Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kd04_U1Dr6W-0ZsuXp4B58XuPLI.roa
File: Kd04_U1Dr6W-0ZsuXp4B58XuPLI.roa (raw, json)
Hash identifier: Z9PPzdxJbQh9WwSjiupO3zXhQRBS2cQ9MWuIu1iU4mI=
Subject key identifier: 29:DD:38:FD:4D:43:AF:A5:BE:D1:9B:2E:5E:9E:01:E7:C5:EE:3C:B2
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018288067E0C26CCE1BD739A6176B2AEC115
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kd04_U1Dr6W-0ZsuXp4B58XuPLI.roa
Signing time: Wed 10 Aug 2022 13:51:42 +0000
ROA not before: Wed 10 Aug 2022 13:51:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:88:06:7e:0c:26:cc:e1:bd:73:9a:61:76:b2:ae:c1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 10 13:51:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=29dd38fd4d43afa5bed19b2e5e9e01e7c5ee3cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:38:8e:56:98:52:b0:c4:78:a5:b3:cc:12:5c:
67:93:40:4e:db:5a:fe:a9:33:c6:73:3b:bd:78:54:
ef:a1:15:19:8a:cb:83:49:b7:cd:0d:5e:3e:3b:72:
d6:32:ea:8e:5b:ae:f5:90:ee:b1:36:4f:b7:4e:09:
fe:b4:1f:33:cd:91:35:7e:dc:7c:bb:3f:e2:38:f8:
08:71:8a:14:2b:fc:d7:92:c7:d6:a8:d0:c8:89:bd:
20:0b:bb:1b:21:87:9e:14:61:b3:92:00:8f:53:58:
36:07:7c:59:85:8a:b1:20:56:d7:38:f4:9e:23:b4:
c8:26:30:a7:78:45:4a:31:c6:80:43:e0:c2:1e:3e:
91:ac:6c:86:42:06:84:89:ad:17:88:97:c8:c0:d8:
22:5e:c5:6a:80:21:5d:4f:82:05:4f:74:28:fa:d9:
bf:43:11:fd:0c:09:75:b1:64:fd:63:d7:af:33:a1:
f4:de:97:42:41:37:d9:25:54:bd:8c:1a:25:88:25:
37:4e:eb:84:9a:af:2e:84:ce:6b:65:e6:38:ae:da:
7d:8b:53:d3:67:95:db:c5:d1:ee:cd:fd:90:82:af:
8e:39:d9:6e:32:7d:17:45:30:a5:d9:31:3d:9e:2f:
b0:10:45:d0:e1:e3:2a:5c:ff:3c:23:12:70:18:fa:
9a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:DD:38:FD:4D:43:AF:A5:BE:D1:9B:2E:5E:9E:01:E7:C5:EE:3C:B2
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kd04_U1Dr6W-0ZsuXp4B58XuPLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.129.0-88.216.130.255
88.216.132.0/23
88.216.224.0/22
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
53:48:20:99:4e:df:5f:38:ce:02:f1:3f:7c:26:9b:74:3a:5b:
7b:5f:8a:38:4d:75:27:c4:22:bb:98:26:74:00:6e:60:ca:74:
7d:aa:bb:05:8d:18:df:6b:dc:37:5a:fc:98:ae:45:0c:af:bd:
03:15:ea:40:47:47:37:4d:94:4c:f2:67:ba:21:b9:10:08:9c:
61:af:eb:09:c7:71:34:76:ae:88:ce:76:c5:46:c5:b6:a7:de:
ae:5c:93:03:7d:c7:7e:6f:93:25:2b:23:19:ee:e5:73:7e:e8:
15:c3:74:ce:74:77:2f:35:a1:95:8f:e7:af:00:f6:ce:f1:66:
86:60:12:25:42:d8:b6:cf:83:ad:cd:73:32:5e:cf:7d:61:6d:
2d:73:40:62:a1:11:5d:bd:e3:e9:3b:0c:4b:fe:eb:48:37:f8:
2c:41:5d:c4:bd:bb:a7:a8:f6:db:e5:13:e3:5f:8f:93:a9:40:
07:6d:f2:63:ab:c2:07:c1:7d:aa:44:2f:2e:55:3c:2d:ae:9e:
f6:24:49:40:fd:67:97:ef:6b:fe:32:38:f5:29:99:eb:da:1d:
2b:14:d7:1f:dd:c2:a7:bc:fc:99:b8:89:2a:69:6c:34:bd:e6:
be:73:74:54:89:d3:19:40:ce:82:98:df:68:cd:62:c2:70:0b:
d1:42:f4:ce
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYKIBn4MJszhvXOaYXayrsEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODEwMTM1MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWRkMzhmZDRkNDNhZmE1YmVkMTliMmU1ZTllMDFlN2M1ZWUzY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjiOVphSsMR4pbPMElxnk0BO21r+
qTPGczu9eFTvoRUZisuDSbfNDV4+O3LWMuqOW671kO6xNk+3Tgn+tB8zzZE1ftx8
uz/iOPgIcYoUK/zXksfWqNDIib0gC7sbIYeeFGGzkgCPU1g2B3xZhYqxIFbXOPSe
I7TIJjCneEVKMcaAQ+DCHj6RrGyGQgaEia0XiJfIwNgiXsVqgCFdT4IFT3Qo+tm/
QxH9DAl1sWT9Y9evM6H03pdCQTfZJVS9jBoliCU3TuuEmq8uhM5rZeY4rtp9i1PT
Z5XbxdHuzf2Qgq+OOdluMn0XRTCl2TE9ni+wEEXQ4eMqXP88IxJwGPqasQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCndOP1NQ6+lvtGbLl6eAefF7jyyMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS2QwNF9VMURyNlctMFpzdVhwNEI1OFh1UExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVCBTAwQA
WNghMAwDBABY2IEDBABY2IIDBAFY2IQDBAJY2OADBAJY2OgwDQYJKoZIhvcNAQEL
BQADggEBAFNIIJlO3184zgLxP3wmm3Q6W3tfijhNdSfEIruYJnQAbmDKdH2quwWN
GN9r3Dda/JiuRQyvvQMV6kBHRzdNlEzyZ7ohuRAInGGv6wnHcTR2rojOdsVGxban
3q5ckwN9x35vkyUrIxnu5XN+6BXDdM50dy81oZWP568A9s7xZoZgEiVC2LbPg63N
czJez31hbS1zQGKhEV294+k7DEv+60g3+CxBXcS9u6eo9tvlE+Nfj5OpQAdt8mOr
wgfBfapELy5VPC2unvYkSUD9Z5fva/4yOPUpmevaHSsU1x/dwqe8/Jm4iSppbDS9
5r5zdFSJ0xlAzoKY32jNYsJwC9FC9M4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org