Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqzpKzwb6AuKYley-vwDzaP1dPg.roa
File: RqzpKzwb6AuKYley-vwDzaP1dPg.roa (raw, json)
Hash identifier: 3SUTKGbXwQ9Lym6pAoT7MXtbbrwk3P/21hubi0IsGvs=
Subject key identifier: 46:AC:E9:2B:3C:1B:E8:0B:8A:62:57:B2:FA:FC:03:CD:A3:F5:74:F8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01847AFC488F73D4D1A643E28C4B6F3DFBC4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqzpKzwb6AuKYley-vwDzaP1dPg.roa
Signing time: Tue 15 Nov 2022 11:11:04 +0000
ROA not before: Tue 15 Nov 2022 11:11:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.220.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:fc:48:8f:73:d4:d1:a6:43:e2:8c:4b:6f:3d:fb:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 15 11:11:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=46ace92b3c1be80b8a6257b2fafc03cda3f574f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5e:e4:6b:df:d1:f3:93:db:02:d8:76:50:c3:
d6:c8:4b:fc:e4:9e:3b:39:e7:f1:83:91:5b:db:87:
3b:44:7b:42:5a:cb:9c:73:37:0d:b8:c9:e1:33:7f:
d3:4a:a4:61:ac:9f:46:aa:7d:6a:89:38:f4:51:02:
08:cf:fd:fb:f3:c2:b4:21:1c:5f:0a:48:89:f4:08:
e8:47:e9:f6:96:11:4a:79:5d:1a:91:87:70:9f:12:
5a:0a:83:09:12:0e:f6:ea:d3:d1:ea:1e:f1:9e:26:
13:3e:d4:6f:b4:0e:9b:b9:be:00:85:f0:42:13:95:
ee:e3:9b:a7:db:b7:41:8a:b7:4d:e9:a8:f9:77:96:
81:4b:c9:55:af:9b:5d:7e:d1:52:6f:bf:6c:d4:26:
06:81:6c:0b:e9:0b:e8:15:1a:3b:52:bc:da:06:ea:
e4:c2:9b:ca:0e:0f:a3:d7:39:38:7f:47:87:cc:31:
2c:be:d8:4e:ca:19:81:62:96:06:a8:9e:15:1c:de:
74:c6:72:f0:19:a3:f7:66:8f:7b:2c:15:87:8b:39:
d1:f5:02:93:25:3e:1d:d9:92:74:d5:8a:e8:07:1a:
13:f7:8e:3f:72:87:09:b4:22:41:50:c0:72:72:c3:
47:3e:46:e2:c8:9e:fe:b1:33:b0:d5:ae:fa:1b:ba:
c4:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:AC:E9:2B:3C:1B:E8:0B:8A:62:57:B2:FA:FC:03:CD:A3:F5:74:F8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/RqzpKzwb6AuKYley-vwDzaP1dPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.40.0/22
84.32.88.0/24
84.32.220.0/22
88.216.40.0/24
88.216.187.0/24
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:a4:de:de:82:cd:2a:82:b8:df:11:66:04:28:74:15:34:dc:
62:70:b6:7a:1f:ab:ff:df:4f:07:48:1a:34:ea:b1:d5:c9:44:
ee:3d:1e:39:e5:f5:21:f2:3c:13:bb:4d:3a:50:20:49:02:c9:
79:de:10:fa:f0:64:a3:e1:6f:bc:31:2e:46:d7:ac:c5:a3:cf:
18:af:e1:ec:ad:71:51:c2:ca:ff:63:ff:0e:12:0b:bb:59:26:
6b:96:a0:99:41:bf:60:05:27:6b:e3:04:a3:b4:37:5b:95:44:
e5:83:03:3b:87:18:69:6b:08:42:c2:e5:94:a3:94:35:c9:5d:
65:ac:d8:0e:64:e9:22:40:52:65:a8:4a:48:b4:77:46:80:4c:
c3:89:fe:f7:8a:51:31:80:1e:75:ad:68:b7:cd:ee:f7:81:d3:
8f:01:c6:c5:f7:95:ed:c0:78:fd:90:35:ad:02:41:a9:df:19:
ec:54:af:91:cb:35:4f:f1:5f:56:32:82:86:73:ff:5a:d9:aa:
91:ac:4b:c7:5d:ea:97:56:0b:ca:05:de:14:cd:d8:13:a3:ba:
0d:9d:e0:38:42:f7:ec:f0:b2:3b:e6:2d:ac:11:f9:13:0e:ee:
c8:22:c1:9f:e8:69:a2:4c:ad:12:d6:0e:c6:e4:32:1e:ee:17:
01:e0:c8:cc
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYR6/EiPc9TRpkPijEtvPfvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE1MTExMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmFjZTkyYjNjMWJlODBiOGE2MjU3YjJmYWZjMDNjZGEzZjU3NGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsV7ka9/R85PbAth2UMPWyEv85J47
Oefxg5Fb24c7RHtCWsucczcNuMnhM3/TSqRhrJ9Gqn1qiTj0UQIIz/3788K0IRxf
CkiJ9AjoR+n2lhFKeV0akYdwnxJaCoMJEg726tPR6h7xniYTPtRvtA6bub4AhfBC
E5Xu45un27dBirdN6aj5d5aBS8lVr5tdftFSb79s1CYGgWwL6QvoFRo7UrzaBurk
wpvKDg+j1zk4f0eHzDEsvthOyhmBYpYGqJ4VHN50xnLwGaP3Zo97LBWHiznR9QKT
JT4d2ZJ01YroBxoT944/cocJtCJBUMBycsNHPkbiyJ7+sTOw1a76G7rEXwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEas6Ss8G+gLimJXsvr8A82j9XT4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUnF6cEt6d2I2QXVLWWxleS12d0R6YVAxZFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBYAwQCVCDcAwQAWNgoAwQAWNi7AwQCWNj4MA0GCSqGSIb3
DQEBCwUAA4IBAQB6pN7egs0qgrjfEWYEKHQVNNxicLZ6H6v/308HSBo06rHVyUTu
PR455fUh8jwTu006UCBJAsl53hD68GSj4W+8MS5G16zFo88Yr+HsrXFRwsr/Y/8O
Egu7WSZrlqCZQb9gBSdr4wSjtDdblUTlgwM7hxhpawhCwuWUo5Q1yV1lrNgOZOki
QFJlqEpItHdGgEzDif73ilExgB51rWi3ze73gdOPAcbF95XtwHj9kDWtAkGp3xns
VK+RyzVP8V9WMoKGc/9a2aqRrEvHXeqXVgvKBd4UzdgTo7oNneA4Qvfs8LI75i2s
EfkTDu7IIsGf6GmiTK0S1g7G5DIe7hcB4MjM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:27 2024 by rpki-client on console-ams.rpki-client.org