55:a2:ac:c9:d0:96:
b4:56:07:90:9d:d6:60:a2:f5:ad:6c:bc:99:bf:64:28:54:40:
3b:47:74:6c:78:a8:7a:ba:9c:68:49:98:03:2a:ba:c3:8a:c0:
8c:1e:b2:09:f1:88:6e:fa:25:33:f4:eb:bd:14:ac:16:38:d9:
24:41:22:41
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYT7NYql8YuPe1eDO5gojVcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEwMDg0NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2E3Y2NiYzY4YWE3MzMyMmYyMTlkMzBmZGFhM2EwYWQ3Mzc5MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AnR9x02eiJ0KErelJdyidbBJcf/
hLJJxxbvSO3DqaOjgnCKJxP5WlgebNubXCBnI9f79IboA+JUIevP8lPFF3Dkel33
gOz+1MN1uwSt1KmEF2RNQBnB1nX4hKO/SfQq9HdeKA4RlkwlefkOc+sT8JEmm7xN
QKyAId6LX5yI49IfcMzJYNK2EI79DnSx2Jxre89mT1Bo60LuWVnUWixWLD26dvpf
hzUtuXBrcSVvi79b5DnsH1+5K1zgGtAaiGIs712AUiDKRy27iVwRwyXIiBixgUm1
YmVypbgE9PiEwhc0yUUnGAmUREj3UNyEwXaLAB4hopV8W7TfTTJcElkG1wIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAOnzLxoqnMyLyGdMP2qOgrXN5AFMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQTZmTXZHaXFjekl2SVowd19hbzZDdGMza0FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCVCAYAwQA
VCBPAwQBVCBaAwQBVCCyAwQAVCDUMAwDBAJUINwDBABUIN4DBABY2CoDBAFY2CwD
BABY2IAwDAMEAFjYgwMEAVjYhAMEAFjYhwMEAljY4AMEAljY+DANBgkqhkiG9w0B
AQsFAAOCAQEAMGn2Y+L2nFQLM3c+opi9ISVO1kuqa1xiMP9iUNoKc8yUQCtUiYPZ
t0WspF6Wifzo6bu5l1wOjmdU3EW+A/o7ITIdtf0UPSGErZW8Xci7dsb39hDF0i3z
TJdCaASj7Ne8WUim60tYULJD3OcbS4s4Wi1X0Kk3Sm2Qe7ycUOyhvY9M1o8Ql2jn
vw6ZWuG+bw2qWyE+MKIrj2dKNcScFTURr37VRDhN7ZtUFj+NIyjpzmXfPhykU5Uk
rtLN37m5zhhiVaKsydCWtFYHkJ3WYKL1rWy8mb9kKFRAO0d0bHioerqcaEmYAyq6
w4rAjB6yCfGIbvolM/TrvRSsFjjZJEEiQQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org