Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M9DCcE0zaiHH9Rs9q-YpuhtkuII.roa
File: M9DCcE0zaiHH9Rs9q-YpuhtkuII.roa (raw, json)
Hash identifier: ZQgdHVUpXMQfVwwqurH2XWmZk6vaNTTm9+llODA/YnQ=
Subject key identifier: 33:D0:C2:70:4D:33:6A:21:C7:F5:1B:3D:AB:E6:29:BA:1B:64:B8:82
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01827CFABB8A0006A5792B37FB26EE9CDE15
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M9DCcE0zaiHH9Rs9q-YpuhtkuII.roa
Signing time: Mon 08 Aug 2022 10:23:02 +0000
ROA not before: Mon 08 Aug 2022 10:23:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.56.0/22 maxlen: 24
84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:fa:bb:8a:00:06:a5:79:2b:37:fb:26:ee:9c:de:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 8 10:23:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=33d0c2704d336a21c7f51b3dabe629ba1b64b882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:79:a2:12:84:00:b5:ce:86:1e:37:09:0a:f6:
3b:e2:58:75:49:a6:89:13:b7:69:fa:84:ed:5f:5e:
b1:2e:ad:8e:37:7e:93:72:c6:13:9b:03:c7:1b:75:
88:20:a5:2d:93:b0:fe:54:a1:5a:dc:72:55:d8:f8:
f8:bb:94:ea:fb:88:5d:3f:2e:96:bd:71:0a:76:60:
b8:ec:27:4a:87:2f:36:4c:4f:c7:f7:d0:f5:84:e8:
0a:be:77:60:bb:56:f2:6c:45:f8:f3:2f:4a:55:e9:
d4:8a:b7:11:64:b8:28:b1:45:0a:79:cd:ff:a2:94:
0b:dd:76:45:0e:28:f1:fa:6a:6e:e7:9c:51:21:00:
0d:0f:29:cf:17:be:f0:df:03:65:03:ff:ff:f3:b2:
33:33:2a:13:1e:af:fa:88:0d:e1:56:0c:01:bb:25:
28:eb:66:17:d7:30:eb:91:97:9d:cf:62:6a:7e:a4:
c5:e7:35:33:46:36:9e:95:a5:7b:cc:2f:23:97:f8:
49:a6:ce:3c:5c:ee:97:e8:f7:a1:d3:b4:ff:3c:55:
48:18:04:f3:ee:6a:2f:72:91:e2:d1:95:6d:16:bb:
5f:7f:e6:9a:e3:04:a5:97:d1:24:9c:1c:4b:e6:10:
78:09:9c:32:8b:25:69:03:e4:d6:23:b8:6b:b8:9e:
bc:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:D0:C2:70:4D:33:6A:21:C7:F5:1B:3D:AB:E6:29:BA:1B:64:B8:82
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/M9DCcE0zaiHH9Rs9q-YpuhtkuII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.48.0/22
84.32.56.0/22
84.32.64.0/21
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:33:b0:31:87:10:5c:68:dc:98:ea:07:98:79:3a:9c:88:d3:
dc:67:a1:89:ab:c6:a0:86:98:b9:26:c5:b9:bf:80:5b:6f:2f:
11:1c:9d:f2:6f:9e:e4:ae:c7:90:39:33:81:df:80:31:4d:68:
f3:10:46:85:c2:57:e5:37:0f:54:c4:93:be:69:9e:d1:47:1a:
cf:aa:0d:6a:cd:2d:84:91:3c:9a:d1:63:2e:27:b5:b6:94:dd:
90:d5:99:ad:7a:05:3f:a0:a0:52:c5:09:07:96:84:07:22:df:
14:ae:22:7a:4d:2c:02:70:8c:af:62:ae:07:a1:03:b9:db:c1:
64:e4:7a:c1:71:31:74:21:1e:5d:42:b2:da:95:c7:2a:1e:09:
eb:12:a6:7a:2c:f6:91:23:aa:aa:d7:8b:eb:09:cb:3b:15:b7:
ad:c8:33:db:52:09:2d:87:84:1d:d9:6f:13:79:8e:71:11:7c:
7b:4a:73:54:b0:9e:dc:94:ae:92:e0:8b:f7:68:ec:d3:c9:b4:
07:e7:df:80:9f:2b:3b:8c:23:f6:a6:00:ff:34:bb:59:a1:ee:
c2:0f:cb:93:7f:46:9f:b6:c3:9c:4e:9d:df:15:13:c4:12:50:
ac:99:44:a9:49:12:04:e2:f4:cd:85:90:b3:d3:44:2c:64:b7:
c2:78:b3:46
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJ8+ruKAAaleSs3+ybunN4VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODA4MTAyMzAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2QwYzI3MDRkMzM2YTIxYzdmNTFiM2RhYmU2MjliYTFiNjRiODgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnmiEoQAtc6GHjcJCvY74lh1SaaJ
E7dp+oTtX16xLq2ON36TcsYTmwPHG3WIIKUtk7D+VKFa3HJV2Pj4u5Tq+4hdPy6W
vXEKdmC47CdKhy82TE/H99D1hOgKvndgu1bybEX48y9KVenUircRZLgosUUKec3/
opQL3XZFDijx+mpu55xRIQANDynPF77w3wNlA///87IzMyoTHq/6iA3hVgwBuyUo
62YX1zDrkZedz2JqfqTF5zUzRjaelaV7zC8jl/hJps48XO6X6Peh07T/PFVIGATz
7movcpHi0ZVtFrtff+aa4wSll9EknBxL5hB4CZwyiyVpA+TWI7hruJ68GQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDPQwnBNM2ohx/UbPavmKbobZLiCMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTTlEQ2NFMHphaUhIOVJzOXEtWXB1aHRrdUlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVCAUAwQC
VCAwAwQCVCA4AwQDVCBAAwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQAbM7AxhxBc
aNyY6geYeTqciNPcZ6GJq8aghpi5JsW5v4Bbby8RHJ3yb57krseQOTOB34AxTWjz
EEaFwlflNw9UxJO+aZ7RRxrPqg1qzS2EkTya0WMuJ7W2lN2Q1ZmtegU/oKBSxQkH
loQHIt8UriJ6TSwCcIyvYq4HoQO528Fk5HrBcTF0IR5dQrLalccqHgnrEqZ6LPaR
I6qq14vrCcs7FbetyDPbUgkth4Qd2W8TeY5xEXx7SnNUsJ7clK6S4Iv3aOzTybQH
59+Anys7jCP2pgD/NLtZoe7CD8uTf0aftsOcTp3fFRPEElCsmUSpSRIE4vTNhZCz
00QsZLfCeLNG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org