Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHSLPPohjYRNw9uN_CaqxAvRcqY.roa
File: IHSLPPohjYRNw9uN_CaqxAvRcqY.roa (raw, json)
Hash identifier: yj4xpfaNWma42RDeG1DExruFlrV2ocEgeDLuMGzgAHQ=
Subject key identifier: 20:74:8B:3C:FA:21:8D:84:4D:C3:DB:8D:FC:26:AA:C4:0B:D1:72:A6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01A9C209
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHSLPPohjYRNw9uN_CaqxAvRcqY.roa
Signing time: Fri 01 Jul 2022 15:49:25 +0000
ROA not before: Fri 01 Jul 2022 15:49:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 84.32.60.0/22 maxlen: 24
88.216.188.0/22 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.92.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.90.0/23 maxlen: 24
88.216.100.0/22 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.36.0/22 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 27902473 (0x1a9c209)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 1 15:49:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=20748b3cfa218d844dc3db8dfc26aac40bd172a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6d:30:04:d6:91:e7:48:c8:ef:65:07:cc:ab:
58:a9:63:78:b9:2d:9b:1e:9e:64:2a:8e:0b:36:96:
e2:cf:c2:7a:46:73:04:07:19:46:4d:02:cc:3c:5a:
55:54:74:7e:fe:de:63:b7:45:4a:5c:d9:6f:17:02:
d0:38:ca:9d:3f:75:81:a0:29:49:95:fa:c1:86:ff:
c5:9a:36:06:21:b2:7b:95:cb:d3:4e:0f:0d:77:8e:
f2:0c:0f:d2:6f:55:69:3d:2d:31:c6:b8:02:d9:39:
cc:84:14:db:a8:61:5a:81:60:3c:28:b0:3f:a4:20:
93:a2:66:61:5a:4e:45:97:91:3c:6f:95:66:2b:c1:
03:77:be:5c:d9:51:d8:ba:85:b2:71:ec:4d:ec:f1:
f6:ce:d6:64:d1:ab:d3:d4:f9:c2:2d:40:5e:3a:b8:
9a:ec:45:ca:1c:38:6d:d8:02:33:55:11:fd:72:ab:
e1:c5:66:39:10:bd:28:a7:c4:38:12:44:c3:07:74:
7e:af:94:10:df:c6:e3:98:5b:6c:fd:dc:51:d0:7d:
9d:a6:4b:f4:28:b5:2f:62:ff:43:09:44:85:c0:d2:
be:c6:e8:95:b6:33:eb:06:24:0f:5f:56:44:f3:f5:
2f:c7:a0:4b:18:be:87:f8:3c:25:97:43:3c:25:57:
a7:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:74:8B:3C:FA:21:8D:84:4D:C3:DB:8D:FC:26:AA:C4:0B:D1:72:A6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IHSLPPohjYRNw9uN_CaqxAvRcqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.60.0/22
84.32.88.0/24
84.32.92.0/22
88.216.16.0-88.216.18.255
88.216.35.0-88.216.41.255
88.216.43.0/24
88.216.90.0/23
88.216.100.0/22
88.216.187.0-88.216.191.255
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:13:68:fe:e7:64:78:4c:84:93:7f:71:f4:91:18:31:4a:6d:
c7:3e:a0:bc:91:2c:b4:af:45:fb:1c:de:33:a4:08:62:4e:0d:
c9:5d:10:0a:8b:7b:55:ab:c1:9f:dd:3e:46:da:2d:66:42:ea:
f0:fd:56:49:8f:e6:bd:61:2c:fa:5a:52:42:65:cc:7c:54:d6:
6f:e8:d4:87:58:67:c2:79:9f:ed:10:a5:43:6a:4d:b8:0b:1e:
8d:2b:bb:86:46:ae:b6:10:a9:07:bb:7c:e5:7c:f6:1e:44:1c:
46:b7:24:a2:bc:93:fc:ad:d8:15:17:0e:ad:98:3d:e4:71:57:
62:30:a0:f2:9f:66:ab:53:15:4c:5a:84:77:9a:d1:38:90:e1:
ef:97:b3:9a:51:a5:69:8e:da:0c:5f:e0:2d:7e:1d:b3:f9:fb:
5e:04:68:c3:2d:b7:c4:1e:ec:78:d0:52:05:c3:0a:01:6e:35:
b2:a9:06:fe:61:6a:7b:13:41:55:15:0a:16:84:24:33:66:8d:
0e:6b:ef:51:40:d2:84:4b:2e:bc:39:23:03:16:fa:3b:9b:f0:
be:26:e7:6a:f4:39:c3:c4:81:a8:a8:51:1c:1a:be:df:ae:c0:
a4:4b:da:db:6d:b0:86:a8:6f:99:f5:64:fe:21:dc:c6:b7:d9:
be:be:e3:23
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEAanCCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDcw
MTE1NDkyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjA3NDhiM2NmYTIx
OGQ4NDRkYzNkYjhkZmMyNmFhYzQwYmQxNzJhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdtMATWkedIyO9lB8yrWKljeLktmx6eZCqOCzaW4s/CekZz
BAcZRk0CzDxaVVR0fv7eY7dFSlzZbxcC0DjKnT91gaApSZX6wYb/xZo2BiGye5XL
004PDXeO8gwP0m9VaT0tMca4Atk5zIQU26hhWoFgPCiwP6Qgk6JmYVpORZeRPG+V
ZivBA3e+XNlR2LqFsnHsTezx9s7WZNGr09T5wi1AXjq4muxFyhw4bdgCM1UR/XKr
4cVmORC9KKfEOBJEwwd0fq+UEN/G45hbbP3cUdB9naZL9Ci1L2L/QwlEhcDSvsbo
lbYz6wYkD19WRPP1L8egSxi+h/g8JZdDPCVXp2UCAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBQgdIs8+iGNhE3D2438JqrEC9FypjAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L0lIU0xQUG9oallSTnc5dU5fQ2FxeEF2UmNxWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEAFQgDgMEAFQgIgMEAlQgPAMEAFQg
WAMEAlQgXDAMAwQEWNgQAwQAWNgSMAwDBABY2CMDBAFY2CgDBABY2CsDBAFY2FoD
BAJY2GQwDAMEAFjYuwMEBljYgAMEAljY+DANBgkqhkiG9w0BAQsFAAOCAQEAjxNo
/udkeEyEk39x9JEYMUptxz6gvJEstK9F+xzeM6QIYk4NyV0QCot7VavBn90+Rtot
ZkLq8P1WSY/mvWEs+lpSQmXMfFTWb+jUh1hnwnmf7RClQ2pNuAsejSu7hkauthCp
B7t85Xz2HkQcRrckoryT/K3YFRcOrZg95HFXYjCg8p9mq1MVTFqEd5rROJDh75ez
mlGlaY7aDF/gLX4ds/n7XgRowy23xB7seNBSBcMKAW41sqkG/mFqexNBVRUKFoQk
M2aNDmvvUUDShEsuvDkjAxb6O5vwvibnavQ5w8SBqKhRHBq+367ApEva222whqhv
mfVk/iHcxrfZvr7jIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org