Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQTYN1sX2h2loMoc2yh-S1h_MFc.roa
File: WQTYN1sX2h2loMoc2yh-S1h_MFc.roa (raw, json)
Hash identifier: VY7KTktWG39wJnXL+HisgVIrGlE3NFGBLinUEymq4as=
Subject key identifier: 59:04:D8:37:5B:17:DA:1D:A5:A0:CA:1C:DB:28:7E:4B:58:7F:30:57
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01843997A40A6F23BDB0596635677F276731
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQTYN1sX2h2loMoc2yh-S1h_MFc.roa
Signing time: Wed 02 Nov 2022 18:25:50 +0000
ROA not before: Wed 02 Nov 2022 18:25:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.85.0/24 maxlen: 24
88.216.196.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:39:97:a4:0a:6f:23:bd:b0:59:66:35:67:7f:27:67:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 2 18:25:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5904d8375b17da1da5a0ca1cdb287e4b587f3057
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f1:44:e4:57:87:62:72:d2:7d:83:e7:e9:52:
47:a6:16:10:c5:11:37:24:1b:f8:bd:3a:6f:73:8f:
f5:bf:3f:6a:15:ae:75:93:70:74:0b:5e:4b:69:61:
4b:a2:29:bb:e1:60:25:3e:df:77:d2:1b:d5:14:23:
3e:f5:0f:e2:16:05:7d:0a:db:25:06:3c:9f:14:da:
80:62:74:39:15:e6:df:71:39:ff:1a:51:c4:02:49:
ec:53:c2:66:2f:9b:3e:15:e9:9c:8f:bd:38:8d:4e:
ed:1a:60:65:67:ce:1c:83:fe:58:3a:13:51:0e:d0:
78:34:5f:e7:33:64:d3:b2:68:11:63:d2:a5:4b:bb:
fd:ca:9c:0f:1f:01:55:bc:27:5f:54:59:99:0a:f0:
64:9f:62:29:a8:83:ea:66:cc:de:5e:9b:86:4f:da:
d5:a8:a2:da:4c:e1:f8:a4:9e:ff:f0:37:a3:73:d7:
c7:16:f0:45:c1:49:9a:8a:14:36:b2:d3:57:ef:38:
1d:14:b4:de:72:2f:43:d4:88:51:66:fa:9a:27:36:
36:89:20:64:e9:98:70:4e:26:4f:44:35:f9:6b:ea:
c4:3a:02:a5:ee:04:2f:ec:5d:f7:bf:da:a3:20:6a:
ae:cb:3d:ef:fa:e2:85:20:41:e8:6c:ba:b1:63:ed:
58:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:04:D8:37:5B:17:DA:1D:A5:A0:CA:1C:DB:28:7E:4B:58:7F:30:57
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/WQTYN1sX2h2loMoc2yh-S1h_MFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
84.32.67.0/24
84.32.85.0/24
88.216.37.0-88.216.38.255
88.216.100.0/24
88.216.130.0/24
88.216.187.0/24
88.216.196.0/24
Signature Algorithm: sha256WithRSAEncryption
70:83:e9:3a:6d:2a:a1:45:be:b6:0f:1c:1b:f5:ac:c8:f4:69:
d5:06:f6:07:bb:56:f5:b8:8b:e6:65:fc:d2:03:b7:be:2a:9f:
a7:a2:db:85:44:ac:a1:2d:43:53:89:ad:93:61:a2:ba:cc:26:
94:b7:a7:13:dc:1c:8a:7e:40:ed:43:c6:3f:a7:a9:54:20:d4:
34:1f:6f:ec:8d:51:90:80:3a:ea:a4:b8:8e:cd:26:17:40:78:
6e:5c:d5:ae:74:f1:e2:e5:62:ee:1b:18:36:30:2f:b8:db:37:
5e:0d:45:62:a2:6e:ec:6d:50:c5:bc:0f:d6:d4:55:23:78:4f:
39:8f:c9:9e:9a:26:b0:70:64:0d:0a:b4:8c:c8:62:16:3a:7b:
07:55:fe:48:78:2a:db:eb:e4:57:d2:b2:c1:c1:80:1f:ce:6b:
53:b8:dd:b1:5a:ad:b5:71:51:22:f4:89:c4:38:e5:17:cf:a0:
ea:1a:ba:71:e5:87:8c:c0:1b:ec:ec:6e:2b:54:1a:b0:50:c4:
07:a4:1a:c0:4d:54:b8:22:27:96:09:a7:74:af:45:61:48:da:
b3:dd:7a:dd:fe:ef:f7:fd:95:b0:06:27:c1:5f:a2:20:98:75:
34:20:ab:00:ea:71:56:22:e7:b1:37:b8:78:27:9b:2f:84:1f:
b3:f1:32:1c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYQ5l6QKbyO9sFlmNWd/J2cxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTAyMTgyNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTA0ZDgzNzViMTdkYTFkYTVhMGNhMWNkYjI4N2U0YjU4N2YzMDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/FE5FeHYnLSfYPn6VJHphYQxRE3
JBv4vTpvc4/1vz9qFa51k3B0C15LaWFLoim74WAlPt930hvVFCM+9Q/iFgV9Ctsl
BjyfFNqAYnQ5FebfcTn/GlHEAknsU8JmL5s+Femcj704jU7tGmBlZ84cg/5YOhNR
DtB4NF/nM2TTsmgRY9KlS7v9ypwPHwFVvCdfVFmZCvBkn2IpqIPqZszeXpuGT9rV
qKLaTOH4pJ7/8Dejc9fHFvBFwUmaihQ2stNX7zgdFLTeci9D1IhRZvqaJzY2iSBk
6ZhwTiZPRDX5a+rEOgKl7gQv7F33v9qjIGquyz3v+uKFIEHobLqxY+1Y4wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFFkE2DdbF9odpaDKHNsofktYfzBXMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvV1FUWU4xc1gyaDJsb01vYzJ5aC1TMWhfTUZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVCAnAwQA
VCA5AwQAVCBDAwQAVCBVMAwDBABY2CUDBABY2CYDBABY2GQDBABY2IIDBABY2LsD
BABY2MQwDQYJKoZIhvcNAQELBQADggEBAHCD6TptKqFFvrYPHBv1rMj0adUG9ge7
VvW4i+Zl/NIDt74qn6ei24VErKEtQ1OJrZNhorrMJpS3pxPcHIp+QO1Dxj+nqVQg
1DQfb+yNUZCAOuqkuI7NJhdAeG5c1a508eLlYu4bGDYwL7jbN14NRWKibuxtUMW8
D9bUVSN4TzmPyZ6aJrBwZA0KtIzIYhY6ewdV/kh4Ktvr5FfSssHBgB/Oa1O43bFa
rbVxUSL0icQ45RfPoOoaunHlh4zAG+zsbitUGrBQxAekGsBNVLgiJ5YJp3SvRWFI
2rPdet3+7/f9lbAGJ8FfoiCYdTQgqwDqcVYi57E3uHgnmy+EH7PxMhw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org