Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RnrDizsCUMoQseqvL9tpZhYT--Q.roa
File: RnrDizsCUMoQseqvL9tpZhYT--Q.roa (raw, json)
Hash identifier: sLj61eF2IdUt/o4fLpfy9frSl66StTKhWiPQRFq6hqk=
Subject key identifier: 46:7A:C3:8B:3B:02:50:CA:10:B1:EA:AF:2F:DB:69:66:16:13:FB:E4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849E1746CC3164A110BBD6A96AE365DC50
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RnrDizsCUMoQseqvL9tpZhYT--Q.roa
Signing time: Tue 22 Nov 2022 06:47:16 +0000
ROA not before: Tue 22 Nov 2022 06:47:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9e:17:46:cc:31:64:a1:10:bb:d6:a9:6a:e3:65:dc:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 22 06:47:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=467ac38b3b0250ca10b1eaaf2fdb69661613fbe4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:73:40:b8:12:c2:77:33:f1:b6:48:57:6b:35:
97:09:97:0b:9f:dd:c9:aa:2d:e9:76:97:3a:e7:70:
e3:55:f7:92:48:43:e1:ed:11:b0:9b:34:8e:0f:50:
e7:34:a7:49:2c:52:bf:60:4f:45:9f:64:ed:df:03:
17:4f:fd:f0:ee:99:7a:15:a1:d9:e1:77:78:1a:0d:
56:0f:a5:1e:f9:30:54:db:fa:b9:c3:7a:3e:2e:99:
b7:f5:ca:f6:18:cb:af:e6:5b:24:6f:aa:38:24:74:
12:9c:55:a4:27:32:38:da:d2:49:0c:9b:d0:29:8f:
40:6e:69:c8:87:f8:05:5d:5d:7f:e0:8b:22:82:18:
f2:c8:db:33:2e:f8:0a:30:df:e0:44:74:c4:54:78:
1b:d1:cd:bf:e5:16:0d:c6:20:9f:e6:04:d8:fa:17:
71:cb:e0:04:aa:12:40:ad:0e:b0:87:41:98:50:99:
be:65:a2:4d:a9:da:5d:7c:78:9e:d2:78:a9:b8:82:
73:66:cb:34:17:e9:3b:47:64:d5:a9:f2:17:92:1b:
c3:e3:c8:08:bc:84:7a:ef:52:c5:51:7c:33:54:9b:
0c:ab:a3:36:dd:04:1d:4b:46:f2:85:19:70:07:5f:
db:96:59:f2:d6:d4:98:89:c1:d0:8a:a1:41:20:e4:
1e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7A:C3:8B:3B:02:50:CA:10:B1:EA:AF:2F:DB:69:66:16:13:FB:E4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RnrDizsCUMoQseqvL9tpZhYT--Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
84.32.76.0/23
88.216.17.0/24
88.216.46.0/24
88.216.98.0/24
88.216.211.0/24
88.216.228.0/22
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
91:56:7f:f3:57:80:8c:30:45:cf:bd:2c:0b:56:e9:8e:c6:20:
24:a8:d8:11:aa:ad:79:84:78:e6:af:48:08:9e:79:c7:f9:80:
b4:7c:ac:db:e2:12:85:53:39:c0:cc:98:fa:89:7f:01:90:94:
05:e1:ed:64:e0:ef:23:43:83:af:82:8e:b7:d2:86:3b:11:24:
6e:26:33:20:3c:fc:1c:31:e1:a4:6d:33:fe:2f:f9:06:30:14:
ce:d0:17:fd:a6:2a:86:38:88:d2:a5:6f:a8:11:df:b2:f6:9c:
76:40:e1:2c:3d:de:f8:7c:1a:14:73:7a:82:90:79:e6:7a:03:
d3:db:f4:dc:a1:4e:57:08:d6:1b:c9:65:0e:a0:03:d9:1a:e3:
d5:28:df:17:e7:8f:06:8f:af:9e:3a:3a:42:91:bb:d8:6d:70:
05:5e:3a:85:20:69:0e:1c:fb:54:53:d4:c3:bd:4d:53:d2:c9:
2d:f3:0a:db:6e:e0:af:f0:23:67:9d:c8:9c:7b:07:ae:84:e0:
06:70:54:85:51:55:89:70:8b:84:88:a1:8e:7a:6e:39:75:61:
c6:8e:91:93:4e:81:01:02:95:34:68:df:87:a9:d6:d6:6a:34:
6d:99:db:69:f9:f1:95:e6:1f:a3:77:9d:4f:92:5b:26:28:66:
a4:58:08:dd
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYSeF0bMMWShELvWqWrjZdxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIyMDY0NzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdhYzM4YjNiMDI1MGNhMTBiMWVhYWYyZmRiNjk2NjE2MTNmYmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXNAuBLCdzPxtkhXazWXCZcLn93J
qi3pdpc653DjVfeSSEPh7RGwmzSOD1DnNKdJLFK/YE9Fn2Tt3wMXT/3w7pl6FaHZ
4Xd4Gg1WD6Ue+TBU2/q5w3o+Lpm39cr2GMuv5lskb6o4JHQSnFWkJzI42tJJDJvQ
KY9AbmnIh/gFXV1/4IsighjyyNszLvgKMN/gRHTEVHgb0c2/5RYNxiCf5gTY+hdx
y+AEqhJArQ6wh0GYUJm+ZaJNqdpdfHie0nipuIJzZss0F+k7R2TVqfIXkhvD48gI
vIR671LFUXwzVJsMq6M23QQdS0byhRlwB1/bllny1tSYicHQiqFBIOQebwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEZ6w4s7AlDKELHqry/baWYWE/vkMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUm5yRGl6c0NVTW9Rc2Vxdkw5dHBaaFlULS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAVCAGAwQC
VCA0AwQBVCBMAwQAWNgRAwQAWNguAwQAWNhiAwQAWNjTAwQCWNjkAwQCWNj8MA0G
CSqGSIb3DQEBCwUAA4IBAQCRVn/zV4CMMEXPvSwLVumOxiAkqNgRqq15hHjmr0gI
nnnH+YC0fKzb4hKFUznAzJj6iX8BkJQF4e1k4O8jQ4Ovgo630oY7ESRuJjMgPPwc
MeGkbTP+L/kGMBTO0Bf9piqGOIjSpW+oEd+y9px2QOEsPd74fBoUc3qCkHnmegPT
2/TcoU5XCNYbyWUOoAPZGuPVKN8X548Gj6+eOjpCkbvYbXAFXjqFIGkOHPtUU9TD
vU1T0skt8wrbbuCv8CNnnciceweuhOAGcFSFUVWJcIuEiKGOem45dWHGjpGTToEB
ApU0aN+HqdbWajRtmdtp+fGV5h+jd51PklsmKGakWAjd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org