Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4WwBtxEuflV8ThDI_WW6ikGuSU.roa
File: L4WwBtxEuflV8ThDI_WW6ikGuSU.roa (raw, json)
Hash identifier: TyXjvxJ/n3NdVj6Z5cPkn3DRWndKHsMmOIWy0Na+zoA=
Subject key identifier: 2F:85:B0:06:DC:44:B9:F9:55:F1:38:43:23:F5:96:EA:29:06:B9:25
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C5D04B21D1292550E84136BAF5D095
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4WwBtxEuflV8ThDI_WW6ikGuSU.roa
Signing time: Thu 08 Dec 2022 17:26:00 +0000
ROA not before: Thu 08 Dec 2022 17:26:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.135.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.42.0/24 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c5:d0:4b:21:d1:29:25:50:e8:41:36:ba:f5:d0:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:26:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f85b006dc44b9f955f1384323f596ea2906b925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:19:ca:dd:6c:fc:92:31:b8:b4:5d:a3:13:78:
5d:57:f6:dd:d9:83:c2:96:90:84:53:dc:3a:ad:4c:
b5:cf:2b:3e:a5:6b:4f:35:94:82:12:29:00:36:9f:
1c:27:2f:e4:fa:56:e0:47:2c:c6:fd:2d:8e:fd:53:
5b:6e:80:f4:78:59:0b:02:24:0e:5f:fe:10:23:0e:
cc:00:90:a5:e7:a1:e4:09:a7:78:7a:06:37:71:d6:
1a:e8:a6:bb:79:94:52:6c:61:f4:47:4c:e4:6a:5d:
38:3b:4f:a0:31:ca:b5:b0:b0:07:24:e4:4b:13:f3:
f9:c7:84:a0:16:b5:49:8d:ba:d5:95:14:dd:bc:07:
2e:d2:97:df:b6:b1:54:f6:15:d6:1c:2b:c7:a2:4b:
d6:e4:0b:e2:0d:2c:95:9b:8f:81:d5:c1:a3:c4:a6:
30:ab:e7:33:31:2b:b4:ac:16:1d:1e:72:f6:cd:39:
2f:23:22:8f:77:f8:ba:a7:08:c6:42:28:04:3e:ad:
41:10:9d:1e:08:da:62:9b:c9:2f:dd:2f:6d:51:14:
ee:5a:31:08:e0:6e:79:5c:60:42:22:34:b9:fe:86:
ab:e8:6f:e9:18:27:a9:12:84:47:b5:83:1e:0b:2b:
b1:b9:63:6d:50:a2:7e:ba:aa:10:71:05:05:c8:45:
77:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:85:B0:06:DC:44:B9:F9:55:F1:38:43:23:F5:96:EA:29:06:B9:25
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/L4WwBtxEuflV8ThDI_WW6ikGuSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.90.0/23
84.32.212.0/24
88.216.42.0/24
88.216.44.0/23
88.216.128.0/24
88.216.131.0-88.216.133.255
88.216.135.0/24
88.216.224.0/22
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
52:85:d0:56:9c:7e:47:cd:d6:13:02:35:54:0c:f1:ed:14:27:
3d:70:6b:5a:46:3b:e2:73:e3:13:fa:1c:7e:85:7a:bd:11:f9:
f1:13:72:77:c8:fd:cc:83:91:f6:66:49:34:07:0d:fa:91:ad:
60:55:43:c4:5f:56:6b:0d:6f:c5:00:88:d0:6a:d8:2d:c7:3f:
12:50:06:39:39:20:a1:45:df:50:d6:65:58:a3:eb:cb:b2:00:
38:33:99:5a:22:b9:97:ac:e5:99:82:55:8a:23:6f:f5:61:94:
71:8a:02:76:a6:d1:4b:a0:ca:67:3b:c9:43:cc:6b:1c:a8:df:
53:5a:aa:06:12:e5:a6:fd:d3:e6:ab:92:ab:2c:88:83:22:ce:
6b:10:19:8a:ea:fc:8e:64:21:81:ad:6c:3d:ed:94:a6:e7:37:
32:e8:1f:66:66:9c:8a:ff:e5:95:08:f1:f8:0d:ef:b1:6d:c1:
80:40:c9:3d:d1:a1:c3:01:5e:a1:90:dd:e7:95:0a:aa:ba:98:
de:b2:d0:ea:03:3e:7e:6d:56:56:7d:89:35:05:27:06:1a:b8:
f7:b7:48:54:f6:10:c0:7f:e8:ae:f5:be:b0:61:b7:85:a1:86:
48:e2:1f:9b:24:91:4e:67:76:46:90:78:7a:92:21:85:71:42:
08:c7:4e:34
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYTyxdBLIdEpJVDoQTa69dCVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTcyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg1YjAwNmRjNDRiOWY5NTVmMTM4NDMyM2Y1OTZlYTI5MDZiOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAghnK3Wz8kjG4tF2jE3hdV/bd2YPC
lpCEU9w6rUy1zys+pWtPNZSCEikANp8cJy/k+lbgRyzG/S2O/VNbboD0eFkLAiQO
X/4QIw7MAJCl56HkCad4egY3cdYa6Ka7eZRSbGH0R0zkal04O0+gMcq1sLAHJORL
E/P5x4SgFrVJjbrVlRTdvAcu0pfftrFU9hXWHCvHokvW5AviDSyVm4+B1cGjxKYw
q+czMSu0rBYdHnL2zTkvIyKPd/i6pwjGQigEPq1BEJ0eCNpim8kv3S9tURTuWjEI
4G55XGBCIjS5/oar6G/pGCepEoRHtYMeCyuxuWNtUKJ+uqoQcQUFyEV30QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFC+FsAbcRLn5VfE4QyP1luopBrklMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTDRXd0J0eEV1ZmxWOFRoRElfV1c2aWtHdVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCVCAYAwQA
VCBPAwQBVCBaAwQAVCDUAwQAWNgqAwQBWNgsAwQAWNiAMAwDBABY2IMDBAFY2IQD
BABY2IcDBAJY2OADBAJY2PgwDQYJKoZIhvcNAQELBQADggEBAFKF0FacfkfN1hMC
NVQM8e0UJz1wa1pGO+Jz4xP6HH6Fer0R+fETcnfI/cyDkfZmSTQHDfqRrWBVQ8Rf
VmsNb8UAiNBq2C3HPxJQBjk5IKFF31DWZVij68uyADgzmVoiuZes5ZmCVYojb/Vh
lHGKAnam0Uugymc7yUPMaxyo31NaqgYS5ab90+arkqssiIMizmsQGYrq/I5kIYGt
bD3tlKbnNzLoH2ZmnIr/5ZUI8fgN77FtwYBAyT3RocMBXqGQ3eeVCqq6mN6y0OoD
Pn5tVlZ9iTUFJwYauPe3SFT2EMB/6K71vrBht4WhhkjiH5skkU5ndkaQeHqSIYVx
QgjHTjQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org