Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T4VdFSiEh8RKkiUvC8Lxq65IedQ.roa
File: T4VdFSiEh8RKkiUvC8Lxq65IedQ.roa (raw, json)
Hash identifier: MPb0mlvXEseoJHxx5ftgpG2zm7gIKRk/ixK9CGDTLqU=
Subject key identifier: 4F:85:5D:15:28:84:87:C4:4A:92:25:2F:0B:C2:F1:AB:AE:48:79:D4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018530AB880037DB8DA2E84597716DF8CD1B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T4VdFSiEh8RKkiUvC8Lxq65IedQ.roa
Signing time: Tue 20 Dec 2022 17:53:45 +0000
ROA not before: Tue 20 Dec 2022 17:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:ab:88:00:37:db:8d:a2:e8:45:97:71:6d:f8:cd:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 20 17:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4f855d15288487c44a92252f0bc2f1abae4879d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:91:c9:df:18:c1:77:c9:87:e2:88:88:9e:a7:
32:aa:ad:04:10:47:60:21:b5:e9:86:8f:0d:c8:bd:
c7:dd:d4:10:56:4f:49:c5:17:c2:5b:42:09:4e:f8:
88:28:ab:4d:4a:dd:0a:1a:12:02:a1:34:4b:bc:dd:
50:fe:e9:ea:fa:4c:9b:49:00:32:5a:74:3a:38:f1:
c9:07:03:90:02:c2:c9:b2:c1:77:dd:74:e9:c9:d6:
02:5f:53:79:de:d5:f9:89:db:fd:d0:40:e8:e8:94:
6b:37:68:e8:c3:8f:05:8b:03:7b:4f:1c:97:4d:a2:
53:87:ec:67:31:b3:e6:61:91:45:5a:86:11:d7:06:
fb:44:8c:0e:a5:1e:e1:a2:c1:21:28:36:53:03:a4:
61:6c:16:32:66:82:b2:26:6d:6e:22:9c:c8:fa:b9:
55:d4:3d:f3:b5:39:36:d1:f3:7b:d8:8e:63:4e:c3:
d8:3b:c4:ad:d1:b1:52:36:42:7c:ab:75:f5:7e:3d:
da:a1:47:ee:cc:87:15:77:d9:19:22:b5:77:42:cf:
e3:df:59:7b:b1:74:9d:65:91:70:fc:7f:fa:b0:33:
fd:f0:2d:b8:a2:03:7f:07:97:8b:20:ac:e8:86:13:
af:a5:68:19:77:2a:60:fe:e5:dc:06:a5:d4:20:15:
9c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:85:5D:15:28:84:87:C4:4A:92:25:2F:0B:C2:F1:AB:AE:48:79:D4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T4VdFSiEh8RKkiUvC8Lxq65IedQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.177.0/24
84.32.218.0/24
84.32.226.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.46.0/23
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
19:da:85:d9:f2:80:a2:be:3c:5e:67:15:39:62:68:ef:b0:ce:
b5:d1:60:53:72:0d:8c:16:28:29:aa:8c:d1:6f:0c:54:b7:98:
3d:50:98:40:f0:2d:fc:47:51:fd:f4:03:20:19:59:63:ec:9a:
b2:8e:d4:8f:b2:56:82:78:63:da:b0:ee:22:43:c4:e0:d4:8a:
b8:6f:1c:d5:a6:3b:34:65:7b:2e:a7:d1:41:67:f5:40:ff:50:
1e:0b:73:64:17:51:96:73:1b:26:95:ba:ba:2f:a5:9a:a8:28:
e4:67:0d:fc:a9:33:90:e8:61:98:0e:37:84:11:cb:3d:96:63:
59:9b:43:57:89:98:47:ac:62:7e:57:a1:87:5f:34:05:31:4f:
49:84:a6:cf:a5:f0:23:20:93:d9:d1:31:88:17:ae:2f:08:0c:
61:73:f1:a5:0d:78:7d:23:f8:ae:cc:d7:ec:46:76:ee:0f:66:
1e:34:cd:5b:ec:ba:9a:c5:2d:db:53:75:ae:68:42:75:bb:c9:
0a:18:56:18:b3:95:6c:46:fb:d9:54:fc:76:6f:9c:e1:00:1e:
b5:36:2f:44:37:b5:e5:77:a3:02:fa:04:49:e8:c7:da:1a:2e:
42:c1:a4:b4:d9:d3:af:f3:e8:c6:7d:d3:c0:bd:b7:18:6e:61:
6c:61:8e:ee
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYUwq4gAN9uNouhFl3Ft+M0bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIwMTc1MzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjg1NWQxNTI4ODQ4N2M0NGE5MjI1MmYwYmMyZjFhYmFlNDg3OWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzZHJ3xjBd8mH4oiInqcyqq0EEEdg
IbXpho8NyL3H3dQQVk9JxRfCW0IJTviIKKtNSt0KGhICoTRLvN1Q/unq+kybSQAy
WnQ6OPHJBwOQAsLJssF33XTpydYCX1N53tX5idv90EDo6JRrN2jow48FiwN7TxyX
TaJTh+xnMbPmYZFFWoYR1wb7RIwOpR7hosEhKDZTA6RhbBYyZoKyJm1uIpzI+rlV
1D3ztTk20fN72I5jTsPYO8St0bFSNkJ8q3X1fj3aoUfuzIcVd9kZIrV3Qs/j31l7
sXSdZZFw/H/6sDP98C24ogN/B5eLIKzohhOvpWgZdypg/uXcBqXUIBWcjQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFE+FXRUohIfESpIlLwvC8auuSHnUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVDRWZEZTaUVoOFJLa2lVdkM4THhxNjVJZWRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBABU
IAgDBABUIAoDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABUIF0DBABU
ILEDBABUINoDBABUIOIDBABUIO8DBABUIPUDBABY2AMwDAMEAFjYFQMEAFjYFgME
AFjYIAMEAVjYLgMEAFjYXAMEAFjYhgMEAFjYxwMEAVjY0gMEAFjY3zANBgkqhkiG
9w0BAQsFAAOCAQEAGdqF2fKAor48XmcVOWJo77DOtdFgU3INjBYoKaqM0W8MVLeY
PVCYQPAt/EdR/fQDIBlZY+yaso7Uj7JWgnhj2rDuIkPE4NSKuG8c1aY7NGV7LqfR
QWf1QP9QHgtzZBdRlnMbJpW6ui+lmqgo5GcN/KkzkOhhmA43hBHLPZZjWZtDV4mY
R6xiflehh180BTFPSYSmz6XwIyCT2dExiBeuLwgMYXPxpQ14fSP4rszX7EZ27g9m
HjTNW+y6msUt21N1rmhCdbvJChhWGLOVbEb72VT8dm+c4QAetTYvRDe15XejAvoE
SejH2houQsGktNnTr/Poxn3TwL23GG5hbGGO7g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org