Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DBjzkk0mHVvEKUbl_-RG9H3JpQc.roa
File: DBjzkk0mHVvEKUbl_-RG9H3JpQc.roa (raw, json)
Hash identifier: i8DXI/lwMqK8ThzGUiCyNZNcCTTWmO9E3CWeLhdLQJs=
Subject key identifier: 0C:18:F3:92:4D:26:1D:5B:C4:29:46:E5:FF:E4:46:F4:7D:C9:A5:07
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184EB3F89C51BD0635FF16EB6AA69C7E433
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DBjzkk0mHVvEKUbl_-RG9H3JpQc.roa
Signing time: Wed 07 Dec 2022 06:22:00 +0000
ROA not before: Wed 07 Dec 2022 06:22:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 84.32.89.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:3f:89:c5:1b:d0:63:5f:f1:6e:b6:aa:69:c7:e4:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 7 06:22:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c18f3924d261d5bc42946e5ffe446f47dc9a507
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:79:a9:2b:64:cc:29:1b:a2:dd:5a:c2:69:
9e:6b:28:71:31:cb:c4:47:5f:1f:a8:11:26:3a:b1:
65:75:d3:4a:e0:cb:04:77:eb:06:b6:7f:b2:a9:2e:
90:d5:a7:0a:3d:e9:12:51:35:61:43:2c:1a:bf:08:
2c:9c:64:76:76:c4:24:44:7d:1f:b0:f6:bd:1a:b7:
ac:69:e1:ed:72:fd:e4:0d:ad:22:e8:8b:8e:71:b1:
c0:af:f1:c9:2c:37:25:8a:6d:71:bc:42:42:cf:e9:
5e:0c:24:78:57:d7:4a:3d:f2:36:d0:86:af:4c:d4:
09:10:74:c5:7a:eb:74:1f:b3:c7:f7:76:91:10:9d:
00:ca:bb:f6:b0:cc:58:fa:20:06:29:86:44:46:4b:
d3:72:43:5a:86:44:62:69:92:b5:07:14:20:af:b8:
e1:49:3b:d1:6e:c3:78:1f:ab:04:c1:eb:b6:44:cb:
44:d5:38:e7:28:af:c0:7b:a6:1e:8b:fa:77:26:5b:
f4:1f:15:cc:7b:aa:48:67:14:63:7a:8f:6b:3e:8d:
e9:11:ca:72:e1:80:6a:80:7a:a9:63:7e:9b:a8:31:
52:3b:d5:39:dc:10:9d:4e:dd:7c:a0:03:fa:98:13:
52:7f:b0:cb:12:02:e4:e5:95:06:6b:ec:60:31:5e:
c3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:18:F3:92:4D:26:1D:5B:C4:29:46:E5:FF:E4:46:F4:7D:C9:A5:07
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/DBjzkk0mHVvEKUbl_-RG9H3JpQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.89.0/24
88.216.20.0/24
88.216.23.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1e:c1:86:1f:9b:82:64:6b:d5:49:2a:93:51:19:da:ab:43:
57:88:eb:08:b9:3a:e7:48:10:d3:3e:cf:f8:ae:a7:d0:b9:dd:
66:50:15:04:61:c5:09:97:ae:80:29:9b:40:77:a3:7a:23:c8:
b1:c8:e1:df:d8:aa:06:2c:8f:90:e2:db:ae:b9:9c:34:71:f1:
2e:3c:30:7b:96:ea:66:6b:31:c2:0d:54:bd:6d:63:e3:17:ef:
b3:c9:df:d2:ae:50:3a:aa:d6:ce:58:f2:56:60:f0:38:29:b4:
44:1a:11:cc:1c:51:2f:57:de:ef:ee:37:4d:b9:1a:48:29:18:
e6:1b:cd:2d:5d:9e:c6:73:c0:de:cb:cc:50:62:a6:a8:2f:69:
d5:98:b4:39:16:23:1f:3d:94:6e:63:94:53:79:19:a9:8f:ba:
9d:70:1e:2f:71:da:92:c4:8a:44:78:61:77:61:eb:b5:08:19:
5c:8a:ca:75:d1:6d:f2:34:35:fd:33:82:9a:2a:23:18:0d:9e:
ff:8d:ca:f4:6d:a3:8b:63:37:64:04:eb:01:ed:cf:5b:cf:cf:
b5:06:28:47:aa:d9:69:63:3b:af:f0:c9:56:70:fa:dd:15:a1:
50:bf:54:98:36:95:3a:b2:94:4d:ed:3e:ee:fd:7b:c8:c5:7f:
1a:bc:ab:0d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTrP4nFG9BjX/Futqppx+QzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA3MDYyMjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzE4ZjM5MjRkMjYxZDViYzQyOTQ2ZTVmZmU0NDZmNDdkYzlhNTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKl5qStkzCkbot1awmmeayhxMcvE
R18fqBEmOrFlddNK4MsEd+sGtn+yqS6Q1acKPekSUTVhQywavwgsnGR2dsQkRH0f
sPa9GresaeHtcv3kDa0i6IuOcbHAr/HJLDclim1xvEJCz+leDCR4V9dKPfI20Iav
TNQJEHTFeut0H7PH93aREJ0Ayrv2sMxY+iAGKYZERkvTckNahkRiaZK1BxQgr7jh
STvRbsN4H6sEweu2RMtE1TjnKK/Ae6Yei/p3Jlv0HxXMe6pIZxRjeo9rPo3pEcpy
4YBqgHqpY36bqDFSO9U53BCdTt18oAP6mBNSf7DLEgLk5ZUGa+xgMV7DKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAwY85JNJh1bxClG5f/kRvR9yaUHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvREJqemtrMG1IVnZFS1VibF8tUkc5SDNKcFFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAfAwQA
VCBZAwQAWNgUAwQAWNgXAwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUAA4IBAQCa
HsGGH5uCZGvVSSqTURnaq0NXiOsIuTrnSBDTPs/4rqfQud1mUBUEYcUJl66AKZtA
d6N6I8ixyOHf2KoGLI+Q4tuuuZw0cfEuPDB7lupmazHCDVS9bWPjF++zyd/SrlA6
qtbOWPJWYPA4KbREGhHMHFEvV97v7jdNuRpIKRjmG80tXZ7Gc8Dey8xQYqaoL2nV
mLQ5FiMfPZRuY5RTeRmpj7qdcB4vcdqSxIpEeGF3Yeu1CBlcisp10W3yNDX9M4Ka
KiMYDZ7/jcr0baOLYzdkBOsB7c9bz8+1BihHqtlpYzuv8MlWcPrdFaFQv1SYNpU6
spRN7T7u/XvIxX8avKsN
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org