Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C40ci2zIhlYZd1x_85A1U_n5ZMI.roa
File: C40ci2zIhlYZd1x_85A1U_n5ZMI.roa (raw, json)
Hash identifier: WRrbtc21gkQ920e1IgRACrZdR+ZXXp0qZWeCgW2R5oQ=
Subject key identifier: 0B:8D:1C:8B:6C:C8:86:56:19:77:5C:7F:F3:90:35:53:F9:F9:64:C2
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184241FC06F2CE58D19B58B6761696AB5D4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C40ci2zIhlYZd1x_85A1U_n5ZMI.roa
Signing time: Sat 29 Oct 2022 14:22:51 +0000
ROA not before: Sat 29 Oct 2022 14:22:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.41.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:24:1f:c0:6f:2c:e5:8d:19:b5:8b:67:61:69:6a:b5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 29 14:22:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b8d1c8b6cc8865619775c7ff3903553f9f964c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:5e:cc:d6:bf:51:8b:ef:39:8f:3d:28:72:61:
65:de:04:5e:8c:2e:cb:5c:e2:6f:40:e2:25:dc:a6:
ad:8f:c5:15:62:5a:33:bc:36:3a:45:23:2c:77:88:
2b:9b:32:8c:d1:79:86:22:db:1a:33:35:ee:2a:ac:
0c:5e:3c:70:54:cf:4b:0a:9a:05:f1:2f:2e:a8:81:
b2:b4:f6:c9:78:ed:ab:60:d4:bc:3c:95:43:81:62:
0c:ce:f7:ec:97:9f:df:4f:dc:8d:30:68:1e:f9:b6:
84:5c:f2:2a:fc:71:90:ca:87:3c:35:ca:c3:30:11:
7c:43:05:3d:60:8c:5d:75:43:2f:8f:4f:48:08:c6:
ad:73:45:76:01:30:34:0a:5c:23:58:69:de:c8:32:
9b:17:92:43:f3:01:99:21:bb:fa:0d:04:bf:a0:d1:
5d:91:da:67:4d:c1:20:7c:ac:76:c7:1f:36:e3:3f:
57:3a:0d:56:ed:3c:a6:65:09:b0:84:0e:93:6c:68:
63:c2:b8:bf:26:94:49:49:b1:07:e0:c7:c4:08:e0:
8e:93:4e:ab:c7:d3:fc:d1:b8:aa:bd:6d:d6:88:54:
4b:0b:23:46:25:df:07:3c:c1:a3:06:3e:05:9f:51:
ba:e0:62:c1:e8:d8:04:7d:a3:fe:e2:0a:4b:4a:39:
56:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:8D:1C:8B:6C:C8:86:56:19:77:5C:7F:F3:90:35:53:F9:F9:64:C2
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/C40ci2zIhlYZd1x_85A1U_n5ZMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.41.0/24
84.32.48.0/24
84.32.50.0/23
84.32.58.0/24
84.32.71.0/24
84.32.93.0/24
88.216.199.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
51:2b:89:10:57:99:8f:99:4e:18:bf:ae:e3:5c:d6:1f:97:21:
af:9b:0f:8e:8f:25:e2:57:42:c6:91:1f:b8:0d:89:f5:b4:b9:
4f:d3:92:13:d8:86:b5:bc:4c:af:f8:03:44:e2:ca:27:48:a6:
63:f8:8d:ae:c4:ed:66:9b:f6:b4:9c:f0:fe:e5:86:44:da:b9:
f5:47:95:07:2a:9b:08:96:59:15:e0:70:bb:f4:3a:f0:1a:9a:
08:d5:02:65:57:63:b4:c6:2a:ad:32:ab:c0:74:81:d6:a6:5e:
e2:f4:ed:58:27:97:75:1b:60:f5:0b:13:e7:e8:81:b9:31:9e:
f6:7d:6c:1f:04:da:8d:6b:37:8a:08:e8:c7:1b:ec:44:aa:88:
34:3e:d4:fc:18:32:d9:48:6d:21:21:7e:27:f7:d7:8a:20:54:
86:d0:eb:b0:5a:33:d2:4b:61:be:87:ad:72:1c:a9:87:94:04:
2e:13:c3:ea:e8:ab:1b:b1:0b:93:21:4e:92:c2:c5:a7:00:cb:
79:37:af:89:a7:3b:96:26:09:b3:85:b1:2c:c9:5f:11:dd:d0:
29:03:27:23:04:52:f9:f0:79:98:ce:fb:7c:fa:bf:67:d9:78:
1d:cb:c9:98:61:78:fb:e5:54:c7:45:83:21:5b:51:c6:d8:88:
0d:3f:f8:53
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYQkH8BvLOWNGbWLZ2FparXUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI5MTQyMjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjhkMWM4YjZjYzg4NjU2MTk3NzVjN2ZmMzkwMzU1M2Y5Zjk2NGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkl7M1r9Ri+85jz0ocmFl3gRejC7L
XOJvQOIl3Katj8UVYlozvDY6RSMsd4grmzKM0XmGItsaMzXuKqwMXjxwVM9LCpoF
8S8uqIGytPbJeO2rYNS8PJVDgWIMzvfsl5/fT9yNMGge+baEXPIq/HGQyoc8NcrD
MBF8QwU9YIxddUMvj09ICMatc0V2ATA0ClwjWGneyDKbF5JD8wGZIbv6DQS/oNFd
kdpnTcEgfKx2xx824z9XOg1W7TymZQmwhA6TbGhjwri/JpRJSbEH4MfECOCOk06r
x9P80biqvW3WiFRLCyNGJd8HPMGjBj4Fn1G64GLB6NgEfaP+4gpLSjlWVQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAuNHItsyIZWGXdcf/OQNVP5+WTCMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQzQwY2kyeklobFlaZDF4Xzg1QTFVX241Wk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCApAwQA
VCAwAwQBVCAyAwQAVCA6AwQAVCBHAwQAVCBdAwQAWNjHAwQAWNjfMA0GCSqGSIb3
DQEBCwUAA4IBAQBRK4kQV5mPmU4Yv67jXNYflyGvmw+OjyXiV0LGkR+4DYn1tLlP
05IT2Ia1vEyv+ANE4sonSKZj+I2uxO1mm/a0nPD+5YZE2rn1R5UHKpsIllkV4HC7
9DrwGpoI1QJlV2O0xiqtMqvAdIHWpl7i9O1YJ5d1G2D1CxPn6IG5MZ72fWwfBNqN
azeKCOjHG+xEqog0PtT8GDLZSG0hIX4n99eKIFSG0OuwWjPSS2G+h61yHKmHlAQu
E8Pq6KsbsQuTIU6SwsWnAMt5N6+JpzuWJgmzhbEsyV8R3dApAycjBFL58HmYzvt8
+r9n2Xgdy8mYYXj75VTHRYMhW1HG2IgNP/hT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org