Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LYJWoXZLv57TfZbOmZDstJ-rfww.roa
File: LYJWoXZLv57TfZbOmZDstJ-rfww.roa (raw, json)
Hash identifier: jNDLO4ifhFBDPrEZsCxSWIEuy++CANRn5Qifg+g+8O8=
Subject key identifier: 2D:82:56:A1:76:4B:BF:9E:D3:7D:96:CE:99:90:EC:B4:9F:AB:7F:0C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184B9F23C669349D5DB3A2B5AD6504FC01A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LYJWoXZLv57TfZbOmZDstJ-rfww.roa
Signing time: Sun 27 Nov 2022 16:36:10 +0000
ROA not before: Sun 27 Nov 2022 16:36:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b9:f2:3c:66:93:49:d5:db:3a:2b:5a:d6:50:4f:c0:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 27 16:36:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d8256a1764bbf9ed37d96ce9990ecb49fab7f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c4:2a:ef:c0:62:f1:a5:f0:b6:88:a4:78:a1:
5b:99:81:2d:66:9e:6c:9e:4c:6b:b3:9c:05:0a:e4:
19:94:2d:2f:fe:aa:db:33:ce:63:7e:cb:ba:31:de:
a0:2a:1a:78:34:43:e7:79:03:91:3a:2f:bb:b7:0d:
77:82:c6:34:31:77:e2:bb:16:b5:cf:ab:5c:e6:97:
fd:96:95:d6:f3:13:7c:6c:c5:10:5c:e7:91:f5:97:
69:8b:ac:e5:65:e5:0c:e4:bf:6d:7b:c7:db:d5:d2:
88:f2:71:35:f8:60:97:7d:21:73:03:7e:f2:32:c3:
f9:c6:61:05:4a:22:d1:31:9b:d8:2d:44:f3:e8:43:
83:d6:c0:93:b0:33:af:e0:03:26:8e:69:7b:ac:95:
de:67:1d:83:e2:0d:1b:97:8e:3e:7f:37:8d:a1:0d:
21:bc:a3:b0:6b:e1:e7:f6:96:90:5e:32:9e:34:79:
31:ec:c3:56:73:e5:e3:ce:9c:64:1b:8f:d5:02:a6:
7c:15:d9:33:48:c9:4c:26:7e:cb:45:d8:57:75:d9:
19:c3:20:eb:67:68:d2:31:3d:80:82:db:0c:c1:0a:
b3:e1:ce:99:a2:14:fc:27:d9:8a:dd:67:10:fb:26:
30:b0:9f:85:cd:0d:0e:ab:90:91:12:9d:dd:cf:7d:
82:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:82:56:A1:76:4B:BF:9E:D3:7D:96:CE:99:90:EC:B4:9F:AB:7F:0C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/LYJWoXZLv57TfZbOmZDstJ-rfww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.44.0/24
84.32.46.0/23
84.32.49.0/24
84.32.59.0-84.32.60.255
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/23
88.216.188.0/24
88.216.190.0/23
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
92:59:e3:90:54:1f:cd:86:51:2d:43:51:4e:c1:d8:d1:c4:21:
f6:37:22:b5:69:a9:61:2e:8d:5d:29:bb:fa:a0:d1:d5:97:1f:
ae:6d:e2:85:ab:24:32:97:12:54:3d:be:9d:c9:d0:a9:94:36:
3c:9f:ce:ad:a0:37:11:27:5e:88:fe:58:42:0c:81:2d:6c:f9:
cc:5b:52:c6:f8:a6:f8:ef:10:93:ca:c7:45:af:6c:24:dc:8b:
9a:8d:4a:67:42:3c:6c:72:67:7d:c7:f8:5a:60:e9:5a:07:33:
3c:9a:9f:ae:e1:f7:8c:6e:f9:a4:f9:3e:84:c1:c6:22:61:97:
7e:ca:73:9e:3b:a6:3f:37:a7:ff:6d:da:83:47:75:64:79:e3:
3e:74:0f:e1:31:22:11:39:29:8c:d5:4e:f7:72:b2:8c:7f:14:
df:84:7b:c5:8a:e9:7b:d6:20:0d:19:56:7a:67:4e:d9:06:20:
47:aa:63:c4:f3:7b:52:04:cd:36:43:f5:32:d4:1b:44:fc:d1:
6b:a9:b6:0c:7d:ee:b6:73:d5:06:b9:99:d3:61:88:49:bc:a7:
a5:ae:f3:7f:1a:dd:43:01:65:72:eb:dd:85:df:30:1d:8e:11:
e9:50:85:d7:a3:08:06:1d:67:4b:68:e9:a0:7b:d0:f5:14:46:
c2:09:1f:1e
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYS58jxmk0nV2zorWtZQT8AaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI3MTYzNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDgyNTZhMTc2NGJiZjllZDM3ZDk2Y2U5OTkwZWNiNDlmYWI3ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8Qq78Bi8aXwtoikeKFbmYEtZp5s
nkxrs5wFCuQZlC0v/qrbM85jfsu6Md6gKhp4NEPneQOROi+7tw13gsY0MXfiuxa1
z6tc5pf9lpXW8xN8bMUQXOeR9Zdpi6zlZeUM5L9te8fb1dKI8nE1+GCXfSFzA37y
MsP5xmEFSiLRMZvYLUTz6EOD1sCTsDOv4AMmjml7rJXeZx2D4g0bl44+fzeNoQ0h
vKOwa+Hn9paQXjKeNHkx7MNWc+XjzpxkG4/VAqZ8FdkzSMlMJn7LRdhXddkZwyDr
Z2jSMT2AgtsMwQqz4c6ZohT8J9mK3WcQ+yYwsJ+FzQ0Oq5CREp3dz32CGwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFC2CVqF2S7+e032WzpmQ7LSfq38MMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTFlKV29YWkx2NTdUZlpiT21aRHN0Si1yZnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABU
IA8DBABUICwDBAFUIC4DBABUIDEwDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBC
AwQAVCBEAwQAVCBWAwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDhAwQAVCDjAwQAVCD/
AwQAWNgoAwQAWNhbAwQBWNhmAwQAWNi8AwQBWNi+AwQAWNjGAwQAWNjRMA0GCSqG
SIb3DQEBCwUAA4IBAQCSWeOQVB/NhlEtQ1FOwdjRxCH2NyK1aalhLo1dKbv6oNHV
lx+ubeKFqyQylxJUPb6dydCplDY8n86toDcRJ16I/lhCDIEtbPnMW1LG+Kb47xCT
ysdFr2wk3IuajUpnQjxscmd9x/haYOlaBzM8mp+u4feMbvmk+T6EwcYiYZd+ynOe
O6Y/N6f/bdqDR3VkeeM+dA/hMSIROSmM1U73crKMfxTfhHvFiul71iANGVZ6Z07Z
BiBHqmPE83tSBM02Q/Uy1BtE/NFrqbYMfe62c9UGuZnTYYhJvKelrvN/Gt1DAWVy
692F3zAdjhHpUIXXowgGHWdLaOmge9D1FEbCCR8e
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org