Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IZ9ARBelZC-eFDEregJ4fdqMlxA.roa
File: IZ9ARBelZC-eFDEregJ4fdqMlxA.roa (raw, json)
Hash identifier: iZ0JGWobuhbH/6Ux0b6IE33lgz6EvXKKtAO6JWLh+QM=
Subject key identifier: 21:9F:40:44:17:A5:64:2F:9E:14:31:2B:7A:02:78:7D:DA:8C:97:10
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018417F0C6954E6785DB87519E6C0FA12F93
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IZ9ARBelZC-eFDEregJ4fdqMlxA.roa
Signing time: Thu 27 Oct 2022 05:36:06 +0000
ROA not before: Thu 27 Oct 2022 05:36:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.87.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:17:f0:c6:95:4e:67:85:db:87:51:9e:6c:0f:a1:2f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 27 05:36:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=219f404417a5642f9e14312b7a02787dda8c9710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:33:b2:90:8c:04:70:56:6e:c0:1b:d1:aa:4f:
36:c0:db:74:9e:a5:06:f1:8b:be:ee:97:7b:6e:a2:
7c:65:aa:0f:93:3f:94:ce:60:00:15:58:ee:22:59:
cf:ed:3c:73:8d:c9:e6:19:db:1d:fb:eb:09:d4:f2:
ec:f4:e6:f1:70:62:4c:da:aa:8a:d7:d2:04:7a:32:
34:c7:20:d5:f3:10:59:1d:10:1a:c7:21:a6:fb:3c:
a2:6f:dc:60:46:46:26:96:88:59:0c:12:9e:52:ac:
c3:de:69:d1:f5:d6:c3:6c:b2:06:1b:6e:ad:7b:fb:
01:e0:b9:99:c7:b5:0a:e3:94:4c:77:61:7d:02:08:
41:7c:80:fb:3a:f9:2f:20:df:4b:13:0f:39:ed:6f:
95:77:54:aa:e0:30:0c:02:76:47:36:a7:99:49:ba:
df:ff:9e:e3:7a:7b:b6:7a:f9:8e:29:32:0e:58:80:
da:90:3a:3f:3e:5c:75:b7:6a:19:04:de:64:36:e4:
f8:2b:da:2b:b0:26:17:e0:a9:5c:83:0c:f8:bc:0a:
e1:ca:b9:9d:db:6c:92:9f:97:55:4f:10:ea:e1:06:
f8:22:96:e5:fb:5c:e3:b6:c0:67:78:e9:a6:c5:ce:
0a:13:9e:27:9e:75:6e:73:57:37:c8:4a:5f:7d:e3:
40:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:9F:40:44:17:A5:64:2F:9E:14:31:2B:7A:02:78:7D:DA:8C:97:10
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/IZ9ARBelZC-eFDEregJ4fdqMlxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
84.32.87.0/24
88.216.37.0/24
88.216.100.0/24
88.216.130.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
15:80:8d:dd:af:d0:6f:71:c8:df:3d:c8:69:9a:48:10:b0:52:
c8:e6:04:c0:5d:95:31:da:5c:aa:f8:1b:de:b1:e6:a1:03:ad:
8e:88:d4:14:bc:35:73:ba:50:96:a9:f4:b8:8a:de:96:bc:be:
3f:11:51:11:29:d7:6b:a7:d0:95:ed:e6:22:1f:8c:53:4c:95:
c3:70:af:8a:d2:d8:10:82:16:87:91:b5:46:1c:5e:3f:1d:d8:
ed:f4:b7:eb:ae:db:45:46:0e:92:5e:a0:d7:8e:73:03:07:c5:
a3:ac:7e:c4:cf:28:08:a7:e5:ed:9b:51:5a:e4:91:d9:bc:97:
35:a6:93:10:0e:86:e1:5a:8c:03:89:c1:c5:a0:c5:98:97:dd:
66:31:c1:11:5e:1d:70:01:5c:70:b1:4d:b5:2b:00:b4:bc:c8:
c6:d1:17:84:46:9a:20:c0:57:c5:7a:db:41:12:d4:51:cb:bd:
88:22:b4:aa:54:71:51:2b:87:2e:c2:fc:8b:f5:69:9f:b2:71:
15:2f:12:e3:47:2e:fc:4a:c8:36:9a:09:26:46:58:9c:90:4f:
13:63:dd:f8:f9:6f:79:f3:67:ea:42:90:dc:93:22:95:ba:c5:
65:8d:b1:b5:c3:b1:a7:f9:4d:39:55:d0:a3:5c:f1:31:d3:36:
69:0d:75:12
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYQX8MaVTmeF24dRnmwPoS+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI3MDUzNjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTlmNDA0NDE3YTU2NDJmOWUxNDMxMmI3YTAyNzg3ZGRhOGM5NzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzOykIwEcFZuwBvRqk82wNt0nqUG
8Yu+7pd7bqJ8ZaoPkz+UzmAAFVjuIlnP7TxzjcnmGdsd++sJ1PLs9ObxcGJM2qqK
19IEejI0xyDV8xBZHRAaxyGm+zyib9xgRkYmlohZDBKeUqzD3mnR9dbDbLIGG26t
e/sB4LmZx7UK45RMd2F9AghBfID7OvkvIN9LEw857W+Vd1Sq4DAMAnZHNqeZSbrf
/57jenu2evmOKTIOWIDakDo/Plx1t2oZBN5kNuT4K9orsCYX4Klcgwz4vArhyrmd
22ySn5dVTxDq4Qb4Ipbl+1zjtsBneOmmxc4KE54nnnVuc1c3yEpffeNAdwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCGfQEQXpWQvnhQxK3oCeH3ajJcQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSVo5QVJCZWxaQy1lRkRFcmVnSjRmZHFNbHhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAnAwQA
VCA5AwQAVCBXAwQAWNglAwQAWNhkAwQAWNiCAwQAWNi7MA0GCSqGSIb3DQEBCwUA
A4IBAQAVgI3dr9BvccjfPchpmkgQsFLI5gTAXZUx2lyq+BveseahA62OiNQUvDVz
ulCWqfS4it6WvL4/EVERKddrp9CV7eYiH4xTTJXDcK+K0tgQghaHkbVGHF4/Hdjt
9LfrrttFRg6SXqDXjnMDB8WjrH7EzygIp+Xtm1Fa5JHZvJc1ppMQDobhWowDicHF
oMWYl91mMcERXh1wAVxwsU21KwC0vMjG0ReERpogwFfFettBEtRRy72IIrSqVHFR
K4cuwvyL9WmfsnEVLxLjRy78Ssg2mgkmRlickE8TY934+W9582fqQpDckyKVusVl
jbG1w7Gn+U05VdCjXPEx0zZpDXUS
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org