Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BTjmN-mtU3B_Azfy6Z8hL-8XK0k.roa
File: BTjmN-mtU3B_Azfy6Z8hL-8XK0k.roa (raw, json)
Hash identifier: +EGo+aXtbabNgFJGN+nyTSzpGXWXwvCPQ/T8KDS67JQ=
Subject key identifier: 05:38:E6:37:E9:AD:53:70:7F:03:37:F2:E9:9F:21:2F:EF:17:2B:49
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01848046587B2BD3210EACEA2C4BB2941737
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BTjmN-mtU3B_Azfy6Z8hL-8XK0k.roa
Signing time: Wed 16 Nov 2022 11:50:04 +0000
ROA not before: Wed 16 Nov 2022 11:50:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.220.0/22 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:46:58:7b:2b:d3:21:0e:ac:ea:2c:4b:b2:94:17:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 16 11:50:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0538e637e9ad53707f0337f2e99f212fef172b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:0f:0a:c2:b9:a1:cd:3a:2b:7f:11:ff:b6:de:
c7:17:42:da:52:96:61:61:33:a8:9a:5c:7e:9d:07:
e9:f5:0a:fd:1b:e3:e0:b9:82:8d:4e:b4:64:35:db:
68:65:f1:6e:ed:99:6b:bd:a0:5e:d5:cc:a5:d8:b8:
c2:4b:b0:e5:87:3c:b1:bd:1e:31:57:14:ad:ee:5e:
b4:34:79:0e:a6:a3:70:4c:b7:10:05:49:a8:48:47:
51:3b:55:84:54:33:da:30:40:3e:0d:d4:d9:90:23:
4a:4d:73:f8:ab:71:65:c9:37:01:ff:2f:37:d2:26:
6f:9a:37:38:34:bc:48:79:a0:c9:3d:f1:e7:8f:ae:
62:b5:ca:35:4c:37:66:4d:2b:a6:67:49:6f:38:82:
2a:13:46:fc:ad:84:31:86:a5:fc:03:9c:18:dd:89:
02:06:01:54:de:6d:4c:80:ef:06:63:97:26:41:51:
c5:36:88:f5:f2:be:b2:60:c1:37:ee:45:43:d4:92:
11:4f:30:18:a8:1c:5e:e3:da:2b:b1:73:1c:52:03:
74:15:68:fa:41:9b:fb:23:4e:ed:c9:75:9e:3d:a3:
7a:66:94:da:d3:1a:8b:ce:72:08:3c:0d:dc:3b:dd:
01:cc:35:00:9f:6a:75:83:82:27:be:ef:39:b6:2c:
46:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:38:E6:37:E9:AD:53:70:7F:03:37:F2:E9:9F:21:2F:EF:17:2B:49
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BTjmN-mtU3B_Azfy6Z8hL-8XK0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.40.0/22
84.32.88.0/24
84.32.220.0-84.32.224.255
88.216.40.0/24
88.216.187.0/24
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
66:3c:cb:25:6a:b1:1c:2a:bd:b7:9b:cb:79:b0:47:d1:86:9b:
5f:7b:eb:2f:e6:96:a0:52:79:f1:4e:e8:07:30:5a:58:a9:bf:
13:2c:43:27:b4:6b:0a:a5:88:b6:58:71:fd:06:19:ca:28:e0:
df:a8:38:c2:9d:ae:2e:68:74:cb:41:04:0a:22:97:86:85:0f:
23:f6:37:b4:d1:64:39:f3:c8:e7:a0:9e:2e:4b:90:84:82:98:
e8:18:97:74:e7:e7:d0:49:d5:4e:12:d0:c7:1d:47:a2:15:f8:
4f:ce:7f:48:88:10:52:39:7e:de:2b:1f:fc:ed:f4:98:2a:db:
15:46:e0:81:af:1b:5f:1e:c4:db:d6:8e:10:65:d3:da:8f:20:
ab:0b:82:dc:35:8b:f8:6c:e0:3d:d6:96:30:56:da:c3:76:b8:
9b:cb:50:fc:bc:22:3f:f2:49:fa:83:bf:db:c4:5f:6d:96:fa:
d5:93:fc:a2:ed:87:d3:92:c8:d0:fa:b0:bf:44:38:b7:22:12:
1d:6e:39:35:07:ba:32:f3:e3:9b:f7:b4:d9:17:b6:17:57:cc:
a2:68:a9:50:cd:78:f2:10:9e:49:03:91:f7:68:bb:bd:72:c7:
75:8d:18:69:a5:8d:3a:af:17:c1:63:23:21:49:c8:7c:ea:24:
d0:92:6b:75
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYSARlh7K9MhDqzqLEuylBc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE2MTE1MDA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTM4ZTYzN2U5YWQ1MzcwN2YwMzM3ZjJlOTlmMjEyZmVmMTcyYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtw8KwrmhzTorfxH/tt7HF0LaUpZh
YTOomlx+nQfp9Qr9G+PguYKNTrRkNdtoZfFu7ZlrvaBe1cyl2LjCS7DlhzyxvR4x
VxSt7l60NHkOpqNwTLcQBUmoSEdRO1WEVDPaMEA+DdTZkCNKTXP4q3FlyTcB/y83
0iZvmjc4NLxIeaDJPfHnj65itco1TDdmTSumZ0lvOIIqE0b8rYQxhqX8A5wY3YkC
BgFU3m1MgO8GY5cmQVHFNoj18r6yYME37kVD1JIRTzAYqBxe49orsXMcUgN0FWj6
QZv7I07tyXWePaN6ZpTa0xqLznIIPA3cO90BzDUAn2p1g4Invu85tixG5QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFAU45jfprVNwfwM38umfIS/vFytJMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQlRqbU4tbXRVM0JfQXpmeTZaOGhMLThYSzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBYMAwDBAJUINwDBABUIOADBABY2CgDBABY2LsDBAJY2Pgw
DQYJKoZIhvcNAQELBQADggEBAGY8yyVqsRwqvbeby3mwR9GGm1976y/mlqBSefFO
6AcwWlipvxMsQye0awqliLZYcf0GGcoo4N+oOMKdri5odMtBBAoil4aFDyP2N7TR
ZDnzyOegni5LkISCmOgYl3Tn59BJ1U4S0McdR6IV+E/Of0iIEFI5ft4rH/zt9Jgq
2xVG4IGvG18exNvWjhBl09qPIKsLgtw1i/hs4D3WljBW2sN2uJvLUPy8Ij/ySfqD
v9vEX22W+tWT/KLth9OSyND6sL9EOLciEh1uOTUHujLz45v3tNkXthdXzKJoqVDN
ePIQnkkDkfdou71yx3WNGGmljTqvF8FjIyFJyHzqJNCSa3U=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org