Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B5zee69uEBml4U4dqb4MottlB0o.roa
File: B5zee69uEBml4U4dqb4MottlB0o.roa (raw, json)
Hash identifier: AeMcvkTesqMdL3XvHvINdw17Kpfyi2c8ZeRb5MLExrc=
Subject key identifier: 07:9C:DE:7B:AF:6E:10:19:A5:E1:4E:1D:A9:BE:0C:A2:DB:65:07:4A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01823E395DF35089D1580FB837AEB042F048
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B5zee69uEBml4U4dqb4MottlB0o.roa
Signing time: Wed 27 Jul 2022 05:55:23 +0000
ROA not before: Wed 27 Jul 2022 05:55:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:39:5d:f3:50:89:d1:58:0f:b8:37:ae:b0:42:f0:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 27 05:55:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=079cde7baf6e1019a5e14e1da9be0ca2db65074a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f0:aa:32:ae:36:d1:d2:80:58:b3:da:d7:be:
7e:64:b6:30:25:c7:30:4f:25:31:27:45:db:f8:5b:
33:2c:f6:43:e3:03:50:50:2e:4e:5d:04:c0:6e:83:
d8:c2:cc:54:ca:2b:d6:35:45:58:2e:5f:97:ab:81:
e5:2c:b0:b2:14:a2:2b:f1:73:f6:8c:bb:a4:0a:74:
ec:95:02:21:f9:61:36:05:96:9e:3d:37:72:0b:de:
60:34:46:86:8c:68:f0:b7:ed:3c:e1:f9:c3:82:b7:
a0:05:0d:9a:00:27:aa:0f:34:21:8e:bb:e3:72:2b:
cb:45:46:f9:15:40:11:85:d6:d4:ba:80:21:c1:72:
ef:3a:e8:e0:0e:61:f6:5a:fc:72:56:4d:0c:69:e0:
f2:5f:ed:55:48:f9:de:34:34:9d:ea:c4:e2:01:19:
53:0d:bc:68:13:64:ab:6c:e7:60:8d:5a:57:ca:95:
c1:3b:bb:2d:8d:fd:c1:fc:7d:b3:04:4b:b3:89:c2:
22:28:a9:59:be:63:ff:8e:bb:3d:d0:0e:db:d3:1a:
35:23:a9:f8:9f:b5:1d:fd:33:99:ef:99:30:c7:24:
f7:e8:66:68:23:c9:f7:1f:f4:c4:c8:1a:70:77:07:
ff:43:b9:95:ac:95:ec:e8:67:0b:98:51:af:d1:23:
8f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:9C:DE:7B:AF:6E:10:19:A5:E1:4E:1D:A9:BE:0C:A2:DB:65:07:4A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/B5zee69uEBml4U4dqb4MottlB0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/22
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0/23
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/24
88.216.90.0/24
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
37:67:6b:bb:62:bd:8c:e8:a3:31:42:06:f1:4f:51:5b:e0:af:
47:11:2b:6d:1e:d5:2e:8e:3d:62:79:5e:6d:6c:33:7d:47:82:
96:4c:2f:39:31:a8:21:7d:da:36:48:5e:a8:81:88:d6:9f:7c:
9f:b3:08:15:ae:44:b7:e9:e4:16:51:0b:59:8e:31:f2:b9:71:
0f:45:3a:b8:90:ea:2c:95:14:d3:77:b5:ad:fb:d2:ca:ab:bc:
d5:8f:8d:e6:60:3a:2a:b2:d0:76:63:4e:e7:1e:b9:23:6c:44:
ec:63:6a:ab:74:31:5b:bc:3a:28:06:2c:8e:d5:b2:7a:86:6a:
07:88:b5:b3:db:51:92:9a:4d:42:6f:7e:c1:e0:21:c2:65:c3:
7d:b0:50:3c:ce:8a:45:27:67:f5:68:d5:1a:f2:95:78:e9:8a:
c6:05:7e:b8:fe:e0:b9:e2:a5:38:1e:a1:53:50:0c:ed:62:c9:
c8:2c:b4:45:1a:99:46:a1:0e:67:38:b1:72:59:e7:79:38:7a:
63:7d:25:fb:ad:48:81:39:e3:88:2d:8d:77:ca:48:79:39:29:
b9:cc:34:2c:78:96:55:7b:9c:c0:4c:5e:f6:9e:33:42:37:c8:
c3:bb:df:b6:f1:e9:43:37:c8:fa:5a:83:7e:25:4d:e3:15:c2:
4c:e8:ea:25
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYI+OV3zUInRWA+4N66wQvBIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwNzI3MDU1NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzljZGU3YmFmNmUxMDE5YTVlMTRlMWRhOWJlMGNhMmRiNjUwNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfCqMq420dKAWLPa175+ZLYwJccw
TyUxJ0Xb+FszLPZD4wNQUC5OXQTAboPYwsxUyivWNUVYLl+Xq4HlLLCyFKIr8XP2
jLukCnTslQIh+WE2BZaePTdyC95gNEaGjGjwt+084fnDgregBQ2aACeqDzQhjrvj
civLRUb5FUARhdbUuoAhwXLvOujgDmH2WvxyVk0MaeDyX+1VSPneNDSd6sTiARlT
DbxoE2SrbOdgjVpXypXBO7stjf3B/H2zBEuzicIiKKlZvmP/jrs90A7b0xo1I6n4
n7Ud/TOZ75kwxyT36GZoI8n3H/TEyBpwdwf/Q7mVrJXs6GcLmFGv0SOPLQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAec3nuvbhAZpeFOHam+DKLbZQdKMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQjV6ZWU2OXVFQm1sNFU0ZHFiNE1vdHRsQjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCVCAIAwQD
VCAYAwQDVCAoAwQDVCBAAwQBVCBSAwQCWNgAAwQAWNgQMAwDBABY2BMDBANY2BAD
BABY2CADBABY2C4DBABY2FoDBAJY2MQwDAMEAFjY0QMEA1jY0DANBgkqhkiG9w0B
AQsFAAOCAQEAN2dru2K9jOijMUIG8U9RW+CvRxErbR7VLo49YnlebWwzfUeClkwv
OTGoIX3aNkheqIGI1p98n7MIFa5Et+nkFlELWY4x8rlxD0U6uJDqLJUU03e1rfvS
yqu81Y+N5mA6KrLQdmNO5x65I2xE7GNqq3QxW7w6KAYsjtWyeoZqB4i1s9tRkppN
Qm9+weAhwmXDfbBQPM6KRSdn9WjVGvKVeOmKxgV+uP7gueKlOB6hU1AM7WLJyCy0
RRqZRqEOZzixclnneTh6Y30l+61IgTnjiC2Nd8pIeTkpucw0LHiWVXucwExe9p4z
QjfIw7vftvHpQzfI+lqDfiVN4xXCTOjqJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org