Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FoH5f0O0Dlatib0T-xtoDJ3LlGo.roa
File: FoH5f0O0Dlatib0T-xtoDJ3LlGo.roa (raw, json)
Hash identifier: bwHE8RCaBqTVr0oYZqMJN4rjSUsxpwBkKlFNynpuatU=
Subject key identifier: 16:81:F9:7F:43:B4:0E:56:AD:89:BD:13:FB:1B:68:0C:9D:CB:94:6A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183F3D824D6A12373925D1690F44B1A3378
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FoH5f0O0Dlatib0T-xtoDJ3LlGo.roa
Signing time: Thu 20 Oct 2022 05:22:52 +0000
ROA not before: Thu 20 Oct 2022 05:22:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.60.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f3:d8:24:d6:a1:23:73:92:5d:16:90:f4:4b:1a:33:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 20 05:22:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1681f97f43b40e56ad89bd13fb1b680c9dcb946a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9f:ba:61:c2:d7:b7:a1:d9:b8:e2:7d:8e:29:
a6:b0:c0:46:d9:42:ea:02:9e:26:89:08:42:75:e3:
ec:f4:6a:43:48:b8:fe:fa:50:20:d0:c9:10:de:bb:
99:67:9c:af:f4:9c:54:c9:4e:51:46:8d:02:a6:79:
80:6a:c1:25:a1:36:6d:39:0c:31:1f:b0:22:80:1d:
7f:ea:7c:62:c4:79:bb:87:6a:c9:0b:8b:7b:57:3c:
6f:45:7b:6a:61:aa:0f:ee:db:b0:74:30:28:22:53:
3f:14:27:55:5d:0d:51:50:9d:c3:aa:db:33:89:a7:
f3:61:6d:c0:94:a3:6e:bf:b8:76:f5:f4:e6:81:e3:
4b:04:22:c2:e2:e2:32:d5:b7:a9:03:33:1c:aa:d7:
94:f7:d5:c3:f6:a6:ec:8f:8c:47:3b:ec:a7:e7:8b:
07:3e:5c:74:e1:5f:1a:34:ae:0c:fb:b5:bf:ba:38:
c1:0d:46:0f:12:f3:4e:cd:89:18:ea:03:1f:98:b4:
f0:75:3c:aa:ee:5f:3f:69:92:35:f1:ac:2f:6c:1f:
ff:01:5b:c9:91:44:f6:a9:aa:e1:77:e3:ec:20:d5:
79:a4:b2:7a:4d:dd:f1:07:70:ab:0d:90:2c:53:bc:
29:69:49:a1:a1:53:ac:29:f6:ab:4e:ed:11:26:9d:
20:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:81:F9:7F:43:B4:0E:56:AD:89:BD:13:FB:1B:68:0C:9D:CB:94:6A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/FoH5f0O0Dlatib0T-xtoDJ3LlGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.15.0/24
84.32.42.0/24
84.32.46.0/24
84.32.49.0/24
84.32.60.0/24
84.32.63.0/24
84.32.65.0/24
84.32.77.0/24
84.32.86.0/24
84.32.92.0/24
84.32.94.0/24
88.216.2.0/24
88.216.35.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/24
88.216.188.0/24
88.216.190.0/24
88.216.198.0/24
Signature Algorithm: sha256WithRSAEncryption
99:40:69:5f:3a:b6:5f:87:6a:ec:4c:00:15:61:05:cd:cf:42:
50:7c:bf:39:b0:83:9e:c7:e5:23:58:7e:ac:af:18:0a:ae:77:
ff:ad:50:22:be:39:be:c3:59:05:50:f7:b0:bd:39:07:4e:54:
74:b0:f4:2b:38:a6:f5:01:37:81:d6:cc:0a:b3:f4:8f:34:e2:
20:a3:0e:2c:ca:8c:77:47:df:e8:18:63:2e:5f:9a:d1:a2:41:
d0:87:69:66:63:42:1a:3e:4f:40:02:5d:50:be:65:b2:82:28:
e2:39:62:3f:5c:d2:f0:cc:47:40:22:60:c1:30:97:62:2a:dc:
92:11:60:cc:56:43:05:ad:e4:f6:89:9b:3f:8e:24:ad:21:ae:
e9:fc:bc:20:06:29:3d:11:13:c7:52:cc:ad:8c:e5:68:c5:29:
0d:8d:a0:5e:de:4c:c7:a5:18:ab:1f:45:ee:55:61:19:d3:d9:
a8:43:47:3f:0c:2d:00:2b:79:de:67:f2:a3:25:4c:f4:4a:df:
2d:5f:71:f5:92:93:8e:03:01:97:46:57:63:98:4c:7c:f1:1f:
66:95:a0:03:28:ef:98:be:7e:f7:a3:b4:f6:a1:04:0b:57:09:
a0:08:a5:33:ce:3b:25:53:45:e5:1f:91:82:87:ce:0f:77:50:
f2:fe:bb:a1
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYPz2CTWoSNzkl0WkPRLGjN4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIwMDUyMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjgxZjk3ZjQzYjQwZTU2YWQ4OWJkMTNmYjFiNjgwYzlkY2I5NDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJ+6YcLXt6HZuOJ9jimmsMBG2ULq
Ap4miQhCdePs9GpDSLj++lAg0MkQ3ruZZ5yv9JxUyU5RRo0CpnmAasEloTZtOQwx
H7AigB1/6nxixHm7h2rJC4t7VzxvRXtqYaoP7tuwdDAoIlM/FCdVXQ1RUJ3Dqtsz
iafzYW3AlKNuv7h29fTmgeNLBCLC4uIy1bepAzMcqteU99XD9qbsj4xHO+yn54sH
Plx04V8aNK4M+7W/ujjBDUYPEvNOzYkY6gMfmLTwdTyq7l8/aZI18awvbB//AVvJ
kUT2qarhd+PsINV5pLJ6Td3xB3CrDZAsU7wpaUmhoVOsKfarTu0RJp0gkQIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFBaB+X9DtA5WrYm9E/sbaAydy5RqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvRm9INWYwTzBEbGF0aWIwVC14dG9ESjNMbEdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQAVCAH
AwQAVCAPAwQAVCAqAwQAVCAuAwQAVCAxAwQAVCA8AwQAVCA/AwQAVCBBAwQAVCBN
AwQAVCBWAwQAVCBcAwQAVCBeAwQAWNgCAwQAWNgjAwQAWNgoAwQAWNhbAwQAWNhm
AwQAWNi8AwQAWNi+AwQAWNjGMA0GCSqGSIb3DQEBCwUAA4IBAQCZQGlfOrZfh2rs
TAAVYQXNz0JQfL85sIOex+UjWH6srxgKrnf/rVAivjm+w1kFUPewvTkHTlR0sPQr
OKb1ATeB1swKs/SPNOIgow4syox3R9/oGGMuX5rRokHQh2lmY0IaPk9AAl1QvmWy
gijiOWI/XNLwzEdAImDBMJdiKtySEWDMVkMFreT2iZs/jiStIa7p/LwgBik9ERPH
UsytjOVoxSkNjaBe3kzHpRirH0XuVWEZ09moQ0c/DC0AK3neZ/KjJUz0St8tX3H1
kpOOAwGXRldjmEx88R9mlaADKO+Yvn73o7T2oQQLVwmgCKUzzjslU0XlH5GCh84P
d1Dy/ruh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:45 2023 by rpki-client on console-fra.rpki-client.org