Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UPBf4UZPjXHoV6eP6O_rtB0QLgM.roa
File: UPBf4UZPjXHoV6eP6O_rtB0QLgM.roa (raw, json)
Hash identifier: DHdTV1+5ApGTn7FRaGS9dxL6QD9cDTP3x2NFXwGRiew=
Subject key identifier: 50:F0:5F:E1:46:4F:8D:71:E8:57:A7:8F:E8:EF:EB:B4:1D:10:2E:03
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018460A7DA850B482EAC6DC9682FA8C4152F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UPBf4UZPjXHoV6eP6O_rtB0QLgM.roa
Signing time: Thu 10 Nov 2022 08:28:43 +0000
ROA not before: Thu 10 Nov 2022 08:28:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.49.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:60:a7:da:85:0b:48:2e:ac:6d:c9:68:2f:a8:c4:15:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 10 08:28:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=50f05fe1464f8d71e857a78fe8efebb41d102e03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:52:69:6a:74:d4:c5:c7:1c:40:98:fb:0c:9e:
16:6b:91:b6:1c:df:38:33:9c:fd:fd:d1:63:68:ae:
3a:f6:cc:79:01:de:5b:d6:8b:aa:91:47:9a:36:39:
4d:99:7c:f1:30:ea:4e:17:b8:76:b6:81:60:cd:28:
56:7f:b9:eb:38:cf:0d:5f:99:7a:ef:46:ab:10:3d:
66:2d:92:25:e9:68:a8:25:58:b5:8f:fa:a8:b4:3c:
e2:27:ef:57:d6:a7:65:9d:57:28:a4:ca:dc:29:da:
49:50:bf:99:2e:06:55:d0:65:9e:0b:f4:08:77:da:
96:ba:3c:19:e8:39:9f:48:f1:70:11:3e:a7:39:e5:
f8:0d:26:02:30:d0:ba:4f:ce:76:b1:d6:66:6c:c6:
3d:aa:3b:99:c0:57:74:30:7c:eb:4c:66:ad:b3:a0:
fa:ce:e2:a6:ec:8c:82:d1:36:3f:d1:b8:52:9d:31:
68:79:f2:f8:9d:4b:9e:ca:ba:ef:2c:fe:ff:ea:43:
b4:51:4b:36:0f:07:1c:6e:cf:39:43:06:44:41:3a:
fe:d0:bf:87:35:8b:57:7b:30:43:12:cd:db:73:f4:
78:74:f8:e1:f9:af:dd:c7:c2:fc:fe:99:e3:e2:d9:
1d:e6:7f:8b:33:11:e4:e1:88:76:d6:f7:85:76:6b:
e8:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F0:5F:E1:46:4F:8D:71:E8:57:A7:8F:E8:EF:EB:B4:1D:10:2E:03
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UPBf4UZPjXHoV6eP6O_rtB0QLgM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.15.0/24
84.32.42.0/24
84.32.44.0/24
84.32.46.0/23
84.32.49.0/24
84.32.60.0/24
84.32.63.0/24
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.77.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.255.0/24
88.216.2.0/24
88.216.35.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/24
88.216.188.0/24
88.216.190.0/24
88.216.198.0/24
Signature Algorithm: sha256WithRSAEncryption
33:08:d1:a3:73:29:1a:24:35:d5:1f:30:71:0a:df:8c:92:eb:
7b:8a:d0:c5:50:41:37:d2:4f:17:b3:2e:f6:2b:7a:09:68:bf:
87:95:f1:42:5b:39:95:65:d7:63:1c:be:77:3f:b9:7b:41:24:
41:53:62:64:41:8a:45:58:bc:88:0f:9f:c1:3d:7d:72:f8:ed:
1d:51:1f:32:21:21:43:44:82:0c:3f:fc:12:a5:a4:99:a9:1a:
d6:3d:62:93:fe:66:c7:c4:6d:8a:6d:d3:a8:24:57:41:63:65:
01:de:51:69:1e:7e:e0:9a:be:70:9b:85:1f:93:42:02:36:75:
a7:26:1b:96:c1:98:7a:1b:24:88:fe:a8:37:af:ed:e5:47:b2:
e2:f8:ec:e9:d1:98:ad:b1:73:d9:b7:35:18:a5:ae:78:e6:99:
68:ec:18:8c:04:86:86:7b:b9:8c:b4:47:f5:b9:06:16:d1:50:
9a:03:68:f1:84:bd:01:14:4a:41:d2:35:47:b6:d8:57:ad:74:
55:28:87:88:0e:0f:96:e8:1f:d7:af:ab:b8:0b:e7:23:36:c5:
c2:de:10:aa:f8:2c:9a:05:30:97:96:6d:2d:7e:91:3e:84:ac:
3e:38:42:5f:80:e3:4e:d7:7b:81:57:1a:c0:aa:d3:31:98:e0:
fe:c0:aa:d2
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYRgp9qFC0gurG3JaC+oxBUvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTEwMDgyODQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGYwNWZlMTQ2NGY4ZDcxZTg1N2E3OGZlOGVmZWJiNDFkMTAyZTAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVJpanTUxcccQJj7DJ4Wa5G2HN84
M5z9/dFjaK469sx5Ad5b1ouqkUeaNjlNmXzxMOpOF7h2toFgzShWf7nrOM8NX5l6
70arED1mLZIl6WioJVi1j/qotDziJ+9X1qdlnVcopMrcKdpJUL+ZLgZV0GWeC/QI
d9qWujwZ6DmfSPFwET6nOeX4DSYCMNC6T852sdZmbMY9qjuZwFd0MHzrTGats6D6
zuKm7IyC0TY/0bhSnTFoefL4nUueyrrvLP7/6kO0UUs2Dwccbs85QwZEQTr+0L+H
NYtXezBDEs3bc/R4dPjh+a/dx8L8/pnj4tkd5n+LMxHk4Yh21veFdmvoiwIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFFDwX+FGT41x6Fenj+jv67QdEC4DMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVVBCZjRVWlBqWEhvVjZlUDZPX3J0QjBRTGdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBABU
IAcDBABUIA8DBABUICoDBABUICwDBAFUIC4DBABUIDEDBABUIDwDBABUID8wDAME
AFQgQQMEAFQgQgMEAFQgRAMEAFQgTQMEAFQgVgMEAFQgWgMEAFQgXAMEAFQgXgME
AFQg/wMEAFjYAgMEAFjYIwMEAFjYKAMEAFjYWwMEAFjYZgMEAFjYvAMEAFjYvgME
AFjYxjANBgkqhkiG9w0BAQsFAAOCAQEAMwjRo3MpGiQ11R8wcQrfjJLre4rQxVBB
N9JPF7Mu9it6CWi/h5XxQls5lWXXYxy+dz+5e0EkQVNiZEGKRVi8iA+fwT19cvjt
HVEfMiEhQ0SCDD/8EqWkmaka1j1ik/5mx8Rtim3TqCRXQWNlAd5RaR5+4Jq+cJuF
H5NCAjZ1pyYblsGYehskiP6oN6/t5Uey4vjs6dGYrbFz2bc1GKWueOaZaOwYjASG
hnu5jLRH9bkGFtFQmgNo8YS9ARRKQdI1R7bYV610VSiHiA4Plugf16+ruAvnIzbF
wt4QqvgsmgUwl5ZtLX6RPoSsPjhCX4DjTtd7gVcawKrTMZjg/sCq0g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org