Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSm9fXTgYiZHsUPKyKVszimY8Ws.roa
File: NSm9fXTgYiZHsUPKyKVszimY8Ws.roa (raw, json)
Hash identifier: 4FHglY3hdJIwS3HYgsuF5It9eV4gFNvbdZ/Eu/b8LXc=
Subject key identifier: 35:29:BD:7D:74:E0:62:26:47:B1:43:CA:C8:A5:6C:CE:29:98:F1:6B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E7E032A2A6DC45D0E5F5256A7B645546
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSm9fXTgYiZHsUPKyKVszimY8Ws.roa
Signing time: Tue 06 Dec 2022 14:39:00 +0000
ROA not before: Tue 06 Dec 2022 14:39:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e7:e0:32:a2:a6:dc:45:d0:e5:f5:25:6a:7b:64:55:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 6 14:39:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3529bd7d74e0622647b143cac8a56cce2998f16b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:31:2d:1b:60:3b:14:97:95:85:bb:2a:9f:09:
86:1d:16:59:c7:25:e0:57:6a:71:7d:f5:e7:e1:6c:
44:eb:e9:3c:c7:3c:9b:62:b6:19:d5:3e:c4:80:23:
41:6e:21:cd:e1:d4:25:57:07:0c:a6:ed:b3:ef:a4:
b7:5b:f8:57:7d:91:f4:a0:74:e6:e7:d2:2a:d9:fc:
0e:0e:81:05:76:da:29:07:ee:35:3b:3f:10:7c:81:
a5:1e:ec:8a:7f:7f:02:23:e8:30:36:81:af:bd:ee:
f3:32:1c:70:1c:82:4d:88:c5:a5:82:ab:c8:45:da:
99:e7:c7:3e:a4:86:32:5f:fb:30:f3:ba:65:0e:d7:
f2:7a:56:44:db:19:ae:0e:8e:68:fe:bb:22:e9:86:
b5:89:c5:31:89:d0:a1:11:f2:98:75:da:6a:83:76:
6c:16:85:ae:2c:01:5b:be:5e:ee:a3:e0:57:17:89:
94:75:49:c6:19:21:26:56:fd:17:76:19:2a:ce:c9:
34:18:bf:a1:0d:d5:55:5c:ff:46:03:33:4b:3b:bc:
15:69:f5:1d:14:2a:16:a1:49:40:c0:75:98:b1:8d:
a0:ca:1f:16:89:30:1f:55:7d:8a:60:e4:7c:60:c0:
3a:20:f0:3d:cc:d0:ce:1e:d2:05:2d:d5:36:5e:8c:
91:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:29:BD:7D:74:E0:62:26:47:B1:43:CA:C8:A5:6C:CE:29:98:F1:6B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/NSm9fXTgYiZHsUPKyKVszimY8Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.40.0/24
88.216.95.0/24
88.216.102.0/23
88.216.188.0/24
88.216.190.0/23
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:5a:54:5c:d7:60:85:09:92:31:5b:90:9d:71:f9:53:c2:5f:
e5:30:3d:67:76:65:d6:b4:ec:b8:5f:2a:ca:cf:3d:87:07:a1:
27:7b:ed:32:8b:2e:5d:34:54:f1:9e:92:67:28:79:81:f0:ba:
b1:a7:45:ef:b2:bb:a3:2a:3c:f7:da:3f:8a:24:94:76:fc:3a:
70:fc:f2:57:b3:23:b1:e5:62:ee:0f:75:61:f9:d8:85:a5:48:
1c:19:d4:00:4a:cb:e8:74:b7:29:cf:8b:00:f7:c6:69:81:a7:
16:1c:02:53:cd:bc:8f:4f:27:23:78:5d:cc:7e:b5:ee:e2:2a:
08:10:ff:84:d8:d0:ba:8c:f5:1e:a9:91:f8:d4:cd:6a:95:92:
55:db:b7:5f:fc:71:9b:d3:3c:ea:05:6d:0f:49:5a:0d:69:65:
89:7b:e8:c8:e4:dd:10:29:6a:c3:d8:db:3c:41:c6:b9:b2:38:
1b:03:35:ad:d8:4e:b7:3e:3c:4c:e3:5b:5d:f9:b9:9e:12:40:
1f:3c:de:00:33:5a:86:4b:65:b3:66:54:b7:90:00:e5:98:bb:
bb:e7:81:a3:13:46:a7:75:61:3d:36:9e:3f:17:14:29:6f:78:
92:2d:cd:e8:86:35:bc:cd:6b:97:d8:04:68:75:54:45:29:3a:
47:7a:34:7c
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYTn4DKiptxF0OX1JWp7ZFVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA2MTQzOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTI5YmQ3ZDc0ZTA2MjI2NDdiMTQzY2FjOGE1NmNjZTI5OThmMTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zEtG2A7FJeVhbsqnwmGHRZZxyXg
V2pxffXn4WxE6+k8xzybYrYZ1T7EgCNBbiHN4dQlVwcMpu2z76S3W/hXfZH0oHTm
59Iq2fwODoEFdtopB+41Oz8QfIGlHuyKf38CI+gwNoGvve7zMhxwHIJNiMWlgqvI
RdqZ58c+pIYyX/sw87plDtfyelZE2xmuDo5o/rsi6Ya1icUxidChEfKYddpqg3Zs
FoWuLAFbvl7uo+BXF4mUdUnGGSEmVv0Xdhkqzsk0GL+hDdVVXP9GAzNLO7wVafUd
FCoWoUlAwHWYsY2gyh8WiTAfVX2KYOR8YMA6IPA9zNDOHtIFLdU2XoyR3QIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFDUpvX104GImR7FDysilbM4pmPFrMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTlNtOWZYVGdZaVpIc1VQS3lLVnN6aW1ZOFdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBABU
ICwDBAFUIC4wDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBCAwQAVCBEAwQAVCBW
AwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDhAwQAVCDjAwQAVCD/AwQAWNgoAwQAWNhf
AwQBWNhmAwQAWNi8AwQBWNi+AwQAWNjGAwQAWNjRMA0GCSqGSIb3DQEBCwUAA4IB
AQA+WlRc12CFCZIxW5CdcflTwl/lMD1ndmXWtOy4XyrKzz2HB6Ene+0yiy5dNFTx
npJnKHmB8Lqxp0XvsrujKjz32j+KJJR2/Dpw/PJXsyOx5WLuD3Vh+diFpUgcGdQA
SsvodLcpz4sA98ZpgacWHAJTzbyPTycjeF3MfrXu4ioIEP+E2NC6jPUeqZH41M1q
lZJV27df/HGb0zzqBW0PSVoNaWWJe+jI5N0QKWrD2Ns8Qca5sjgbAzWt2E63PjxM
41td+bmeEkAfPN4AM1qGS2WzZlS3kADlmLu754GjE0andWE9Np4/FxQpb3iSLc3o
hjW8zWuX2ARodVRFKTpHejR8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org