Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_8F0jYrv6LQ4lvQDATSzLBV2svk.roa
File: _8F0jYrv6LQ4lvQDATSzLBV2svk.roa (raw, json)
Hash identifier: L98Tcx/7NKWSjzNyINFR/VnZLJr5gDHevOCglgVwVm8=
Subject key identifier: FF:C1:74:8D:8A:EF:E8:B4:38:96:F4:03:01:34:B3:2C:15:76:B2:F9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0182844853AD40A73F021BCB96335A1A72E9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_8F0jYrv6LQ4lvQDATSzLBV2svk.roa
Signing time: Tue 09 Aug 2022 20:25:08 +0000
ROA not before: Tue 09 Aug 2022 20:25:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.7.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:84:48:53:ad:40:a7:3f:02:1b:cb:96:33:5a:1a:72:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 9 20:25:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffc1748d8aefe8b43896f4030134b32c1576b2f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8b:b1:ca:2f:dd:98:b3:d3:9a:dd:e7:c5:ee:
da:46:e1:43:e4:24:9e:c8:dd:27:cb:fc:e1:61:75:
4d:4f:e4:27:50:00:fc:74:2a:7c:c7:e6:20:17:e0:
6a:d3:75:03:6e:93:55:cf:85:82:5c:78:e7:6b:a9:
9e:0d:4e:76:7e:d2:59:09:b6:5f:9e:fb:c6:94:ab:
5f:2e:88:f5:9e:9e:47:24:57:d5:fa:d7:cc:cd:1b:
0f:04:17:17:de:21:83:33:58:b6:8d:a2:c2:05:9d:
3a:7e:57:b1:73:d2:15:46:ec:8c:da:97:f0:6d:fa:
42:08:a4:be:1f:0c:8f:fe:4f:b2:04:a4:57:41:bc:
a1:a9:c2:aa:2e:fc:6f:eb:c1:b1:6c:61:e9:89:56:
c6:af:3e:ca:4d:41:c6:71:17:c0:08:f9:e5:dd:b2:
76:b4:3f:0d:9c:05:bb:d9:27:6c:59:0d:51:ac:3b:
8a:ff:84:2c:f5:23:51:d4:14:31:02:1f:49:51:31:
b6:15:ca:18:48:e5:81:4f:f9:70:29:15:61:8f:6a:
39:4a:05:e6:d7:bd:33:d6:31:67:03:7b:85:d5:8f:
b3:3d:38:2c:e4:d1:c4:3a:59:30:51:c7:4a:a6:02:
5d:43:cb:ad:1d:a6:62:83:8b:d5:e6:5c:3e:84:0f:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:C1:74:8D:8A:EF:E8:B4:38:96:F4:03:01:34:B3:2C:15:76:B2:F9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_8F0jYrv6LQ4lvQDATSzLBV2svk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
88.216.40.0/24
Signature Algorithm: sha256WithRSAEncryption
17:64:ad:0f:37:fc:52:9c:fc:af:c4:18:31:3d:f1:21:30:7c:
18:96:1e:db:24:60:84:88:5b:19:3e:4e:56:d6:f3:12:d4:43:
fb:64:9e:00:e9:24:5b:14:80:16:36:a4:db:ff:a2:27:45:62:
6d:e5:d7:dc:3d:3f:0c:b7:d7:9f:85:d3:f4:9a:9d:5b:ec:33:
09:07:26:a0:fa:9f:e3:3e:47:61:73:8b:b3:14:23:1b:cd:d0:
ef:75:f0:9f:20:67:12:14:51:03:44:72:8e:1e:b7:5e:70:4c:
f4:54:9e:4a:f1:de:e4:f5:98:ef:b6:df:84:80:7b:aa:f5:05:
e2:fe:f8:d6:1a:d3:dc:4c:87:72:ec:4d:54:1e:e6:89:a7:eb:
0e:62:9f:36:30:f0:14:c3:f8:cc:76:34:5c:42:62:8d:d4:16:
72:fd:03:c2:1e:c4:79:cc:ed:cc:ff:09:ca:c8:53:4f:61:ab:
a8:f6:5c:91:15:54:73:dd:63:d6:aa:91:c4:d9:24:a8:55:ca:
02:b4:90:0c:ef:f2:37:db:dc:00:ef:7d:cc:cf:c1:82:af:3b:
ec:93:b1:22:bc:87:11:95:32:87:43:a4:fc:40:39:19:58:e8:
92:50:19:4a:fd:95:a1:3a:2f:19:4f:18:95:77:94:38:44:b0:
85:d5:2d:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKESFOtQKc/AhvLljNaGnLpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODA5MjAyNTA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmMxNzQ4ZDhhZWZlOGI0Mzg5NmY0MDMwMTM0YjMyYzE1NzZiMmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYuxyi/dmLPTmt3nxe7aRuFD5CSe
yN0ny/zhYXVNT+QnUAD8dCp8x+YgF+Bq03UDbpNVz4WCXHjna6meDU52ftJZCbZf
nvvGlKtfLoj1np5HJFfV+tfMzRsPBBcX3iGDM1i2jaLCBZ06flexc9IVRuyM2pfw
bfpCCKS+HwyP/k+yBKRXQbyhqcKqLvxv68GxbGHpiVbGrz7KTUHGcRfACPnl3bJ2
tD8NnAW72SdsWQ1RrDuK/4Qs9SNR1BQxAh9JUTG2FcoYSOWBT/lwKRVhj2o5SgXm
170z1jFnA3uF1Y+zPTgs5NHEOlkwUcdKpgJdQ8utHaZig4vV5lw+hA/b8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP/BdI2K7+i0OJb0AwE0sywVdrL5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvXzhGMGpZcnY2TFE0bHZRREFUU3pMQlYyc3ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAHAwQA
WNgoMA0GCSqGSIb3DQEBCwUAA4IBAQAXZK0PN/xSnPyvxBgxPfEhMHwYlh7bJGCE
iFsZPk5W1vMS1EP7ZJ4A6SRbFIAWNqTb/6InRWJt5dfcPT8Mt9efhdP0mp1b7DMJ
Byag+p/jPkdhc4uzFCMbzdDvdfCfIGcSFFEDRHKOHrdecEz0VJ5K8d7k9Zjvtt+E
gHuq9QXi/vjWGtPcTIdy7E1UHuaJp+sOYp82MPAUw/jMdjRcQmKN1BZy/QPCHsR5
zO3M/wnKyFNPYauo9lyRFVRz3WPWqpHE2SSoVcoCtJAM7/I329wA733Mz8GCrzvs
k7EivIcRlTKHQ6T8QDkZWOiSUBlK/ZWhOi8ZTxiVd5Q4RLCF1S2N
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org