Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M6bkwbI9QW562VqPICQfRc2WHxQ.roa
File: M6bkwbI9QW562VqPICQfRc2WHxQ.roa (raw, json)
Hash identifier: PzDlS9xhswjI4sMq2btpd19pjD+aZ9SVyOHcPZUeXuc=
Subject key identifier: 33:A6:E4:C1:B2:3D:41:6E:7A:D9:5A:8F:20:24:1F:45:CD:96:1F:14
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185149120E10A19DB5A084720B9F69EC25F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M6bkwbI9QW562VqPICQfRc2WHxQ.roa
Signing time: Thu 15 Dec 2022 06:55:33 +0000
ROA not before: Thu 15 Dec 2022 06:55:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.219.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:91:20:e1:0a:19:db:5a:08:47:20:b9:f6:9e:c2:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 15 06:55:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33a6e4c1b23d416e7ad95a8f20241f45cd961f14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8f:d1:56:a8:7e:b8:1d:59:69:22:6f:b6:1b:
4b:a3:81:64:0d:71:29:b3:23:26:ae:5d:39:c3:f2:
55:91:b0:38:db:30:81:d0:2f:c6:05:85:b3:31:f1:
11:fe:33:a2:58:93:ec:e1:d6:fa:96:a0:4b:a7:41:
09:2f:3c:85:08:a5:9f:88:ef:4b:87:fa:09:44:2c:
0e:01:1b:a0:ae:0f:15:1e:08:c6:4c:76:cc:cd:90:
b6:08:fd:d7:45:85:44:34:82:49:d1:37:cd:b1:2c:
4a:69:32:8d:d9:2c:f5:6b:87:2b:bc:53:05:d3:83:
9b:27:2f:52:2b:b5:cb:34:4c:91:8c:66:fe:a2:08:
1f:21:e2:e1:2a:bc:1f:38:71:24:d6:14:99:d4:ce:
02:50:7b:ce:f2:c9:f0:a6:d2:0a:59:cd:cb:b1:19:
e5:53:df:a2:a9:69:70:35:0f:b8:2f:ac:1e:5d:56:
a4:44:a2:13:b2:de:a3:f3:d0:1f:46:ac:20:2a:5d:
0f:cb:4a:70:54:8d:71:b9:06:0d:6e:88:ff:55:c2:
30:7c:d4:54:ac:e5:bd:f1:cd:77:d5:10:0f:3a:53:
b4:b0:3b:40:14:8e:a0:4a:46:f3:e0:fc:77:2a:b2:
6b:db:40:0b:9e:9e:73:18:1c:a7:c4:6e:26:ca:a5:
60:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A6:E4:C1:B2:3D:41:6E:7A:D9:5A:8F:20:24:1F:45:CD:96:1F:14
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M6bkwbI9QW562VqPICQfRc2WHxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.28.0/24
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.219.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.95.0/24
88.216.102.0/23
88.216.188.0/24
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
87:9b:67:67:3c:a7:b6:18:38:61:ec:61:7e:09:3d:76:3a:17:
4c:a1:4f:5f:93:af:d3:7d:4a:ef:e7:3e:8e:68:5b:78:4f:da:
81:b1:86:0f:2d:e9:54:c9:b6:26:dd:b0:f3:cb:08:98:8e:92:
85:20:7e:3c:a3:02:68:67:ac:16:52:e9:57:6b:14:ee:ee:ed:
bd:e9:cb:18:de:bd:9f:2e:a7:7e:70:03:07:b5:7c:c4:7c:60:
25:c3:31:91:63:0e:c9:34:9b:e9:e1:9b:bc:8e:26:60:bc:fb:
79:9f:57:62:76:38:0c:41:42:4f:bb:aa:82:68:cf:c7:9d:b0:
bb:af:dd:a7:c6:4e:17:83:43:d7:cc:21:b1:1b:1e:f9:c7:5e:
d4:af:01:5c:dc:1f:f7:02:87:b2:14:3f:5e:b2:99:25:6e:9c:
2b:4c:23:f6:b9:b0:17:e2:a3:b4:0e:cf:5e:e6:ef:bc:39:19:
1f:14:ef:45:6b:d4:98:a3:4b:dd:68:a4:e6:55:e7:da:8c:02:
40:4f:0c:de:10:57:e5:c6:c8:21:8d:74:3d:d1:d8:f9:f5:f5:
c0:43:da:ab:b8:cb:98:bb:14:5b:dd:67:c1:68:9f:a3:77:71:
01:ff:18:3e:8f:77:26:a2:51:68:95:51:e7:72:14:a1:97:9f:
3a:86:29:0a
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYUUkSDhChnbWghHILn2nsJfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE1MDY1NTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2E2ZTRjMWIyM2Q0MTZlN2FkOTVhOGYyMDI0MWY0NWNkOTYxZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4/RVqh+uB1ZaSJvthtLo4FkDXEp
syMmrl05w/JVkbA42zCB0C/GBYWzMfER/jOiWJPs4db6lqBLp0EJLzyFCKWfiO9L
h/oJRCwOARugrg8VHgjGTHbMzZC2CP3XRYVENIJJ0TfNsSxKaTKN2Sz1a4crvFMF
04ObJy9SK7XLNEyRjGb+oggfIeLhKrwfOHEk1hSZ1M4CUHvO8snwptIKWc3LsRnl
U9+iqWlwNQ+4L6weXVakRKITst6j89AfRqwgKl0Py0pwVI1xuQYNboj/VcIwfNRU
rOW98c131RAPOlO0sDtAFI6gSkbz4Px3KrJr20ALnp5zGBynxG4myqVgGwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFDOm5MGyPUFuetlajyAkH0XNlh8UMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTTZia3diSTlRVzU2MlZxUElDUWZSYzJXSHhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABU
IBwDBABUIB4DBABUICwDBAFUIC4wDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBC
AwQAVCBEAwQAVCBWAwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDbAwQAVCDhAwQAVCDj
AwQAVCD/AwQAWNhfAwQBWNhmAwQAWNi8AwQAWNjGAwQAWNjRMA0GCSqGSIb3DQEB
CwUAA4IBAQCHm2dnPKe2GDhh7GF+CT12OhdMoU9fk6/TfUrv5z6OaFt4T9qBsYYP
LelUybYm3bDzywiYjpKFIH48owJoZ6wWUulXaxTu7u296csY3r2fLqd+cAMHtXzE
fGAlwzGRYw7JNJvp4Zu8jiZgvPt5n1didjgMQUJPu6qCaM/HnbC7r92nxk4Xg0PX
zCGxGx75x17UrwFc3B/3AoeyFD9espklbpwrTCP2ubAX4qO0Ds9e5u+8ORkfFO9F
a9SYo0vdaKTmVefajAJATwzeEFflxsghjXQ90dj59fXAQ9qruMuYuxRb3WfBaJ+j
d3EB/xg+j3cmolFolVHnchShl586hikK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org