Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D6PnRXu5XSKkvlutSGELfvBwgNQ.roa
File: D6PnRXu5XSKkvlutSGELfvBwgNQ.roa (raw, json)
Hash identifier: w4xeUp7cnfhJjg3ZIn42GyDKUuI21q4E5OK7gXLGdJQ=
Subject key identifier: 0F:A3:E7:45:7B:B9:5D:22:A4:BE:5B:AD:48:61:0B:7E:F0:70:80:D4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849E17472989BD6690BE8CDF634F496C97
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D6PnRXu5XSKkvlutSGELfvBwgNQ.roa
Signing time: Tue 22 Nov 2022 06:47:16 +0000
ROA not before: Tue 22 Nov 2022 06:47:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:17:47:29:89:bd:66:90:be:8c:df:63:4f:49:6c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 22 06:47:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0fa3e7457bb95d22a4be5bad48610b7ef07080d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:36:83:cf:3d:fe:14:ef:2b:0e:2e:0e:26:41:
fe:89:51:e1:c6:ac:c2:6a:de:59:b9:67:91:0d:16:
f3:40:90:07:3a:8f:c6:66:46:27:ca:fe:02:48:3a:
8d:ff:86:1b:62:2a:3d:5a:a7:fa:dc:18:8b:cc:d4:
2f:89:c4:27:40:82:b0:97:db:49:dc:d4:70:b8:27:
12:88:50:bf:fa:f2:cb:73:a3:0a:ea:ee:9d:5c:bc:
4b:bd:a9:09:16:cf:46:d6:8e:3e:3a:3e:6b:ff:d9:
24:35:20:d8:07:d4:df:83:bc:a2:a5:8a:fd:65:d7:
35:1c:61:f0:9b:bb:8e:86:34:d2:7b:23:3f:98:e0:
10:2b:34:f2:3d:6f:e0:cd:fb:4a:3d:53:c4:68:e4:
b8:ec:f3:b9:5d:49:b5:12:8d:62:c4:12:06:0e:45:
4e:23:2d:69:f6:7e:cb:37:47:24:11:f3:8d:34:ef:
11:be:e4:ec:d0:ef:26:74:79:15:7b:8b:e9:ab:a7:
6c:79:b6:f6:84:47:68:92:b5:9a:21:73:2d:40:95:
de:f3:31:d4:2f:81:3b:e2:61:08:f5:8d:c8:73:50:
6f:51:45:58:5a:82:ce:65:3a:7d:46:b6:25:34:80:
ea:6f:1a:6e:78:01:29:13:3f:b2:3e:7e:55:53:d7:
8c:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:A3:E7:45:7B:B9:5D:22:A4:BE:5B:AD:48:61:0B:7E:F0:70:80:D4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/D6PnRXu5XSKkvlutSGELfvBwgNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.42.0/24
84.32.44.0/24
84.32.46.0/23
84.32.49.0/24
84.32.60.0/24
84.32.63.0/24
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.2.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/23
88.216.188.0/24
88.216.190.0/23
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
83:96:c5:78:b3:4b:46:da:90:ec:ff:25:5e:0e:04:20:50:b0:
53:1a:a4:d4:13:ef:4d:26:ac:27:ce:c6:7c:ae:2a:5b:57:69:
86:9b:6e:7d:27:a3:4b:eb:57:d7:f7:e9:25:e1:3f:d4:80:e1:
76:a7:ad:23:35:d2:d5:b0:49:10:84:43:6c:39:08:ca:b5:d5:
98:d9:68:47:7f:05:d2:9c:79:6b:70:be:b9:b3:3f:f0:aa:92:
26:1a:39:4b:73:4e:7b:9e:46:d7:a0:25:51:d3:40:b3:f7:3c:
b9:fa:75:b6:60:16:6e:d8:6a:96:45:49:37:81:dd:73:29:6b:
6b:cb:5f:7d:36:da:6b:13:8b:98:6a:f6:60:5b:fa:85:96:98:
70:19:60:04:2e:61:a8:d9:9b:c8:a8:47:93:c8:22:44:ed:19:
52:65:2c:96:c7:cf:f9:b5:08:5c:61:83:1d:24:fc:70:11:84:
4c:b9:6e:ff:43:1b:e2:8c:0e:1f:14:ef:ca:cb:2b:08:b5:06:
8e:88:94:ea:0e:e7:33:42:97:b1:a0:94:21:e3:c0:d4:56:b0:
50:5f:f9:cb:ad:89:ff:13:c6:14:e4:6f:86:21:ad:a4:b5:d8:
72:62:f1:c3:94:fa:08:68:89:80:7a:23:f1:27:54:7e:61:23:
d2:c5:86:5f
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYSeF0cpib1mkL6M32NPSWyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIyMDY0NzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmEzZTc0NTdiYjk1ZDIyYTRiZTViYWQ0ODYxMGI3ZWYwNzA4MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjaDzz3+FO8rDi4OJkH+iVHhxqzC
at5ZuWeRDRbzQJAHOo/GZkYnyv4CSDqN/4YbYio9Wqf63BiLzNQvicQnQIKwl9tJ
3NRwuCcSiFC/+vLLc6MK6u6dXLxLvakJFs9G1o4+Oj5r/9kkNSDYB9Tfg7yipYr9
Zdc1HGHwm7uOhjTSeyM/mOAQKzTyPW/gzftKPVPEaOS47PO5XUm1Eo1ixBIGDkVO
Iy1p9n7LN0ckEfONNO8RvuTs0O8mdHkVe4vpq6dsebb2hEdokrWaIXMtQJXe8zHU
L4E74mEI9Y3Ic1BvUUVYWoLOZTp9RrYlNIDqbxpueAEpEz+yPn5VU9eMcQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFA+j50V7uV0ipL5brUhhC37wcIDUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRDZQblJYdTVYU0trdmx1dFNHRUxmdkJ3Z05RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBABU
IA8DBABUICoDBABUICwDBAFUIC4DBABUIDEDBABUIDwDBABUID8wDAMEAFQgQQME
AFQgQgMEAFQgRAMEAFQgVgMEAFQgWgMEAFQgXAMEAFQgXgMEAFQg4QMEAFQg4wME
AFQg/wMEAFjYAgMEAFjYKAMEAFjYWwMEAVjYZgMEAFjYvAMEAVjYvgMEAFjYxgME
AFjY0TANBgkqhkiG9w0BAQsFAAOCAQEAg5bFeLNLRtqQ7P8lXg4EIFCwUxqk1BPv
TSasJ87GfK4qW1dphptufSejS+tX1/fpJeE/1IDhdqetIzXS1bBJEIRDbDkIyrXV
mNloR38F0px5a3C+ubM/8KqSJho5S3NOe55G16AlUdNAs/c8ufp1tmAWbthqlkVJ
N4Hdcylra8tffTbaaxOLmGr2YFv6hZaYcBlgBC5hqNmbyKhHk8giRO0ZUmUslsfP
+bUIXGGDHST8cBGETLlu/0Mb4owOHxTvyssrCLUGjoiU6g7nM0KXsaCUIePA1Faw
UF/5y62J/xPGFORvhiGtpLXYcmLxw5T6CGiJgHoj8SdUfmEj0sWGXw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:45 2023 by rpki-client on console-fra.rpki-client.org