Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MSGyG95iBit1EEop0_lXPJgJH64.roa
File: MSGyG95iBit1EEop0_lXPJgJH64.roa (raw, json)
Hash identifier: L+JQkzzLMWvWU9PzpsrfjHG4xZcTZNNV/GfatvY+bJU=
Subject key identifier: 31:21:B2:1B:DE:62:06:2B:75:10:4A:29:D3:F9:57:3C:98:09:1F:AE
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184C9478F948C5113E3D1F09198A7922B96
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MSGyG95iBit1EEop0_lXPJgJH64.roa
Signing time: Wed 30 Nov 2022 16:03:40 +0000
ROA not before: Wed 30 Nov 2022 16:03:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:47:8f:94:8c:51:13:e3:d1:f0:91:98:a7:92:2b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 30 16:03:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3121b21bde62062b75104a29d3f9573c98091fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:11:5e:59:9d:39:43:08:30:91:84:32:a6:46:
1b:9c:d0:26:4c:99:da:5e:bd:31:c3:24:fb:aa:7d:
7d:15:e6:f0:10:10:b4:9e:49:fc:8f:56:c5:b4:33:
4c:b2:96:5d:de:e6:7a:3d:5b:5c:78:5d:aa:db:b7:
81:fd:6b:f5:87:cf:1b:d1:a0:34:6c:e2:a8:46:02:
5c:6c:34:ed:8e:10:aa:cb:5b:84:f8:75:12:e9:70:
d0:de:e3:28:87:ee:48:78:22:21:46:32:02:a2:8d:
c0:ce:ee:5c:9c:c2:b9:3a:9f:d7:d2:64:39:2e:b2:
88:70:b2:78:c1:65:4a:95:1a:7c:26:5e:8b:8c:d4:
48:85:61:d3:5a:fc:2b:88:dd:4e:0f:2c:a4:12:85:
f9:be:3e:c5:e0:b8:a4:3e:fb:49:a8:fa:c7:cd:6d:
57:fb:51:8b:87:80:70:16:d9:7d:3d:aa:f6:50:ae:
53:80:d2:33:89:e0:78:3f:0c:8f:22:10:a8:0f:64:
c6:62:39:51:ea:c1:66:03:b0:23:2b:a5:67:76:2a:
38:79:83:7b:58:54:1d:d9:da:27:eb:81:01:f7:68:
92:47:2d:51:0f:16:51:36:cb:95:dc:70:38:76:08:
d6:48:7b:8b:54:84:93:0c:05:ca:35:ef:38:c0:f2:
db:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:21:B2:1B:DE:62:06:2B:75:10:4A:29:D3:F9:57:3C:98:09:1F:AE
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MSGyG95iBit1EEop0_lXPJgJH64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.226.0/24
84.32.238.0/23
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.46.0/24
88.216.199.0/24
88.216.210.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
47:c2:34:3d:69:23:ff:01:a4:6d:d0:16:2d:4d:15:9d:6c:5b:
1a:53:09:a1:6c:08:af:58:34:be:91:35:51:a3:bd:28:b8:81:
23:b5:09:f3:36:43:b8:16:26:a0:49:7a:a3:20:e2:de:82:8e:
7d:cc:21:33:04:fe:e2:a4:74:65:db:2a:21:ad:6d:0b:b7:eb:
29:a0:3c:42:33:0c:39:e1:e1:9d:5f:20:d0:92:37:97:72:ea:
a8:75:ca:14:9f:9e:df:38:10:26:05:e4:7c:8e:50:59:a8:ff:
29:99:26:bc:f1:4d:fd:f9:29:51:95:3b:e8:bd:65:00:05:83:
ae:6d:fe:c6:cf:cc:55:5d:0c:a8:d9:cb:30:b2:f8:fd:86:50:
bc:e9:e8:3d:79:7a:eb:af:c0:c1:70:3b:4d:b2:58:c8:6c:cf:
3b:8c:a0:97:4b:90:47:2b:dd:e6:d1:71:8f:bf:27:03:ed:3e:
98:f8:a5:c0:1c:65:16:91:68:8c:a6:ca:97:0f:f0:31:a9:e6:
15:bb:1f:06:01:44:fd:5f:1a:44:15:8c:3a:8c:7b:1f:79:61:
14:3a:67:cf:2f:d4:05:d2:7d:c0:58:2a:bb:67:62:2c:ee:29:
d0:5f:52:98:73:24:93:7f:28:81:03:90:50:15:e0:56:d5:32:
88:53:04:03
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYTJR4+UjFET49HwkZinkiuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTMwMTYwMzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTIxYjIxYmRlNjIwNjJiNzUxMDRhMjlkM2Y5NTczYzk4MDkxZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxFeWZ05QwgwkYQypkYbnNAmTJna
Xr0xwyT7qn19FebwEBC0nkn8j1bFtDNMspZd3uZ6PVtceF2q27eB/Wv1h88b0aA0
bOKoRgJcbDTtjhCqy1uE+HUS6XDQ3uMoh+5IeCIhRjICoo3Azu5cnMK5Op/X0mQ5
LrKIcLJ4wWVKlRp8Jl6LjNRIhWHTWvwriN1ODyykEoX5vj7F4LikPvtJqPrHzW1X
+1GLh4BwFtl9Par2UK5TgNIzieB4PwyPIhCoD2TGYjlR6sFmA7AjK6Vndio4eYN7
WFQd2don64EB92iSRy1RDxZRNsuV3HA4dgjWSHuLVISTDAXKNe84wPLbSwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFDEhshveYgYrdRBKKdP5VzyYCR+uMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTVNHeUc5NWlCaXQxRUVvcDBfbFhQSmdKSDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwbgQCAAEwaAMEAFQgMAME
AFQgMgMEAFQgOgMEAFQgRwMEAFQgWAMEAFQgXQMEAFQg4gMEAVQg7gMEAFQg9QME
AFjYAzAMAwQAWNgVAwQAWNgWAwQAWNggAwQAWNguAwQAWNjHAwQBWNjSAwQAWNjf
MA0GCSqGSIb3DQEBCwUAA4IBAQBHwjQ9aSP/AaRt0BYtTRWdbFsaUwmhbAivWDS+
kTVRo70ouIEjtQnzNkO4FiagSXqjIOLego59zCEzBP7ipHRl2yohrW0Lt+spoDxC
Mww54eGdXyDQkjeXcuqodcoUn57fOBAmBeR8jlBZqP8pmSa88U39+SlRlTvovWUA
BYOubf7Gz8xVXQyo2cswsvj9hlC86eg9eXrrr8DBcDtNsljIbM87jKCXS5BHK93m
0XGPvycD7T6Y+KXAHGUWkWiMpsqXD/AxqeYVux8GAUT9XxpEFYw6jHsfeWEUOmfP
L9QF0n3AWCq7Z2Is7inQX1KYcySTfyiBA5BQFeBW1TKIUwQD
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org