Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CgCEUGWzAItLzc2t9z_vY7PQo-A.roa
File: CgCEUGWzAItLzc2t9z_vY7PQo-A.roa (raw, json)
Hash identifier: BhIEjbNmrB+THw8y4To7wpp+HTZEJEYqkgeB2WGGKNs=
Subject key identifier: 0A:00:84:50:65:B3:00:8B:4B:CD:CD:AD:F7:3F:EF:63:B3:D0:A3:E0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184BF2F0B4AD8D97B2BEDF5D1E1776002DA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CgCEUGWzAItLzc2t9z_vY7PQo-A.roa
Signing time: Mon 28 Nov 2022 17:00:42 +0000
ROA not before: Mon 28 Nov 2022 17:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
84.32.91.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:bf:2f:0b:4a:d8:d9:7b:2b:ed:f5:d1:e1:77:60:02:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 28 17:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a00845065b3008b4bcdcdadf73fef63b3d0a3e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:43:5f:d9:06:c5:36:ad:bd:10:4c:c3:e1:e0:
ee:3a:75:89:a6:bc:1e:c1:55:cd:f3:28:93:b1:9c:
a9:35:0e:d7:c8:24:c5:38:41:6f:d1:2d:8b:06:00:
9b:a8:d0:76:46:ed:ac:50:e6:82:9a:af:8e:c1:2e:
ab:9d:4b:14:d4:6d:c2:00:cf:08:ee:2e:8b:34:8b:
93:fb:0a:6d:83:bb:cd:35:43:7a:2a:cc:f7:08:17:
b3:6c:9f:92:d6:3e:fb:71:e8:30:03:52:78:3a:80:
c6:6d:df:41:a8:29:66:c9:4b:f8:08:25:2d:1e:b2:
05:6d:1c:19:25:c3:74:08:d2:8a:a8:26:c1:d2:0c:
41:cd:c0:35:5d:53:37:38:d0:1e:b4:ce:a9:82:a7:
a0:37:08:78:b4:4e:40:1d:12:cd:bc:14:c1:0f:9a:
65:5c:82:ff:ad:16:ff:a6:62:8c:85:66:f2:b0:fb:
a8:f1:74:01:d4:da:ff:90:d6:e7:ef:38:f7:79:b1:
c2:8e:2b:a4:08:cc:44:ef:34:5d:49:a8:67:f6:5a:
88:bb:29:0d:61:92:f8:2f:4a:73:7a:3f:d1:b3:d3:
7e:52:0e:16:27:6c:17:f5:7b:b3:70:f8:b3:e6:fc:
71:d5:6a:ec:73:a8:ab:1e:a4:5e:88:a6:90:0d:a0:
09:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:00:84:50:65:B3:00:8B:4B:CD:CD:AD:F7:3F:EF:63:B3:D0:A3:E0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CgCEUGWzAItLzc2t9z_vY7PQo-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
84.32.67.0/24
84.32.85.0/24
84.32.91.0/24
84.32.241.0/24
88.216.37.0-88.216.39.255
88.216.101.0/24
88.216.130.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
72:68:95:d8:53:d1:12:97:4d:8b:f2:95:b0:66:61:7f:0e:6c:
0a:ab:d6:63:e4:1c:4e:43:e5:fc:b1:6b:e4:16:5d:22:30:e9:
42:0e:d3:00:c8:e8:df:f9:8b:1f:61:58:72:a1:82:84:5c:8d:
eb:6e:2a:d7:be:95:ef:5a:14:34:d6:2d:1a:bc:66:18:c4:c4:
89:fa:0f:5a:fc:9d:ef:99:d2:d9:29:7f:7b:3c:52:88:66:5c:
77:4d:81:41:23:0e:04:f5:d7:97:a6:aa:c0:ff:11:21:83:0a:
7c:75:8a:d9:e1:c5:74:3a:7f:2e:d0:ea:f3:8b:f0:56:49:f8:
81:7d:81:20:e0:d7:b0:0d:17:b4:11:fe:02:7a:10:45:ab:91:
da:0f:fe:9d:79:38:a5:9c:4d:6f:89:5a:68:6a:a9:7f:96:ae:
c0:d3:50:f9:ed:ce:36:38:8f:73:08:f0:7b:5d:8a:c5:e7:6b:
0c:e2:61:e7:52:99:79:e3:4c:cc:d4:10:9f:71:7f:e7:f2:77:
f6:35:e6:e3:37:49:41:ab:9e:d5:73:e3:0f:09:a5:d5:be:5a:
f3:01:15:dd:29:9c:a7:c9:48:42:cd:2b:60:92:4c:f0:89:b5:
a5:af:1a:64:46:e1:92:75:c8:55:40:6a:f8:08:b5:b9:3a:57:
71:45:91:14
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYS/LwtK2Nl7K+310eF3YALaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI4MTcwMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTAwODQ1MDY1YjMwMDhiNGJjZGNkYWRmNzNmZWY2M2IzZDBhM2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0Nf2QbFNq29EEzD4eDuOnWJprwe
wVXN8yiTsZypNQ7XyCTFOEFv0S2LBgCbqNB2Ru2sUOaCmq+OwS6rnUsU1G3CAM8I
7i6LNIuT+wptg7vNNUN6Ksz3CBezbJ+S1j77cegwA1J4OoDGbd9BqClmyUv4CCUt
HrIFbRwZJcN0CNKKqCbB0gxBzcA1XVM3ONAetM6pgqegNwh4tE5AHRLNvBTBD5pl
XIL/rRb/pmKMhWbysPuo8XQB1Nr/kNbn7zj3ebHCjiukCMxE7zRdSahn9lqIuykN
YZL4L0pzej/Rs9N+Ug4WJ2wX9XuzcPiz5vxx1Wrsc6irHqReiKaQDaAJVQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAoAhFBlswCLS83Nrfc/72Oz0KPgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ2dDRVVHV3pBSXRMemMydDl6X3ZZN1BRby1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAVCAnAwQA
VCA5AwQAVCBDAwQAVCBVAwQAVCBbAwQAVCDxMAwDBABY2CUDBANY2CADBABY2GUD
BABY2IIDBABY2LswDQYJKoZIhvcNAQELBQADggEBAHJoldhT0RKXTYvylbBmYX8O
bAqr1mPkHE5D5fyxa+QWXSIw6UIO0wDI6N/5ix9hWHKhgoRcjetuKte+le9aFDTW
LRq8ZhjExIn6D1r8ne+Z0tkpf3s8UohmXHdNgUEjDgT115emqsD/ESGDCnx1itnh
xXQ6fy7Q6vOL8FZJ+IF9gSDg17ANF7QR/gJ6EEWrkdoP/p15OKWcTW+JWmhqqX+W
rsDTUPntzjY4j3MI8HtdisXnawziYedSmXnjTMzUEJ9xf+fyd/Y15uM3SUGrntVz
4w8JpdW+WvMBFd0pnKfJSELNK2CSTPCJtaWvGmRG4ZJ1yFVAavgItbk6V3FFkRQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org