Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Z6fLc56Zo4tD444rWkmXKlOV4MM.roa
File: Z6fLc56Zo4tD444rWkmXKlOV4MM.roa (raw, json)
Hash identifier: Z5LuwJG5BHnPdoqJtEVaV4ZqSJhOY1okKIhF0Fqmv8E=
Subject key identifier: 67:A7:CB:73:9E:99:A3:8B:43:E3:8E:2B:5A:49:97:2A:53:95:E0:C3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C4E3D252856B919FE132F37D5FD48F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Z6fLc56Zo4tD444rWkmXKlOV4MM.roa
Signing time: Thu 08 Dec 2022 17:25:00 +0000
ROA not before: Thu 08 Dec 2022 17:25:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.187.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c4:e3:d2:52:85:6b:91:9f:e1:32:f3:7d:5f:d4:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:25:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=67a7cb739e99a38b43e38e2b5a49972a5395e0c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e3:f6:7d:c2:1d:73:dc:e8:73:f8:bc:67:5b:
df:16:c6:32:82:26:09:8c:fc:0e:17:c8:1c:78:51:
06:7b:67:35:e7:4d:3f:a9:cd:72:ee:32:9f:d5:06:
43:e1:e7:b1:34:f4:e1:b0:f7:53:9f:02:9f:de:7d:
cf:5d:41:d4:13:79:e8:df:8f:69:59:32:30:b9:dd:
70:0b:eb:a0:46:5a:1c:a9:e0:bc:7b:7c:fb:3c:03:
bd:fa:e7:0e:ea:48:36:b2:81:15:ba:b0:71:a1:c6:
fc:44:f3:3c:ad:85:8c:4f:09:94:88:69:fc:05:96:
8b:11:04:e3:bd:da:57:9f:e0:2c:9b:4d:d5:37:ec:
b6:39:55:75:af:43:3d:dc:58:ff:34:7b:52:ad:09:
21:a7:81:f0:b3:ce:b7:ad:50:34:16:8b:c7:55:2a:
48:2e:08:11:69:56:9a:e3:8e:89:73:e3:6f:b8:bc:
50:e2:94:72:45:62:74:f2:4a:6d:a2:93:8b:10:45:
bb:86:89:c1:8c:e1:68:1f:45:e7:f8:8a:1f:32:80:
77:ea:e0:52:c9:a1:29:ed:bb:73:db:13:d4:7f:6e:
47:a4:ce:a2:7a:3d:0e:2b:13:7e:b6:6d:47:e6:96:
c0:7f:ef:40:d2:5c:01:f1:86:ee:5f:bc:4f:42:17:
09:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A7:CB:73:9E:99:A3:8B:43:E3:8E:2B:5A:49:97:2A:53:95:E0:C3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Z6fLc56Zo4tD444rWkmXKlOV4MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.224.0/24
84.32.254.0/24
88.216.40.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c8:0a:da:cf:49:ee:61:d1:d1:7b:d8:d7:a3:7a:e1:63:a7:
bf:d0:0c:47:be:cf:09:49:1d:c6:dc:b0:71:f8:e7:0a:d4:3d:
ca:32:46:e1:cb:fa:a6:48:8e:f7:0e:30:8a:5c:7e:f7:fc:69:
f1:3d:1b:71:85:f3:09:b1:79:69:43:45:4c:7d:d0:21:4d:49:
92:06:e5:ab:13:87:60:3d:f0:e7:af:b4:6b:d7:6d:8f:9c:0d:
da:67:34:59:9d:3f:7b:f2:b8:57:5c:7a:e3:09:78:da:bd:54:
81:c8:95:41:51:e2:ee:dd:31:31:60:98:41:0d:e8:db:ce:0c:
00:94:f3:6d:f4:1a:7f:e3:27:3a:72:46:e2:3b:1a:54:a8:5c:
ac:20:01:a0:fa:8c:c4:32:ff:ec:57:97:0c:e4:fa:80:b2:0d:
86:c9:5a:a7:2e:63:1a:f5:fa:54:6c:8b:23:6c:0a:c3:38:36:
58:a3:9f:8e:6f:07:01:b2:95:df:04:97:5e:ed:47:76:92:25:
99:f2:6d:46:1b:89:43:d7:3c:ad:bf:1c:bb:bb:8b:9f:af:aa:
1a:85:0e:3a:6f:10:ec:50:13:56:44:7e:33:27:3d:94:f2:08:
bd:3e:4c:3a:87:9a:36:94:a8:2e:b9:44:c8:bb:2b:29:81:99:
e4:53:fd:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTyxOPSUoVrkZ/hMvN9X9SPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTcyNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E3Y2I3MzllOTlhMzhiNDNlMzhlMmI1YTQ5OTcyYTUzOTVlMGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+P2fcIdc9zoc/i8Z1vfFsYygiYJ
jPwOF8gceFEGe2c1500/qc1y7jKf1QZD4eexNPThsPdTnwKf3n3PXUHUE3no349p
WTIwud1wC+ugRlocqeC8e3z7PAO9+ucO6kg2soEVurBxocb8RPM8rYWMTwmUiGn8
BZaLEQTjvdpXn+Asm03VN+y2OVV1r0M93Fj/NHtSrQkhp4Hws863rVA0FovHVSpI
LggRaVaa446Jc+NvuLxQ4pRyRWJ08kptopOLEEW7honBjOFoH0Xn+IofMoB36uBS
yaEp7btz2xPUf25HpM6iej0OKxN+tm1H5pbAf+9A0lwB8YbuX7xPQhcJ6wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGeny3OemaOLQ+OOK1pJlypTleDDMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvWjZmTGM1NlpvNHRENDQ0cldrbVhLbE9WNE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCAOAwQA
VCAiAwQAVCDgAwQAVCD+AwQAWNgoAwQAWNi7MA0GCSqGSIb3DQEBCwUAA4IBAQBC
yAraz0nuYdHRe9jXo3rhY6e/0AxHvs8JSR3G3LBx+OcK1D3KMkbhy/qmSI73DjCK
XH73/GnxPRtxhfMJsXlpQ0VMfdAhTUmSBuWrE4dgPfDnr7Rr122PnA3aZzRZnT97
8rhXXHrjCXjavVSByJVBUeLu3TExYJhBDejbzgwAlPNt9Bp/4yc6ckbiOxpUqFys
IAGg+ozEMv/sV5cM5PqAsg2GyVqnLmMa9fpUbIsjbArDODZYo5+ObwcBspXfBJde
7Ud2kiWZ8m1GG4lD1zytvxy7u4ufr6oahQ46bxDsUBNWRH4zJz2U8gi9Pkw6h5o2
lKguuUTIuyspgZnkU/1n
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org