Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kj1rdrzMsDoAA5W94Wbk89-rKZs.roa
File: Kj1rdrzMsDoAA5W94Wbk89-rKZs.roa (raw, json)
Hash identifier: XCsLKf9YnsiaPJFuo6vbGyZTzUzvjV0rarFgKLYV7t8=
Subject key identifier: 2A:3D:6B:76:BC:CC:B0:3A:00:03:95:BD:E1:66:E4:F3:DF:AB:29:9B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184A94CEF3C9A0F579E699067AD3977D469
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kj1rdrzMsDoAA5W94Wbk89-rKZs.roa
Signing time: Thu 24 Nov 2022 11:01:42 +0000
ROA not before: Thu 24 Nov 2022 11:01:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.41.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:4c:ef:3c:9a:0f:57:9e:69:90:67:ad:39:77:d4:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 24 11:01:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2a3d6b76bcccb03a000395bde166e4f3dfab299b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ea:30:7b:e1:fa:b8:83:86:d3:fb:13:37:53:
84:d8:a5:09:f0:41:e6:11:c2:1d:cd:0c:34:1a:fd:
a3:ca:5a:1d:03:5f:38:77:5b:6b:9f:72:a9:e9:5d:
88:c3:61:90:41:79:ae:ad:b6:eb:f3:c0:61:9b:2b:
85:d8:fa:a1:e3:20:d5:60:ca:26:f3:79:49:f7:4c:
d9:ff:9e:3c:cb:20:7b:4b:dd:b5:33:43:44:fa:28:
ac:da:d4:26:24:87:35:a3:97:06:aa:14:22:8e:7b:
08:33:b7:bc:c0:1c:35:7c:54:6c:6d:ed:49:73:ff:
b9:69:41:3b:0a:59:66:24:fd:25:c6:0c:17:eb:3c:
21:2e:4c:33:6c:6e:2d:38:1d:e8:4c:13:24:05:8f:
75:3b:45:9d:d1:7e:a0:f8:a2:c0:76:e7:b1:ed:23:
bc:8a:79:c2:81:d2:a0:e0:38:ef:1c:39:d1:e9:1b:
9f:12:7a:cc:29:8b:15:fa:a9:0d:52:a7:25:1e:91:
d0:46:8f:54:27:f9:35:f9:df:c9:e9:67:4f:2e:b4:
0b:c2:f6:39:a6:38:22:33:6e:0c:49:4c:9a:67:6d:
a8:e5:77:1d:59:f6:f6:1e:9c:60:ca:6f:36:f1:43:
64:d6:0b:e9:3a:a9:43:8e:18:33:4e:a6:d7:4d:aa:
d9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:3D:6B:76:BC:CC:B0:3A:00:03:95:BD:E1:66:E4:F3:DF:AB:29:9B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Kj1rdrzMsDoAA5W94Wbk89-rKZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.41.0/24
84.32.48.0/24
84.32.50.0/23
84.32.58.0/24
84.32.71.0/24
84.32.93.0/24
84.32.226.0/24
84.32.238.0/23
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.43.0/24
88.216.46.0/24
88.216.199.0/24
88.216.210.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c7:50:55:e5:12:2f:d9:e3:6a:78:a2:1f:f7:e0:8b:f1:72:
e3:0b:cc:00:cb:10:e6:3d:cc:7f:51:66:c7:db:fa:4e:3a:a7:
2d:45:ac:c8:d5:0c:59:d6:80:fd:05:8a:6b:fb:07:20:b3:ae:
e9:5f:0d:85:f0:65:06:87:c1:2b:16:3b:13:c3:34:3d:ea:01:
69:3c:cd:66:ff:6c:64:77:4d:01:86:73:6e:d4:4e:8b:f8:e5:
41:b9:cf:95:d8:96:8e:cb:c0:a1:c1:46:15:4e:c5:62:23:40:
8f:2e:f5:bb:c2:ff:90:8f:ca:41:9c:0d:8e:04:1a:7a:3a:ce:
8c:31:6d:97:6f:32:d7:1f:1a:1c:fc:82:40:f8:8f:74:b1:27:
7e:b5:6b:8d:de:42:d5:6f:88:a5:7c:f6:f5:bf:67:cb:31:a8:
4e:c2:df:bd:63:fd:f3:6e:6a:af:23:a4:b7:07:21:10:76:21:
5b:fb:fa:42:be:39:35:96:cc:c8:15:f6:f1:7d:4a:80:f4:52:
88:84:66:d2:4e:0f:e2:e7:eb:22:a8:ba:25:53:c5:4b:5d:2a:
c4:1c:a5:18:21:c0:96:87:1c:32:c0:f4:32:97:b4:dc:8a:61:
67:62:79:87:4a:26:7c:79:fb:d6:89:e8:01:cd:da:89:57:40:
dd:15:58:19
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYSpTO88mg9XnmmQZ605d9RpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI0MTEwMTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYTNkNmI3NmJjY2NiMDNhMDAwMzk1YmRlMTY2ZTRmM2RmYWIyOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqeowe+H6uIOG0/sTN1OE2KUJ8EHm
EcIdzQw0Gv2jylodA184d1trn3Kp6V2Iw2GQQXmurbbr88BhmyuF2Pqh4yDVYMom
83lJ90zZ/548yyB7S921M0NE+iis2tQmJIc1o5cGqhQijnsIM7e8wBw1fFRsbe1J
c/+5aUE7CllmJP0lxgwX6zwhLkwzbG4tOB3oTBMkBY91O0Wd0X6g+KLAduex7SO8
innCgdKg4DjvHDnR6RufEnrMKYsV+qkNUqclHpHQRo9UJ/k1+d/J6WdPLrQLwvY5
pjgiM24MSUyaZ22o5XcdWfb2Hpxgym828UNk1gvpOqlDjhgzTqbXTarZzwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFCo9a3a8zLA6AAOVveFm5PPfqymbMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvS2oxcmRyek1zRG9BQTVXOTRXYms4OS1yS1pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAFQgKQME
AFQgMAMEAVQgMgMEAFQgOgMEAFQgRwMEAFQgXQMEAFQg4gMEAVQg7gMEAFQg9QME
AFjYAzAMAwQAWNgVAwQAWNgWAwQAWNggAwQAWNgrAwQAWNguAwQAWNjHAwQBWNjS
AwQAWNjfMA0GCSqGSIb3DQEBCwUAA4IBAQAjx1BV5RIv2eNqeKIf9+CL8XLjC8wA
yxDmPcx/UWbH2/pOOqctRazI1QxZ1oD9BYpr+wcgs67pXw2F8GUGh8ErFjsTwzQ9
6gFpPM1m/2xkd00BhnNu1E6L+OVBuc+V2JaOy8ChwUYVTsViI0CPLvW7wv+Qj8pB
nA2OBBp6Os6MMW2XbzLXHxoc/IJA+I90sSd+tWuN3kLVb4ilfPb1v2fLMahOwt+9
Y/3zbmqvI6S3ByEQdiFb+/pCvjk1lszIFfbxfUqA9FKIhGbSTg/i5+siqLolU8VL
XSrEHKUYIcCWhxwywPQyl7TcimFnYnmHSiZ8efvWiegBzdqJV0DdFVgZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org