Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IQEJl2G1HOhTm5dadS-KNb6uT_0.roa
File: IQEJl2G1HOhTm5dadS-KNb6uT_0.roa (raw, json)
Hash identifier: pcX0c/3RjHlqhb7tbP5BC1qKghYM0Dkh8q3qapRKSGo=
Subject key identifier: 21:01:09:97:61:B5:1C:E8:53:9B:97:5A:75:2F:8A:35:BE:AE:4F:FD
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183D63D2DF8D2451E11B4D3B8366C6AD64E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IQEJl2G1HOhTm5dadS-KNb6uT_0.roa
Signing time: Fri 14 Oct 2022 11:24:37 +0000
ROA not before: Fri 14 Oct 2022 11:24:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.90.0/23 maxlen: 24
84.32.88.0/23 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
84.32.24.0/22 maxlen: 22
88.216.134.0/24 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.28.0/22 maxlen: 22
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
88.216.16.0/23 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:3d:2d:f8:d2:45:1e:11:b4:d3:b8:36:6c:6a:d6:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 14 11:24:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2101099761b51ce8539b975a752f8a35beae4ffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:0f:13:b7:bc:a9:78:16:ff:e5:de:63:44:fa:
2c:c7:0d:df:f3:93:bc:fd:14:ba:a9:ed:4c:f4:38:
41:db:f7:de:7a:fc:f4:3f:5f:36:1c:85:8a:13:d8:
fa:0e:d0:ee:fb:92:63:0a:9f:95:21:53:93:43:85:
48:9e:53:90:33:cd:64:bf:ec:fb:e1:2d:59:1c:6c:
6a:8e:1d:b7:da:c3:f6:3a:74:bb:91:1d:70:a6:b4:
77:d8:02:49:a0:1d:3a:dd:3c:5b:2f:22:76:c3:f2:
61:01:89:ea:19:e0:9a:2f:cc:f6:27:77:ee:ac:6a:
28:06:55:d5:2c:6b:17:7d:9f:10:aa:69:a7:96:b9:
00:fe:c0:d5:9e:99:b3:1b:3b:b2:e9:1d:fe:0e:52:
9b:de:12:3b:7c:4c:a5:de:08:03:ef:4c:23:8a:1e:
11:f0:9b:fb:65:4f:04:6e:50:01:75:9a:58:86:2e:
e3:e5:99:49:34:f3:32:99:10:be:98:14:4a:61:35:
29:d7:86:b3:9c:96:0a:b4:99:c1:55:05:2a:34:99:
4d:ac:07:e5:45:4b:66:7f:28:ea:44:94:a7:68:73:
46:37:6b:33:04:10:b1:b9:1b:fa:ad:6d:e3:15:41:
36:b3:79:ac:1b:04:5b:92:50:b1:b0:9b:79:07:f2:
3e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:01:09:97:61:B5:1C:E8:53:9B:97:5A:75:2F:8A:35:BE:AE:4F:FD
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IQEJl2G1HOhTm5dadS-KNb6uT_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/21
84.32.88.0/22
88.216.16.0/23
88.216.33.0/24
88.216.44.0/23
88.216.92.0/22
88.216.128.0/24
88.216.131.0-88.216.135.255
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:c0:25:3d:d4:cc:0c:5d:5a:3f:6d:ff:b8:72:58:f8:0b:bf:
76:21:12:ce:6a:8c:6a:c8:74:64:7a:e2:07:4c:e3:a0:02:8b:
a2:9c:80:8f:ff:d2:ae:6d:e4:32:3f:16:9e:ac:ea:52:c9:f6:
8b:cd:16:69:73:d1:c1:59:22:90:0f:92:61:e1:fe:f8:67:8b:
9a:06:91:52:5f:0c:fd:5b:ff:de:eb:25:ba:a8:2e:b1:83:dc:
81:5b:fc:0f:bb:a1:71:c4:f8:ec:de:e7:32:b1:50:82:2a:78:
97:a6:9e:cc:bb:60:c1:8d:79:49:c1:7f:04:86:0f:5c:b4:ac:
fc:fa:a5:f3:63:2d:1e:89:03:8a:0d:b0:cb:92:5b:fc:1a:9e:
67:d8:85:f0:c5:37:ca:36:bd:7e:f4:27:ae:cb:cc:be:b7:ff:
a2:b5:f1:69:5d:a6:c3:cc:7b:56:f7:92:16:46:b2:a0:9b:6a:
c8:b4:3b:70:4d:34:0b:bf:3c:36:55:03:03:6d:69:b2:6d:fb:
86:58:54:80:d8:f3:90:4c:cc:09:81:d0:6a:42:40:62:87:42:
e2:58:8a:c3:7a:71:df:61:3b:de:c7:49:d4:66:47:c3:24:de:
9e:ca:46:64:49:83:2f:53:25:20:7d:ad:70:3a:39:33:d5:3b:
78:d8:65:5f
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYPWPS340kUeEbTTuDZsatZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDE0MTEyNDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTAxMDk5NzYxYjUxY2U4NTM5Yjk3NWE3NTJmOGEzNWJlYWU0ZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyw8Tt7ypeBb/5d5jRPosxw3f85O8
/RS6qe1M9DhB2/feevz0P182HIWKE9j6DtDu+5JjCp+VIVOTQ4VInlOQM81kv+z7
4S1ZHGxqjh232sP2OnS7kR1wprR32AJJoB063TxbLyJ2w/JhAYnqGeCaL8z2J3fu
rGooBlXVLGsXfZ8QqmmnlrkA/sDVnpmzGzuy6R3+DlKb3hI7fEyl3ggD70wjih4R
8Jv7ZU8EblABdZpYhi7j5ZlJNPMymRC+mBRKYTUp14aznJYKtJnBVQUqNJlNrAfl
RUtmfyjqRJSnaHNGN2szBBCxuRv6rW3jFUE2s3msGwRbklCxsJt5B/I+4wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFCEBCZdhtRzoU5uXWnUvijW+rk/9MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSVFFSmwyRzFIT2hUbTVkYWRTLUtOYjZ1VF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQDVCAYAwQC
VCBYAwQBWNgQAwQAWNghAwQBWNgsAwQCWNhcAwQAWNiAMAwDBABY2IMDBANY2IAD
BAJY2OgwDQYJKoZIhvcNAQELBQADggEBAEzAJT3UzAxdWj9t/7hyWPgLv3YhEs5q
jGrIdGR64gdM46ACi6KcgI//0q5t5DI/Fp6s6lLJ9ovNFmlz0cFZIpAPkmHh/vhn
i5oGkVJfDP1b/97rJbqoLrGD3IFb/A+7oXHE+Oze5zKxUIIqeJemnsy7YMGNeUnB
fwSGD1y0rPz6pfNjLR6JA4oNsMuSW/wanmfYhfDFN8o2vX70J67LzL63/6K18Wld
psPMe1b3khZGsqCbasi0O3BNNAu/PDZVAwNtabJt+4ZYVIDY85BMzAmB0GpCQGKH
QuJYisN6cd9hO97HSdRmR8Mk3p7KRmRJgy9TJSB9rXA6OTPVO3jYZV8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org