Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OFVVfuchZ8AId0JHc89Ktc8_O0A.roa
File: OFVVfuchZ8AId0JHc89Ktc8_O0A.roa (raw, json)
Hash identifier: nucP8mGVx1HCm35R9I1fhtg4NnK7rXhHP3UXfl1qIQI=
Subject key identifier: 38:55:55:7E:E7:21:67:C0:08:77:42:47:73:CF:4A:B5:CF:3F:3B:40
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01847087B296B3D94DF948F94FD125211BFB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OFVVfuchZ8AId0JHc89Ktc8_O0A.roa
Signing time: Sun 13 Nov 2022 10:27:32 +0000
ROA not before: Sun 13 Nov 2022 10:27:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.59.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:70:87:b2:96:b3:d9:4d:f9:48:f9:4f:d1:25:21:1b:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 13 10:27:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3855557ee72167c00877424773cf4ab5cf3f3b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:14:81:49:2e:18:07:4b:5b:29:9b:cc:eb:81:
b3:04:79:a2:b6:08:70:5f:fb:f4:c1:11:de:9a:55:
6e:a2:72:9d:8b:fb:23:59:10:0d:85:e2:32:56:2b:
11:2d:9e:9d:74:10:6e:b5:e5:2f:58:43:75:e8:73:
cf:42:a7:f3:e2:03:cc:21:c6:24:d6:bf:4b:56:d0:
bb:7d:eb:97:20:ec:e9:d6:42:b1:ab:97:47:8a:a3:
b3:31:d1:41:ef:e1:6a:51:cd:ab:d9:cb:be:24:39:
20:30:0e:89:99:c1:db:9d:db:13:96:42:bd:fc:a7:
bb:e2:a7:76:8a:07:b5:03:1e:b5:0e:cb:74:db:90:
8a:5c:72:6b:38:14:80:de:86:81:bf:e9:51:6e:d8:
5f:02:63:7a:2f:80:0c:67:a5:04:23:01:98:37:23:
b8:fe:e4:27:91:a1:fb:3d:66:9e:47:66:d1:37:52:
bd:ac:50:0a:db:28:09:58:ed:af:72:40:77:17:b5:
ce:f3:96:2d:48:7c:ea:f7:87:2c:a2:6c:32:85:ee:
17:fb:88:3e:cf:3c:4c:43:32:20:6e:f5:9e:83:44:
0a:87:bf:32:1d:d0:81:52:55:5d:3b:56:df:36:84:
91:03:45:b0:1b:73:99:e7:dd:71:86:99:2d:bc:e2:
3a:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:55:55:7E:E7:21:67:C0:08:77:42:47:73:CF:4A:B5:CF:3F:3B:40
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/OFVVfuchZ8AId0JHc89Ktc8_O0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.45.0/24
84.32.59.0/24
88.216.34.0/24
88.216.36.0/24
88.216.180.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:95:dc:8d:30:f1:fb:a2:eb:59:b7:45:5e:5e:d7:b3:a5:6f:
16:51:c8:b7:b7:ca:b3:33:8a:39:89:ee:be:bc:85:75:04:fa:
83:bb:35:9c:86:aa:b4:b5:19:c9:bc:6a:9d:eb:ec:bf:72:8d:
a6:58:4b:fa:85:76:d6:99:49:06:a4:98:7e:c2:18:41:35:3b:
b2:5a:10:a2:76:66:1e:e0:2e:b1:cf:ed:3c:ec:a9:8c:9c:3e:
67:0e:69:4e:fb:b1:8b:f7:41:8f:4e:3f:73:64:1b:07:50:5d:
57:41:14:1f:6a:6a:bb:03:d0:7d:fc:0d:2e:7c:87:e3:54:ef:
b3:2a:d6:7b:71:76:a2:a4:38:1a:9c:4e:2b:84:e5:f8:79:9c:
bc:5a:62:ba:83:f7:8c:51:3f:d0:9b:b5:77:86:36:2a:32:ca:
db:44:f8:b9:e2:4f:c2:fa:20:37:38:96:4b:fa:3c:e9:c1:a3:
dd:15:40:89:99:37:85:16:5c:8a:0b:95:7a:ae:ce:a3:f4:57:
f9:d9:e4:f1:a6:cf:12:6c:1a:31:22:29:42:46:cb:4a:02:02:
08:bb:af:e9:86:0b:53:46:5f:15:d4:a6:f0:c2:3e:23:06:91:
39:2d:ac:d7:fb:d6:40:ae:fe:e7:d7:ed:f0:85:0d:9f:25:c4:
f9:27:15:13
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRwh7KWs9lN+Uj5T9ElIRv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTEzMTAyNzMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODU1NTU3ZWU3MjE2N2MwMDg3NzQyNDc3M2NmNGFiNWNmM2YzYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxxSBSS4YB0tbKZvM64GzBHmitghw
X/v0wRHemlVuonKdi/sjWRANheIyVisRLZ6ddBButeUvWEN16HPPQqfz4gPMIcYk
1r9LVtC7feuXIOzp1kKxq5dHiqOzMdFB7+FqUc2r2cu+JDkgMA6JmcHbndsTlkK9
/Ke74qd2ige1Ax61Dst025CKXHJrOBSA3oaBv+lRbthfAmN6L4AMZ6UEIwGYNyO4
/uQnkaH7PWaeR2bRN1K9rFAK2ygJWO2vckB3F7XO85YtSHzq94csomwyhe4X+4g+
zzxMQzIgbvWeg0QKh78yHdCBUlVdO1bfNoSRA0WwG3OZ591xhpktvOI6UQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDhVVX7nIWfACHdCR3PPSrXPPztAMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvT0ZWVmZ1Y2haOEFJZDBKSGM4OUt0YzhfTzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAtAwQA
VCA7AwQAWNgiAwQAWNgkAwQAWNi0MA0GCSqGSIb3DQEBCwUAA4IBAQAeldyNMPH7
outZt0VeXtezpW8WUci3t8qzM4o5ie6+vIV1BPqDuzWchqq0tRnJvGqd6+y/co2m
WEv6hXbWmUkGpJh+whhBNTuyWhCidmYe4C6xz+087KmMnD5nDmlO+7GL90GPTj9z
ZBsHUF1XQRQfamq7A9B9/A0ufIfjVO+zKtZ7cXaipDganE4rhOX4eZy8WmK6g/eM
UT/Qm7V3hjYqMsrbRPi54k/C+iA3OJZL+jzpwaPdFUCJmTeFFlyKC5V6rs6j9Ff5
2eTxps8SbBoxIilCRstKAgIIu6/phgtTRl8V1Kbwwj4jBpE5LazX+9ZArv7n1+3w
hQ2fJcT5JxUT
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:29 2023 by rpki-client on console-ams.rpki-client.org