Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y9iYxRiv01oOb-XT4PM70CKmZIU.roa
File: Y9iYxRiv01oOb-XT4PM70CKmZIU.roa (raw, json)
Hash identifier: R73SB0V/UeZWgkP+CXs+VzVhENLGNmagG0XnUQ/6p20=
Subject key identifier: 63:D8:98:C5:18:AF:D3:5A:0E:6F:E5:D3:E0:F3:3B:D0:22:A6:64:85
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018535637DB18FE3C122A1E656D8385C8A0D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y9iYxRiv01oOb-XT4PM70CKmZIU.roa
Signing time: Wed 21 Dec 2022 15:53:10 +0000
ROA not before: Wed 21 Dec 2022 15:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 88.216.199.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.210.0/24 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.226.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.245.0/24 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
84.32.10.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
88.216.92.0/24 maxlen: 24
84.32.108.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.47.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:63:7d:b1:8f:e3:c1:22:a1:e6:56:d8:38:5c:8a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 21 15:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=63d898c518afd35a0e6fe5d3e0f33bd022a66485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:67:66:2f:76:db:2e:01:75:13:a4:65:fb:19:
7c:f7:7f:73:49:e0:89:ba:7d:bc:54:46:d1:c0:94:
fe:42:5d:4f:bf:46:76:59:28:e0:88:18:47:1d:e3:
b2:14:5d:2c:15:9d:98:5e:f7:70:77:f4:f6:c7:9c:
48:00:3e:c6:91:4f:13:0b:b6:48:c6:f1:5c:3f:79:
9d:5f:4c:6e:fb:69:52:78:72:7d:cb:2c:ab:bb:4a:
9f:87:3f:ae:e7:f2:38:ba:1e:c6:30:c1:49:7e:a4:
0f:75:bc:58:24:d4:59:3e:7c:08:b3:18:b0:52:e8:
5b:09:d5:5f:d7:0f:1c:41:b3:35:65:cb:96:63:82:
d8:47:2d:01:db:21:1c:da:bf:65:3b:10:b0:c4:87:
5e:d3:11:0d:c7:67:4e:bd:82:00:7a:2b:ad:cb:42:
0b:54:ab:1c:58:79:02:36:1d:f4:e3:23:a6:22:b5:
bb:7a:d9:90:fd:b6:7e:28:ca:a0:e4:3e:a2:2a:a1:
3d:80:00:7f:eb:61:d0:60:e6:12:d5:88:da:24:ba:
99:92:20:dd:0a:0f:86:92:2e:c0:f7:37:90:e2:59:
f0:a8:e5:41:3c:9a:c1:b5:ec:b1:91:ba:48:94:cf:
c2:56:c8:9c:db:dc:1b:14:11:80:2a:6d:e6:bf:00:
9d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:D8:98:C5:18:AF:D3:5A:0E:6F:E5:D3:E0:F3:3B:D0:22:A6:64:85
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Y9iYxRiv01oOb-XT4PM70CKmZIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.10.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.88.0/24
84.32.93.0/24
84.32.108.0/24
84.32.177.0/24
84.32.218.0/24
84.32.226.0/24
84.32.239.0/24
84.32.245.0/24
88.216.3.0/24
88.216.21.0-88.216.22.255
88.216.32.0/24
88.216.46.0/23
88.216.92.0/24
88.216.134.0/24
88.216.199.0/24
88.216.210.0/23
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:33:56:fe:07:6b:4f:f8:bc:fa:9a:ee:a0:86:db:b5:59:67:
0c:fa:de:39:06:bf:3b:10:f9:d3:8a:32:c1:53:8a:d9:1f:ff:
ad:be:31:87:f0:9a:57:0e:6b:7d:46:f2:86:be:fd:44:53:0f:
7c:36:55:01:ed:6d:a9:c5:c5:d2:37:b9:53:4a:20:2b:78:7d:
a6:1e:9d:2f:d0:97:c2:1d:62:eb:66:b7:92:79:4a:6c:be:0e:
d0:d5:4f:e7:af:ae:29:3c:5a:ed:5c:2d:75:1f:0a:4b:e7:67:
14:b3:be:46:bd:d4:0b:d8:32:84:11:a0:59:c7:f5:bc:c7:00:
38:88:f9:70:39:e5:09:16:f1:93:96:20:53:5c:50:4b:ea:82:
a1:dd:4c:6b:03:d6:34:a6:76:8d:16:32:63:de:bc:4e:3b:af:
84:94:17:2d:22:81:ea:b5:c8:25:9e:1c:f6:bb:78:b6:e6:0e:
44:5f:89:ec:0f:ad:82:88:cc:fd:06:09:04:a9:45:96:52:34:
ee:65:5f:91:a6:82:2d:c1:3f:0c:38:82:47:8b:29:24:6d:fc:
8f:2a:86:71:8f:52:fb:b4:b7:cd:89:30:56:dd:a5:dc:9b:f1:
5e:74:a3:61:05:3c:c4:84:e0:5f:48:96:d7:0e:03:27:4b:34:
05:49:62:f1
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYU1Y32xj+PBIqHmVtg4XIoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIxMTU1MzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Q4OThjNTE4YWZkMzVhMGU2ZmU1ZDNlMGYzM2JkMDIyYTY2NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWdmL3bbLgF1E6Rl+xl8939zSeCJ
un28VEbRwJT+Ql1Pv0Z2WSjgiBhHHeOyFF0sFZ2YXvdwd/T2x5xIAD7GkU8TC7ZI
xvFcP3mdX0xu+2lSeHJ9yyyru0qfhz+u5/I4uh7GMMFJfqQPdbxYJNRZPnwIsxiw
UuhbCdVf1w8cQbM1ZcuWY4LYRy0B2yEc2r9lOxCwxIde0xENx2dOvYIAeiuty0IL
VKscWHkCNh304yOmIrW7etmQ/bZ+KMqg5D6iKqE9gAB/62HQYOYS1YjaJLqZkiDd
Cg+Gki7A9zeQ4lnwqOVBPJrBteyxkbpIlM/CVsic29wbFBGAKm3mvwCdfwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFGPYmMUYr9NaDm/l0+DzO9AipmSFMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWTlpWXhSaXYwMW9PYi1YVDRQTTcwQ0ttWklVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBABU
IAgDBABUIAoDBABUIDADBABUIDIDBABUIDoDBABUIEcDBABUIFgDBABUIF0DBABU
IGwDBABUILEDBABUINoDBABUIOIDBABUIO8DBABUIPUDBABY2AMwDAMEAFjYFQME
AFjYFgMEAFjYIAMEAVjYLgMEAFjYXAMEAFjYhgMEAFjYxwMEAVjY0gMEAFjY3zAN
BgkqhkiG9w0BAQsFAAOCAQEAWjNW/gdrT/i8+pruoIbbtVlnDPreOQa/OxD504oy
wVOK2R//rb4xh/CaVw5rfUbyhr79RFMPfDZVAe1tqcXF0je5U0ogK3h9ph6dL9CX
wh1i62a3knlKbL4O0NVP56+uKTxa7VwtdR8KS+dnFLO+Rr3UC9gyhBGgWcf1vMcA
OIj5cDnlCRbxk5YgU1xQS+qCod1MawPWNKZ2jRYyY968TjuvhJQXLSKB6rXIJZ4c
9rt4tuYORF+J7A+tgojM/QYJBKlFllI07mVfkaaCLcE/DDiCR4spJG38jyqGcY9S
+7S3zYkwVt2l3JvxXnSjYQU8xITgX0iW1w4DJ0s0BUli8Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org