Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TgO_A0YOv_D4dy-GRKVhPimnhiA.roa
File: TgO_A0YOv_D4dy-GRKVhPimnhiA.roa (raw, json)
Hash identifier: D5xYLRlS/LYcia4ap7I4HFWUTEFt2O+h294bg45s7/g=
Subject key identifier: 4E:03:BF:03:46:0E:BF:F0:F8:77:2F:86:44:A5:61:3E:29:A7:86:20
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F5C998B781C3673449E3B2E9DAA16C89
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TgO_A0YOv_D4dy-GRKVhPimnhiA.roa
Signing time: Fri 09 Dec 2022 07:29:00 +0000
ROA not before: Fri 09 Dec 2022 07:29:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.238.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f5:c9:98:b7:81:c3:67:34:49:e3:b2:e9:da:a1:6c:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 9 07:29:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4e03bf03460ebff0f8772f8644a5613e29a78620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:3f:b6:03:b5:63:d2:6c:6b:27:35:60:c3:93:
68:fb:74:64:b7:f6:7c:41:00:a2:3a:7a:61:3a:4e:
52:98:4c:26:91:24:ec:59:bd:c4:75:1c:61:83:d6:
4d:d5:bf:5d:7b:d4:4e:cb:52:37:c0:12:f1:bf:cc:
7f:57:7a:b0:b7:6c:d9:38:d9:47:91:2a:ab:8b:6e:
eb:5f:53:9b:49:fa:ce:3f:3f:06:42:16:b3:ac:56:
2e:46:a7:f8:ac:d8:96:e7:b4:25:6e:ac:f6:a2:ce:
1b:f8:26:35:0f:f5:e0:0b:48:3f:d1:29:9b:ba:0f:
73:59:20:e9:19:24:b0:01:c3:85:b4:fe:3d:d0:a8:
d7:23:9b:ad:ea:32:51:e0:5e:25:8d:e5:69:97:b6:
d6:0d:e7:7a:71:e9:20:d8:0b:c2:1b:53:12:e7:f8:
88:c0:3a:0f:31:c9:b5:e4:e7:ed:d5:84:9a:85:75:
17:27:ec:be:41:3d:b1:3f:54:14:90:59:66:f2:f0:
d2:c2:b1:2b:a5:8e:d7:48:25:48:f7:a5:a4:da:cb:
bd:f2:3d:6c:0d:00:b8:84:bb:d9:2d:7e:7d:1c:6e:
5e:a6:cd:92:5b:31:1e:d9:84:8c:56:75:f1:81:67:
10:e9:0e:f1:23:1b:a6:69:33:e5:f5:2e:1a:5d:08:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:03:BF:03:46:0E:BF:F0:F8:77:2F:86:44:A5:61:3E:29:A7:86:20
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/TgO_A0YOv_D4dy-GRKVhPimnhiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.177.0/24
84.32.226.0/24
84.32.238.0/23
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.46.0/23
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
31:04:6d:00:ff:c9:8d:02:25:55:71:ef:6a:2f:1d:ff:27:69:
2f:c3:99:72:93:07:17:f5:e3:54:7b:4c:84:f5:4f:64:d3:a4:
be:a5:6c:cc:72:68:51:3a:a2:a6:64:82:3c:59:c8:1b:0d:1d:
f1:7b:0d:f1:fd:99:bd:85:dd:ad:52:a0:85:29:83:e4:00:31:
c3:26:df:dd:e2:07:5b:df:35:32:19:cd:5f:ff:5d:66:3d:99:
2e:94:75:8f:80:7e:e8:fe:3c:10:7d:6b:51:75:ee:b3:3d:24:
8c:ae:7b:b1:fb:c3:57:d2:09:d7:6d:20:00:dd:a1:a9:a2:ea:
a4:cc:90:41:ea:92:f5:46:7e:e7:47:0f:17:93:7e:d1:7c:ec:
59:ba:3d:a2:c8:c0:2f:e8:03:63:ea:7b:5f:37:dd:38:c3:b1:
0d:9b:34:1a:f5:24:a5:e4:4e:36:fb:fe:ed:6c:75:8d:6f:cf:
7c:4a:39:fd:47:9f:0e:15:a6:e7:04:3b:d0:b3:d3:24:ac:8a:
7f:79:b1:50:bf:c9:fe:5e:fb:24:0b:68:d6:66:94:2b:db:fc:
ef:fa:8b:4f:61:88:42:c3:32:da:cb:5b:1b:a3:46:5e:07:1a:
01:1d:24:09:89:fc:64:22:ce:a5:51:4f:d5:ca:82:0d:b6:86:
24:13:e9:ab
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYT1yZi3gcNnNEnjsunaoWyJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA5MDcyOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTAzYmYwMzQ2MGViZmYwZjg3NzJmODY0NGE1NjEzZTI5YTc4NjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmz+2A7Vj0mxrJzVgw5No+3Rkt/Z8
QQCiOnphOk5SmEwmkSTsWb3EdRxhg9ZN1b9de9ROy1I3wBLxv8x/V3qwt2zZONlH
kSqri27rX1ObSfrOPz8GQhazrFYuRqf4rNiW57Qlbqz2os4b+CY1D/XgC0g/0Smb
ug9zWSDpGSSwAcOFtP490KjXI5ut6jJR4F4ljeVpl7bWDed6cekg2AvCG1MS5/iI
wDoPMcm15Oft1YSahXUXJ+y+QT2xP1QUkFlm8vDSwrErpY7XSCVI96Wk2su98j1s
DQC4hLvZLX59HG5eps2SWzEe2YSMVnXxgWcQ6Q7xIxumaTPl9S4aXQilgwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFE4DvwNGDr/w+HcvhkSlYT4pp4YgMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVGdPX0EwWU92X0Q0ZHktR1JLVmhQaW1uaGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBABU
IAgDBABUIAoDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABUIF0DBABU
ILEDBABUIOIDBAFUIO4DBABUIPUDBABY2AMwDAMEAFjYFQMEAFjYFgMEAFjYIAME
AVjYLgMEAFjYXAMEAFjYhgMEAFjYxwMEAVjY0gMEAFjY3zANBgkqhkiG9w0BAQsF
AAOCAQEAMQRtAP/JjQIlVXHvai8d/ydpL8OZcpMHF/XjVHtMhPVPZNOkvqVszHJo
UTqipmSCPFnIGw0d8XsN8f2ZvYXdrVKghSmD5AAxwybf3eIHW981MhnNX/9dZj2Z
LpR1j4B+6P48EH1rUXXusz0kjK57sfvDV9IJ120gAN2hqaLqpMyQQeqS9UZ+50cP
F5N+0XzsWbo9osjAL+gDY+p7XzfdOMOxDZs0GvUkpeRONvv+7Wx1jW/PfEo5/Uef
DhWm5wQ70LPTJKyKf3mxUL/J/l77JAto1maUK9v87/qLT2GIQsMy2stbG6NGXgca
AR0kCYn8ZCLOpVFP1cqCDbaGJBPpqw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:30 2023 by rpki-client on console-ams.rpki-client.org