Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/H7DTfZRv0x2qZHyN0llCxhpaXRI.roa
File: H7DTfZRv0x2qZHyN0llCxhpaXRI.roa (raw, json)
Hash identifier: W2/iQS5WgFFH5MfC2couSal2LMGLEA3o+7X2rOLnFQg=
Subject key identifier: 1F:B0:D3:7D:94:6F:D3:1D:AA:64:7C:8D:D2:59:42:C6:1A:5A:5D:12
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183EFB5C9C882AB1BCD62337244EE19831D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/H7DTfZRv0x2qZHyN0llCxhpaXRI.roa
Signing time: Wed 19 Oct 2022 10:06:51 +0000
ROA not before: Wed 19 Oct 2022 10:06:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.87.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ef:b5:c9:c8:82:ab:1b:cd:62:33:72:44:ee:19:83:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 19 10:06:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fb0d37d946fd31daa647c8dd25942c61a5a5d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:57:e8:51:bb:ef:78:ad:30:cf:b2:56:15:e2:
b6:a4:00:ac:2e:22:ba:56:c4:cf:24:44:7c:6e:80:
c8:e0:78:33:f4:c6:5c:a1:29:aa:76:fa:26:5b:f2:
b6:40:e8:ef:d2:1d:18:24:ca:1e:c7:1d:27:62:83:
52:48:63:85:ca:71:cc:e6:f1:51:90:5a:c5:9b:30:
61:bd:b7:43:c4:1a:d5:f2:06:2b:7d:ee:1a:7e:08:
be:83:c0:71:5b:8a:a6:3f:1e:83:d5:e8:80:87:04:
fa:52:65:7c:9d:bb:8b:33:2d:37:20:9e:bd:83:a5:
b0:b5:8b:b5:cf:d1:d5:ea:5d:32:47:c7:7a:e3:5d:
c7:af:df:5a:8c:21:da:09:16:e2:93:ee:7f:2d:33:
f5:54:aa:78:1f:ae:b2:79:fc:2c:3c:4b:01:0a:45:
d1:6a:74:a8:96:37:52:c3:fe:58:8a:f5:81:4d:4c:
80:ae:00:50:80:5a:88:b1:64:d0:4f:b3:96:ed:43:
c2:9a:18:db:44:2b:5c:0b:77:1c:68:f4:a7:7c:ff:
4f:b0:e2:c9:5f:85:89:00:7d:fa:b0:c1:7f:a8:fe:
88:a9:07:6b:59:94:fb:a0:91:b2:81:ae:0f:1a:f7:
64:1d:f7:a9:55:67:d3:01:d2:cc:64:20:16:a3:d9:
cf:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:B0:D3:7D:94:6F:D3:1D:AA:64:7C:8D:D2:59:42:C6:1A:5A:5D:12
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/H7DTfZRv0x2qZHyN0llCxhpaXRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
84.32.87.0/24
88.216.37.0/24
88.216.130.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6f:6c:80:a0:2c:31:b8:a1:08:a4:9f:cf:ce:4c:75:f7:8f:
e2:9a:47:31:36:d9:22:c5:f5:5f:0b:a3:49:1c:84:a7:37:e5:
91:32:e6:4e:b0:1b:5f:1d:89:e0:e7:aa:ba:01:f2:f7:74:3d:
4e:0a:2e:84:ee:bc:59:9b:e5:cf:0b:2b:46:b1:0e:a1:80:18:
c2:0c:dd:d3:8d:da:9b:34:31:9a:13:b5:b9:18:82:33:e3:02:
19:05:d9:31:35:5e:56:54:6c:0f:2c:1c:99:c2:f8:b9:fa:94:
db:f8:1a:07:f6:2a:ab:b9:2f:3d:71:d1:e5:31:ab:9e:6b:7b:
66:f4:fe:d0:e6:4b:59:d2:6c:5a:3f:f5:84:fe:47:58:ce:e0:
9a:fe:d3:a2:18:68:f8:c1:38:34:c7:62:fb:fb:62:68:5a:3b:
17:de:1b:f7:94:df:38:33:92:d8:22:7a:92:ce:b4:18:53:77:
9b:99:6f:36:52:a9:67:dc:ec:c9:bc:f7:5b:e3:16:76:f0:bc:
6c:00:3c:24:64:ae:79:53:db:51:06:fe:1a:ec:07:1c:20:a7:
f1:9f:11:ed:e0:9b:e5:3d:cb:cc:74:13:7e:bd:de:29:08:39:
c8:7c:21:c1:b5:f0:b8:5f:bd:e8:3b:40:3f:38:49:4e:59:f9:
d7:8b:72:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYPvtcnIgqsbzWIzckTuGYMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDE5MTAwNjUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmIwZDM3ZDk0NmZkMzFkYWE2NDdjOGRkMjU5NDJjNjFhNWE1ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVfoUbvveK0wz7JWFeK2pACsLiK6
VsTPJER8boDI4Hgz9MZcoSmqdvomW/K2QOjv0h0YJMoexx0nYoNSSGOFynHM5vFR
kFrFmzBhvbdDxBrV8gYrfe4afgi+g8BxW4qmPx6D1eiAhwT6UmV8nbuLMy03IJ69
g6WwtYu1z9HV6l0yR8d6413Hr99ajCHaCRbik+5/LTP1VKp4H66yefwsPEsBCkXR
anSoljdSw/5YivWBTUyArgBQgFqIsWTQT7OW7UPCmhjbRCtcC3ccaPSnfP9PsOLJ
X4WJAH36sMF/qP6IqQdrWZT7oJGyga4PGvdkHfepVWfTAdLMZCAWo9nPVwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFB+w032Ub9MdqmR8jdJZQsYaWl0SMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSDdEVGZaUnYweDJxWkh5TjBsbEN4aHBhWFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAnAwQA
VCA5AwQAVCBXAwQAWNglAwQAWNiCAwQAWNi7MA0GCSqGSIb3DQEBCwUAA4IBAQBh
b2yAoCwxuKEIpJ/Pzkx194/imkcxNtkixfVfC6NJHISnN+WRMuZOsBtfHYng56q6
AfL3dD1OCi6E7rxZm+XPCytGsQ6hgBjCDN3TjdqbNDGaE7W5GIIz4wIZBdkxNV5W
VGwPLByZwvi5+pTb+BoH9iqruS89cdHlMauea3tm9P7Q5ktZ0mxaP/WE/kdYzuCa
/tOiGGj4wTg0x2L7+2JoWjsX3hv3lN84M5LYInqSzrQYU3ebmW82Uqln3OzJvPdb
4xZ28LxsADwkZK55U9tRBv4a7AccIKfxnxHt4JvlPcvMdBN+vd4pCDnIfCHBtfC4
X73oO0A/OElOWfnXi3L4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:31 2024 by rpki-client on console-fra.rpki-client.org