Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNNfoTmzwHBp_gsxtxumm140PW8.roa
File: QNNfoTmzwHBp_gsxtxumm140PW8.roa (raw, json)
Hash identifier: zwnpF0AeL/T/WWczFkAKBWSOPXo+Wn6h/VDXic8YYjs=
Subject key identifier: 40:D3:5F:A1:39:B3:C0:70:69:FE:0B:31:B7:1B:A6:9B:5E:34:3D:6F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184D91342ECB88E1539D6010C3472684BD9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNNfoTmzwHBp_gsxtxumm140PW8.roa
Signing time: Sat 03 Dec 2022 17:40:28 +0000
ROA not before: Sat 03 Dec 2022 17:40:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 84.32.69.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d9:13:42:ec:b8:8e:15:39:d6:01:0c:34:72:68:4b:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 3 17:40:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=40d35fa139b3c07069fe0b31b71ba69b5e343d6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f9:3d:ad:64:96:b3:93:71:11:e3:68:4c:93:
10:37:93:47:81:7e:fe:0f:6a:82:4f:bd:b0:b0:c0:
1d:ed:5e:d4:db:a0:a8:84:55:41:15:ce:25:3c:0f:
20:dc:d0:a4:e7:31:ce:a7:ad:2f:8f:30:18:27:6b:
b7:00:52:38:ac:df:5c:e5:d4:0a:98:33:b6:62:6b:
d1:70:7a:89:ea:d0:bb:89:f1:11:1e:f2:54:89:88:
3a:55:12:1b:97:34:1e:3d:28:27:69:aa:82:30:73:
2b:b6:af:b4:73:bc:e8:8f:1f:ea:13:f6:ab:c0:be:
d9:a7:e1:de:2b:53:ec:58:77:46:ef:79:46:53:6b:
42:f0:f3:a6:4e:4a:6a:fe:9d:50:c7:ed:01:5b:e3:
71:b1:cb:ae:2c:88:56:9e:29:ff:c7:06:00:cc:1e:
af:36:95:d7:51:8c:08:22:81:89:dc:27:d0:45:0b:
fd:a0:93:8c:ec:b8:81:ea:51:22:34:7b:46:15:13:
b8:e0:64:56:fb:dc:8f:94:79:7d:16:81:89:87:9a:
f3:73:7f:d8:5e:32:30:86:5f:61:4f:94:6c:f6:4a:
05:10:dd:00:13:8e:19:16:6f:23:6b:0b:b0:ee:05:
97:9f:0e:97:88:04:a7:eb:d4:04:35:3d:fe:a1:e1:
f5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:D3:5F:A1:39:B3:C0:70:69:FE:0B:31:B7:1B:A6:9B:5E:34:3D:6F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/QNNfoTmzwHBp_gsxtxumm140PW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.40.0/24
84.32.43.0/24
84.32.69.0/24
84.32.242.0/24
88.216.41.0/24
Signature Algorithm: sha256WithRSAEncryption
31:09:4d:a5:1f:9f:24:e5:62:14:79:f7:57:71:02:b7:df:db:
7d:a5:9e:b4:12:55:62:e0:b8:b9:d2:d4:09:b8:b9:25:fa:1d:
86:28:f7:c4:92:21:66:0d:73:8b:51:18:2b:f7:ec:67:de:2a:
bb:d1:db:86:40:68:e0:c5:2c:a6:6c:63:0f:1d:da:25:06:47:
f5:57:6c:41:bc:89:5c:89:a8:87:4d:da:e1:dc:71:4e:a9:dd:
8f:93:64:3d:d8:37:41:78:16:57:a4:85:43:67:c3:3d:e5:27:
fa:ed:b6:d2:74:f8:b1:13:bc:50:6f:22:32:d0:44:a2:b3:41:
11:26:f3:ae:f6:a5:21:35:83:82:91:5e:fb:dd:0b:0e:fa:50:
de:31:0f:ac:b5:24:56:86:3a:09:71:9f:ff:43:02:84:9c:ec:
54:3a:e6:e9:09:ab:80:56:28:b9:b3:4a:ae:d1:6e:c8:8d:93:
72:f9:fc:cd:79:a9:0f:fe:0a:16:26:c5:84:63:0e:27:9a:ee:
2f:0a:f2:83:67:2d:a4:fc:ef:a4:7a:93:ad:4b:ee:10:dc:21:
70:91:9e:89:40:a2:3d:ec:4c:f1:14:53:47:6e:a7:4c:e7:fb:
21:0a:0e:9a:22:7b:41:1f:dd:f5:61:67:15:66:a8:f7:6c:2d:
be:e1:a2:e5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYTZE0LsuI4VOdYBDDRyaEvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjAzMTc0MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGQzNWZhMTM5YjNjMDcwNjlmZTBiMzFiNzFiYTY5YjVlMzQzZDZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fk9rWSWs5NxEeNoTJMQN5NHgX7+
D2qCT72wsMAd7V7U26CohFVBFc4lPA8g3NCk5zHOp60vjzAYJ2u3AFI4rN9c5dQK
mDO2YmvRcHqJ6tC7ifERHvJUiYg6VRIblzQePSgnaaqCMHMrtq+0c7zojx/qE/ar
wL7Zp+HeK1PsWHdG73lGU2tC8POmTkpq/p1Qx+0BW+NxscuuLIhWnin/xwYAzB6v
NpXXUYwIIoGJ3CfQRQv9oJOM7LiB6lEiNHtGFRO44GRW+9yPlHl9FoGJh5rzc3/Y
XjIwhl9hT5Rs9koFEN0AE44ZFm8jawuw7gWXnw6XiASn69QENT3+oeH1ewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEDTX6E5s8Bwaf4LMbcbppteND1vMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUU5OZm9UbXp3SEJwX2dzeHR4dW1tMTQwUFc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAoAwQA
VCArAwQAVCBFAwQAVCDyAwQAWNgpMA0GCSqGSIb3DQEBCwUAA4IBAQAxCU2lH58k
5WIUefdXcQK339t9pZ60ElVi4Li50tQJuLkl+h2GKPfEkiFmDXOLURgr9+xn3iq7
0duGQGjgxSymbGMPHdolBkf1V2xBvIlciaiHTdrh3HFOqd2Pk2Q92DdBeBZXpIVD
Z8M95Sf67bbSdPixE7xQbyIy0ESis0ERJvOu9qUhNYOCkV773QsO+lDeMQ+stSRW
hjoJcZ//QwKEnOxUOubpCauAVii5s0qu0W7IjZNy+fzNeakP/goWJsWEYw4nmu4v
CvKDZy2k/O+kepOtS+4Q3CFwkZ6JQKI97EzxFFNHbqdM5/shCg6aIntBH931YWcV
Zqj3bC2+4aLl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org