Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WGQwpZVXcNXDHUEJhhNWV02FvHo.roa
File: WGQwpZVXcNXDHUEJhhNWV02FvHo.roa (raw, json)
Hash identifier: 7djEWebSA8E/gvRG5LQdZob+OFnNXWR3a5zNImsEAPU=
Subject key identifier: 58:64:30:A5:95:57:70:D5:C3:1D:41:09:86:13:56:57:4D:85:BC:7A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01840E82ECEE382F6A3358486E32F62B422D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WGQwpZVXcNXDHUEJhhNWV02FvHo.roa
Signing time: Tue 25 Oct 2022 09:39:32 +0000
ROA not before: Tue 25 Oct 2022 09:39:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.224.0/21 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.248.0/21 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0e:82:ec:ee:38:2f:6a:33:58:48:6e:32:f6:2b:42:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 25 09:39:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=586430a5955770d5c31d4109861356574d85bc7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f0:f2:cc:c5:25:36:2f:14:43:22:53:64:af:
56:be:90:b0:8d:1c:89:de:94:2e:89:25:1f:81:56:
b6:94:d4:99:93:79:42:f1:42:f0:df:4e:5c:e5:2d:
3c:6a:b0:e6:e2:a1:df:55:30:7a:51:45:5d:fa:59:
8e:61:0f:66:0b:71:b4:86:e8:05:97:d2:61:68:de:
bf:15:42:0e:ac:a0:4d:b0:67:8c:61:0c:f2:57:3c:
86:41:fd:93:25:f1:55:94:7a:a4:88:a4:2d:19:61:
32:b0:36:c5:2c:8c:52:d7:b8:f1:4e:fa:6c:fe:3d:
0c:af:ed:e4:e5:b2:32:d8:13:26:5c:13:ec:ae:06:
24:c2:1a:1d:19:fa:d0:1e:a8:4c:a4:fd:02:c3:7e:
ad:0e:de:83:d9:ab:83:bf:e1:41:0f:68:1a:1b:b1:
8b:c5:68:16:47:98:1d:ab:5f:95:6d:f3:3d:d9:97:
53:28:fe:fc:f9:09:07:5a:fe:e4:df:1e:cb:df:a7:
a1:4a:1a:4f:e6:19:e2:4b:82:a9:f4:80:e9:ac:31:
a2:12:34:1a:33:0d:84:ad:d6:10:ed:b2:de:09:45:
3a:2c:68:02:a8:fa:18:06:74:e9:c5:8f:12:ba:ac:
a5:48:64:58:51:01:70:84:08:5e:24:45:44:91:55:
7b:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:64:30:A5:95:57:70:D5:C3:1D:41:09:86:13:56:57:4D:85:BC:7A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WGQwpZVXcNXDHUEJhhNWV02FvHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/24
88.216.98.0/24
88.216.209.0-88.216.211.255
88.216.224.0/21
88.216.248.0/21
Signature Algorithm: sha256WithRSAEncryption
51:ae:43:4b:f7:97:3b:7d:33:5b:89:ab:bc:79:73:86:3c:65:
d2:9d:de:74:fb:7f:79:f4:e1:86:8a:2d:14:50:01:3e:76:b6:
3f:61:4e:b4:21:95:5e:77:ef:ec:3f:01:67:65:8f:0f:57:bb:
19:c3:a4:35:8b:22:d8:bd:d0:52:91:3f:50:68:ee:7f:16:b0:
39:8b:a8:54:33:81:d8:1c:e7:df:e8:3f:f5:00:1f:d2:1a:1f:
8a:ae:95:07:5f:f7:23:0f:dd:e5:f2:67:75:b6:9b:62:31:ff:
11:8b:6e:9f:86:a5:bc:db:44:b8:ee:13:80:2f:98:aa:10:38:
9b:4c:13:a2:af:73:03:5b:e7:1c:b3:2e:ee:b1:38:5c:10:a7:
83:e9:c7:20:84:e3:92:a8:1b:48:7a:6c:da:4d:c3:57:c6:bf:
cd:20:ac:0c:20:16:2f:eb:d3:b6:ac:f1:06:78:64:7b:6b:5b:
34:1f:49:ae:08:0a:9a:37:04:f0:19:cc:e9:2c:6d:be:b1:17:
2f:1f:1a:54:50:40:2d:b6:40:e9:97:46:93:3d:3c:6c:89:03:
5b:11:7e:f4:43:73:da:6d:cd:eb:0e:de:7e:10:06:85:7a:68:
19:17:a9:6a:e8:ae:e6:86:5e:29:a4:1a:b5:e3:f9:9d:16:b1:
bf:96:d3:aa
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYQOguzuOC9qM1hIbjL2K0ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI1MDkzOTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODY0MzBhNTk1NTc3MGQ1YzMxZDQxMDk4NjEzNTY1NzRkODViYzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/DyzMUlNi8UQyJTZK9WvpCwjRyJ
3pQuiSUfgVa2lNSZk3lC8ULw305c5S08arDm4qHfVTB6UUVd+lmOYQ9mC3G0hugF
l9JhaN6/FUIOrKBNsGeMYQzyVzyGQf2TJfFVlHqkiKQtGWEysDbFLIxS17jxTvps
/j0Mr+3k5bIy2BMmXBPsrgYkwhodGfrQHqhMpP0Cw36tDt6D2auDv+FBD2gaG7GL
xWgWR5gdq1+VbfM92ZdTKP78+QkHWv7k3x7L36ehShpP5hniS4Kp9IDprDGiEjQa
Mw2ErdYQ7bLeCUU6LGgCqPoYBnTpxY8SuqylSGRYUQFwhAheJEVEkVV7DwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFhkMKWVV3DVwx1BCYYTVldNhbx6MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV0dRd3BaVlhjTlhESFVFSmhoTldWMDJGdkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAVCAGAwQC
VCA0MAwDBABY2BMDBANY2BADBABY2CADBABY2C4DBABY2GIwDAMEAFjY0QMEAljY
0AMEA1jY4AMEA1jY+DANBgkqhkiG9w0BAQsFAAOCAQEAUa5DS/eXO30zW4mrvHlz
hjxl0p3edPt/efThhootFFABPna2P2FOtCGVXnfv7D8BZ2WPD1e7GcOkNYsi2L3Q
UpE/UGjufxawOYuoVDOB2Bzn3+g/9QAf0hofiq6VB1/3Iw/d5fJndbabYjH/EYtu
n4alvNtEuO4TgC+YqhA4m0wToq9zA1vnHLMu7rE4XBCng+nHIITjkqgbSHps2k3D
V8a/zSCsDCAWL+vTtqzxBnhke2tbNB9JrggKmjcE8BnM6SxtvrEXLx8aVFBALbZA
6ZdGkz08bIkDWxF+9ENz2m3N6w7efhAGhXpoGRepauiu5oZeKaQateP5nRaxv5bT
qg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org