Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LKws4AQjw1qWn7aYBtOTiUZD9dM.roa
File: LKws4AQjw1qWn7aYBtOTiUZD9dM.roa (raw, json)
Hash identifier: h0t4FUzkzDsE272OkEptfJB/zWC9djeQU55CY9pG9sE=
Subject key identifier: 2C:AC:2C:E0:04:23:C3:5A:96:9F:B6:98:06:D3:93:89:46:43:F5:D3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01825956EAB93534D53CF9EB8EECEED27084
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LKws4AQjw1qWn7aYBtOTiUZD9dM.roa
Signing time: Mon 01 Aug 2022 12:17:24 +0000
ROA not before: Mon 01 Aug 2022 12:17:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:59:56:ea:b9:35:34:d5:3c:f9:eb:8e:ec:ee:d2:70:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 1 12:17:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2cac2ce00423c35a969fb69806d393894643f5d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:42:6a:ee:73:19:66:10:b4:47:94:fe:e9:e5:
68:65:25:3d:1e:8a:ce:50:ca:17:21:00:b5:df:1d:
49:37:0c:90:e8:5a:48:d4:c6:27:50:6f:4e:63:9b:
73:72:2d:5c:d8:2c:97:94:71:91:c1:c2:b5:f6:61:
73:92:da:41:df:0d:1c:70:dd:7b:1b:2b:2c:a6:d4:
fe:87:93:33:b1:c8:4b:47:93:7f:58:ae:ea:99:de:
3c:44:2f:f9:73:9b:c2:ee:89:fb:85:f9:46:85:41:
df:81:fd:7c:56:44:b6:d4:20:61:45:95:2b:a7:79:
95:61:37:3c:49:90:9f:a8:a9:75:46:70:dc:39:21:
3e:41:3f:12:5b:0a:3e:6f:8c:f4:76:5e:15:cd:ed:
5e:1d:6c:97:b3:02:5b:e4:d6:22:7d:f0:7c:f9:e5:
b3:5a:a3:4b:e2:67:3d:2c:a4:49:79:5e:5a:11:71:
92:01:0a:73:c0:68:3f:b7:25:40:06:0a:a5:5f:c5:
23:9c:74:b2:e6:dc:69:57:ce:4f:14:02:58:f6:07:
93:97:bf:18:da:46:ec:5b:00:e6:c1:08:67:46:a9:
86:e5:3d:61:2f:fc:e6:4e:3b:04:1c:ed:06:65:a1:
89:2f:b5:cd:18:93:61:10:c2:18:4e:cf:49:c3:47:
9d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:AC:2C:E0:04:23:C3:5A:96:9F:B6:98:06:D3:93:89:46:43:F5:D3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LKws4AQjw1qWn7aYBtOTiUZD9dM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.129.0-88.216.130.255
88.216.224.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:b5:12:43:e3:e1:19:2f:6f:c3:80:c7:f5:50:bb:41:83:45:
65:e3:f9:52:bf:32:ed:45:89:46:19:47:3f:fb:a1:64:df:10:
43:41:a6:5b:af:bb:cf:b3:07:0c:dd:8d:0f:4c:36:e1:68:ae:
34:35:92:52:0e:fd:d7:e6:df:18:1b:bb:91:af:e1:24:5e:0b:
54:1e:5d:0f:4f:bb:b8:fc:9f:7e:a0:52:b8:51:e7:5b:9e:b4:
8a:03:22:54:ce:03:81:a8:77:de:a0:3c:1f:31:0f:38:ba:11:
ae:f9:da:79:e4:2a:4c:8d:da:e1:4d:a6:62:17:3b:33:a1:0f:
2e:e6:47:da:46:23:f7:65:78:eb:d0:cf:0e:b6:5e:08:04:68:
00:e8:f4:41:69:10:ed:22:e2:78:8f:99:00:d8:3d:b3:3c:b2:
55:83:6e:30:25:f9:05:09:61:2a:3e:fc:bf:27:50:aa:18:71:
ad:84:df:19:5e:b5:c5:cb:30:64:2a:18:54:3d:2c:21:e6:71:
85:0e:50:10:09:c9:ea:10:6c:7a:0f:13:22:bb:42:af:a0:6d:
b3:26:74:d1:8a:06:8d:fd:da:f0:fe:4c:1e:67:33:13:4d:29:
f4:14:a8:d0:4c:77:5f:e8:24:f9:77:f1:a5:a3:bc:d2:c6:e2:
12:9f:98:a5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYJZVuq5NTTVPPnrjuzu0nCEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODAxMTIxNzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2FjMmNlMDA0MjNjMzVhOTY5ZmI2OTgwNmQzOTM4OTQ2NDNmNWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEJq7nMZZhC0R5T+6eVoZSU9HorO
UMoXIQC13x1JNwyQ6FpI1MYnUG9OY5tzci1c2CyXlHGRwcK19mFzktpB3w0ccN17
GyssptT+h5MzschLR5N/WK7qmd48RC/5c5vC7on7hflGhUHfgf18VkS21CBhRZUr
p3mVYTc8SZCfqKl1RnDcOSE+QT8SWwo+b4z0dl4Vze1eHWyXswJb5NYiffB8+eWz
WqNL4mc9LKRJeV5aEXGSAQpzwGg/tyVABgqlX8UjnHSy5txpV85PFAJY9geTl78Y
2kbsWwDmwQhnRqmG5T1hL/zmTjsEHO0GZaGJL7XNGJNhEMIYTs9Jw0edaQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFCysLOAEI8Nalp+2mAbTk4lGQ/XTMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTEt3czRBUWp3MXFXbjdhWUJ0T1RpVVpEOWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVCBTAwQA
WNghMAwDBABY2IEDBABY2IIDBAJY2OAwDQYJKoZIhvcNAQELBQADggEBAHy1EkPj
4Rkvb8OAx/VQu0GDRWXj+VK/Mu1FiUYZRz/7oWTfEENBpluvu8+zBwzdjQ9MNuFo
rjQ1klIO/dfm3xgbu5Gv4SReC1QeXQ9Pu7j8n36gUrhR51uetIoDIlTOA4God96g
PB8xDzi6Ea752nnkKkyN2uFNpmIXOzOhDy7mR9pGI/dleOvQzw62XggEaADo9EFp
EO0i4niPmQDYPbM8slWDbjAl+QUJYSo+/L8nUKoYca2E3xletcXLMGQqGFQ9LCHm
cYUOUBAJyeoQbHoPEyK7Qq+gbbMmdNGKBo392vD+TB5nMxNNKfQUqNBMd1/oJPl3
8aWjvNLG4hKfmKU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:26 2024 by rpki-client on console-ams.rpki-client.org