Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa
File: PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa (raw, json)
Hash identifier: JdbeRpO2/Ve6J5XQRMi8dEJtQtkw7eIh2dajWHvbuPA=
Subject key identifier: 3C:9A:0A:58:E4:E2:EE:F3:80:A7:EB:B9:46:D3:84:41:40:FA:83:90
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018486FDB3020390A7DE2D1EEF111D7D47FF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa
Signing time: Thu 17 Nov 2022 19:08:04 +0000
ROA not before: Thu 17 Nov 2022 19:08:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.220.0/22 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.40.0/22 maxlen: 24
84.32.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:fd:b3:02:03:90:a7:de:2d:1e:ef:11:1d:7d:47:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 17 19:08:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c9a0a58e4e2eef380a7ebb946d3844140fa8390
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c8:7e:a7:9c:48:1b:30:9f:ce:d3:3a:68:a4:
42:16:64:6a:22:ca:1d:0d:b8:af:60:34:13:81:75:
06:82:db:88:22:91:a6:ae:37:a1:ae:c8:ed:18:a8:
c3:81:11:83:94:f0:e3:65:39:b8:79:b7:aa:aa:88:
f6:51:42:70:27:72:e6:95:30:0d:7f:80:50:19:20:
07:72:e9:a8:42:00:fe:59:0e:c9:07:43:f3:ba:29:
62:c1:7c:e5:53:0d:5e:8d:a6:ee:03:5f:bb:07:5f:
e1:75:31:62:e8:e3:22:f7:2f:1e:80:7b:73:54:f7:
ad:4d:b2:b5:fc:02:4f:ea:5f:3a:9d:a8:2a:0a:db:
e9:25:05:d7:ec:c3:9e:96:9b:ad:d8:40:de:6c:6a:
a5:1b:14:7f:11:15:48:56:b0:92:41:69:e8:a5:3d:
04:76:9d:5d:8a:d2:01:1e:b0:dc:ac:13:e4:ce:54:
a3:e3:c3:20:f0:d8:6e:bb:eb:06:ef:25:36:16:bd:
5f:bf:c1:74:0d:89:61:96:2c:46:ca:e3:32:3f:82:
aa:7d:21:19:c7:6b:52:1a:2f:60:07:0b:0e:c9:c2:
79:f6:b5:e2:f9:d9:c3:2f:cd:d3:70:ee:a2:a0:d3:
6b:c8:f5:59:7f:ff:9c:c8:1a:fa:d3:c0:da:53:33:
60:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9A:0A:58:E4:E2:EE:F3:80:A7:EB:B9:46:D3:84:41:40:FA:83:90
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/PJoKWOTi7vOAp-u5RtOEQUD6g5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.40.0/22
84.32.88.0/24
84.32.220.0-84.32.224.255
84.32.254.0/24
88.216.40.0/24
88.216.187.0/24
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:fb:c5:d6:42:4f:fa:6c:55:6b:48:d5:b9:80:06:9d:a6:c0:
55:d1:ee:8c:f0:fc:4d:51:ea:24:6e:81:6f:ad:98:53:2e:1e:
03:99:3f:e2:a3:e6:38:0a:48:01:d4:96:65:9b:99:ec:f8:dd:
b3:0e:6d:98:41:df:19:c9:1f:ba:2a:93:b9:7c:1f:46:8d:2d:
a1:a3:d2:e3:36:9d:23:b9:0f:1b:8c:c7:27:0d:f2:f1:7f:eb:
de:2c:56:da:d9:a6:d5:2c:0b:fc:35:52:d9:bc:39:cd:b1:06:
65:2d:c3:74:86:b7:4c:17:54:e4:8d:56:5f:11:57:7f:05:af:
5d:f4:33:59:04:f9:06:a1:7d:5d:52:84:42:4c:b0:80:76:b7:
8c:04:94:21:f2:0c:bc:9c:3d:c0:0b:72:12:d2:a4:99:78:38:
80:66:71:90:5b:1f:94:87:15:66:4b:1e:bc:77:4a:e6:81:2c:
aa:85:7f:ba:c6:80:90:fc:3c:77:b9:bd:bc:4e:91:33:20:2b:
7a:9c:4d:06:71:de:34:8e:8a:c7:12:ae:0a:ba:35:70:b4:81:
95:a6:91:26:1d:84:c2:4b:bf:0e:a7:4b:0a:61:1f:bc:f6:5b:
0a:5c:1d:ea:ea:c8:86:a7:70:a4:27:f7:30:8e:c8:19:45:ac:
3c:03:09:8a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYSG/bMCA5Cn3i0e7xEdfUf/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE3MTkwODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhMGE1OGU0ZTJlZWYzODBhN2ViYjk0NmQzODQ0MTQwZmE4MzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8h+p5xIGzCfztM6aKRCFmRqIsod
DbivYDQTgXUGgtuIIpGmrjehrsjtGKjDgRGDlPDjZTm4ebeqqoj2UUJwJ3LmlTAN
f4BQGSAHcumoQgD+WQ7JB0PzuiliwXzlUw1ejabuA1+7B1/hdTFi6OMi9y8egHtz
VPetTbK1/AJP6l86nagqCtvpJQXX7MOelput2EDebGqlGxR/ERVIVrCSQWnopT0E
dp1ditIBHrDcrBPkzlSj48Mg8Nhuu+sG7yU2Fr1fv8F0DYlhlixGyuMyP4KqfSEZ
x2tSGi9gBwsOycJ59rXi+dnDL83TcO6ioNNryPVZf/+cyBr608DaUzNg6wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDyaCljk4u7zgKfruUbThEFA+oOQMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUEpvS1dPVGk3dk9BcC11NVJ0T0VRVUQ2ZzVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBYMAwDBAJUINwDBABUIOADBABUIP4DBABY2CgDBABY2LsD
BAJY2PgwDQYJKoZIhvcNAQELBQADggEBAGr7xdZCT/psVWtI1bmABp2mwFXR7ozw
/E1R6iRugW+tmFMuHgOZP+Kj5jgKSAHUlmWbmez43bMObZhB3xnJH7oqk7l8H0aN
LaGj0uM2nSO5DxuMxycN8vF/694sVtrZptUsC/w1Utm8Oc2xBmUtw3SGt0wXVOSN
Vl8RV38Fr130M1kE+QahfV1ShEJMsIB2t4wElCHyDLycPcALchLSpJl4OIBmcZBb
H5SHFWZLHrx3SuaBLKqFf7rGgJD8PHe5vbxOkTMgK3qcTQZx3jSOiscSrgq6NXC0
gZWmkSYdhMJLvw6nSwphH7z2WwpcHerqyIancKQn9zCOyBlFrDwDCYo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:47 2023 by rpki-client on console-fra.rpki-client.org