Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UoFqD2Zx_HxXXY_O95_kHXh2o0M.roa
File: UoFqD2Zx_HxXXY_O95_kHXh2o0M.roa (raw, json)
Hash identifier: b8oeh0CWYxqQv9XHr0fWuU8BK9fB/gMzGdckTV1n+nw=
Subject key identifier: 52:81:6A:0F:66:71:FC:7C:57:5D:8F:CE:F7:9F:E4:1D:78:76:A3:43
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01854F153D94A4CC0831C0211E5A87CCB014
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UoFqD2Zx_HxXXY_O95_kHXh2o0M.roa
Signing time: Mon 26 Dec 2022 15:37:50 +0000
ROA not before: Mon 26 Dec 2022 15:37:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.105.0/24 maxlen: 24
84.32.104.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
84.32.107.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:15:3d:94:a4:cc:08:31:c0:21:1e:5a:87:cc:b0:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 26 15:37:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=52816a0f6671fc7c575d8fcef79fe41d7876a343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b7:fa:14:26:52:b2:b4:7f:8f:06:3e:21:e6:
23:b2:45:4e:92:90:15:b2:1b:cf:1c:9d:f8:0b:61:
4f:39:d1:91:d1:a8:c7:d8:69:00:df:eb:54:b2:2f:
fe:e6:d7:22:e4:df:f0:c0:49:9c:b6:4b:f7:26:d9:
a7:f2:9d:00:c3:bc:6b:26:ca:01:34:c1:93:da:39:
bc:17:a4:be:3f:15:41:3d:e0:ee:df:83:0c:c8:07:
41:e9:d5:cf:9c:c8:63:e6:3d:24:87:36:87:81:46:
64:8c:f2:4f:26:61:35:ce:8a:c2:e7:03:1d:8d:76:
fe:42:7c:c0:ec:89:50:3b:a1:22:51:ee:79:10:92:
fd:18:fd:18:2b:85:d2:0e:39:94:b1:6e:fe:0f:8f:
96:d1:54:5f:d1:27:00:7b:1a:8c:35:4d:09:0b:b0:
1d:bd:d6:c1:18:05:b2:83:9c:e1:5d:ac:89:1d:28:
44:87:aa:d9:bd:2a:23:5b:3d:6c:00:b4:96:61:82:
de:86:de:ec:c8:d7:79:86:75:0d:82:09:89:fe:ad:
e4:b9:be:29:6e:78:f0:0e:8a:f1:e9:29:44:3c:b1:
d5:c1:b8:11:93:49:7d:70:3e:81:00:1d:2d:77:28:
40:b6:bf:55:7d:9c:f3:37:dd:ae:cc:cf:1d:72:90:
10:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:81:6A:0F:66:71:FC:7C:57:5D:8F:CE:F7:9F:E4:1D:78:76:A3:43
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UoFqD2Zx_HxXXY_O95_kHXh2o0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
84.32.63.0/24
84.32.95.0/24
84.32.104.0/23
84.32.107.0/24
84.32.230.0/24
88.216.1.0-88.216.2.255
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
55:fd:ad:5f:c4:b3:2f:99:f6:5f:53:dc:60:68:7f:de:c4:4f:
50:e3:0d:4b:67:e9:0f:75:92:c1:57:4d:ed:58:bd:6b:2e:30:
0e:37:bc:bf:d3:12:c4:6d:95:5b:98:bc:31:1d:0e:6a:a5:64:
2c:5f:37:34:e2:4e:66:c5:a9:4b:67:c5:22:85:9a:38:2f:80:
e9:c0:ed:6e:77:43:0d:b1:bc:fe:42:e3:58:74:7c:61:36:b0:
80:65:7b:9b:4f:24:65:39:5b:b1:c5:99:7f:33:99:d0:a4:08:
6f:b6:15:40:35:8b:db:56:92:0e:bc:6f:00:c9:03:e4:a5:db:
36:1b:d2:89:00:c3:fe:2d:c1:d0:d6:fa:ed:74:5e:92:99:d3:
73:1b:37:56:30:0d:83:f5:74:74:6d:7d:cd:c7:0a:b5:ee:ba:
37:62:f8:dd:dd:0e:6d:6c:68:29:c4:97:70:46:48:d2:b8:eb:
88:5a:24:14:e3:bc:94:46:46:b1:19:ce:19:cb:ba:2c:e0:d3:
62:f4:47:0f:e3:ed:34:40:4c:5e:64:94:b4:85:e9:27:12:cd:
f5:4d:ff:09:36:9f:77:f8:ae:31:a4:89:a0:83:67:28:83:e5:
f4:c0:9a:5d:a2:82:4f:b8:a0:1c:42:c3:cb:d6:20:9e:ec:aa:
08:41:e0:54
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYVPFT2UpMwIMcAhHlqHzLAUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjI2MTUzNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjgxNmEwZjY2NzFmYzdjNTc1ZDhmY2VmNzlmZTQxZDc4NzZhMzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7f6FCZSsrR/jwY+IeYjskVOkpAV
shvPHJ34C2FPOdGR0ajH2GkA3+tUsi/+5tci5N/wwEmctkv3Jtmn8p0Aw7xrJsoB
NMGT2jm8F6S+PxVBPeDu34MMyAdB6dXPnMhj5j0khzaHgUZkjPJPJmE1zorC5wMd
jXb+QnzA7IlQO6EiUe55EJL9GP0YK4XSDjmUsW7+D4+W0VRf0ScAexqMNU0JC7Ad
vdbBGAWyg5zhXayJHShEh6rZvSojWz1sALSWYYLeht7syNd5hnUNggmJ/q3kub4p
bnjwDorx6SlEPLHVwbgRk0l9cD6BAB0tdyhAtr9VfZzzN92uzM8dcpAQaQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFKBag9mcfx8V12Pzvef5B14dqNDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVW9GcUQyWnhfSHhYWFlfTzk1X2tIWGgybzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVCA4AwQA
VCA/AwQAVCBfAwQBVCBoAwQAVCBrAwQAVCDmMAwDBABY2AEDBABY2AIDBABY2CID
BABY2MUwDQYJKoZIhvcNAQELBQADggEBAFX9rV/Esy+Z9l9T3GBof97ET1DjDUtn
6Q91ksFXTe1YvWsuMA43vL/TEsRtlVuYvDEdDmqlZCxfNzTiTmbFqUtnxSKFmjgv
gOnA7W53Qw2xvP5C41h0fGE2sIBle5tPJGU5W7HFmX8zmdCkCG+2FUA1i9tWkg68
bwDJA+Sl2zYb0okAw/4twdDW+u10XpKZ03MbN1YwDYP1dHRtfc3HCrXuujdi+N3d
Dm1saCnEl3BGSNK464haJBTjvJRGRrEZzhnLuizg02L0Rw/j7TRATF5klLSF6ScS
zfVN/wk2n3f4rjGkiaCDZyiD5fTAml2igk+4oBxCw8vWIJ7sqghB4FQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org