Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_kbniw0KBTnWv8k-lLaTB4Z24Rk.roa
File: _kbniw0KBTnWv8k-lLaTB4Z24Rk.roa (raw, json)
Hash identifier: N21vxgahk50KWAhyLb1qHHiKwRiUjhZmxPAP6DRQ/0s=
Subject key identifier: FE:46:E7:8B:0D:0A:05:39:D6:BF:C9:3E:94:B6:93:07:86:76:E1:19
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183D0827F22ADC14ADB65D671E1B57AA9ED
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_kbniw0KBTnWv8k-lLaTB4Z24Rk.roa
Signing time: Thu 13 Oct 2022 08:42:36 +0000
ROA not before: Thu 13 Oct 2022 08:42:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 84.32.57.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.87.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
84.32.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d0:82:7f:22:ad:c1:4a:db:65:d6:71:e1:b5:7a:a9:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 13 08:42:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe46e78b0d0a0539d6bfc93e94b693078676e119
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:9b:a7:3f:81:5e:57:58:47:61:e9:08:33:9c:
82:94:c1:98:5b:5f:b5:fa:66:bf:fa:68:80:21:66:
cd:03:e7:ea:50:26:bc:47:a8:ef:71:bf:0f:76:37:
f5:c3:06:cb:8b:b0:36:0b:59:a7:7f:db:59:3b:02:
73:28:af:1e:86:e4:5b:f6:92:44:99:f7:5e:96:f7:
8b:f1:77:59:b9:94:7d:81:a3:d6:c7:07:ac:d7:79:
0b:28:8e:4b:9d:d7:e1:f5:e0:b8:a9:57:1c:9a:ae:
1a:5a:20:38:59:9e:01:f1:b7:1c:2a:17:3d:70:13:
b3:5e:6b:ed:c4:a7:c5:7e:0d:16:55:de:08:01:80:
24:07:e9:90:2b:92:02:fe:3f:4c:1a:c8:73:75:1a:
fd:5b:95:a3:54:fe:8c:e9:6b:82:03:1e:39:9b:c8:
33:32:83:87:48:a7:eb:06:47:42:e9:3b:62:5f:c3:
54:c9:6f:13:b1:47:44:eb:72:8a:07:6c:4f:be:1d:
b8:65:13:d1:87:3c:4b:5c:9f:0d:c0:3e:a2:af:f7:
0c:a1:1c:ad:6b:f0:32:40:16:bc:ce:ad:02:71:da:
b5:57:a6:b9:98:b4:77:48:c1:10:5a:00:7b:8d:bd:
74:3d:df:10:92:8f:8c:45:42:c6:24:d2:e4:b1:ec:
c8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:46:E7:8B:0D:0A:05:39:D6:BF:C9:3E:94:B6:93:07:86:76:E1:19
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/_kbniw0KBTnWv8k-lLaTB4Z24Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.39.0/24
84.32.57.0/24
84.32.87.0/24
88.216.37.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fe:33:98:6a:2b:2c:57:cb:05:ef:f5:8b:12:99:39:2c:39:
ac:ff:4c:33:ea:ac:fa:9f:b9:2a:ea:b5:3d:c6:37:76:82:1d:
54:00:30:63:92:05:d2:a9:6b:e1:3d:37:dc:43:35:fa:3d:1c:
16:49:0d:75:db:7b:9a:ab:dc:e4:76:ba:10:f5:9b:16:e3:81:
e0:43:d6:95:99:75:5f:70:5c:8b:88:01:ab:af:51:02:3d:16:
10:9d:5c:de:c7:fc:40:2f:e9:a9:03:51:27:1d:5c:7a:34:57:
ac:d6:fe:98:bc:c5:75:61:e4:7e:38:0c:8d:d4:25:59:97:a8:
1b:cd:df:68:94:81:ba:45:71:59:eb:8d:c0:05:3e:d6:4d:52:
92:44:8e:f2:66:f3:db:91:6e:94:4a:b4:91:a2:fd:ec:44:ff:
9b:e9:85:2e:f7:d3:84:16:39:02:40:c7:c1:93:94:35:d2:22:
4f:a8:b5:4a:6b:1b:c0:f4:0a:27:a5:c6:20:99:3e:6f:25:57:
bf:9b:83:32:a7:f6:8a:f0:7c:df:7f:02:2d:07:96:7b:07:81:
d7:75:48:ce:05:a5:6f:81:16:c1:5d:80:12:48:73:03:2b:18:
c3:23:73:b6:34:8b:fd:ab:fc:b5:66:cc:81:8e:c8:e1:04:bc:
66:24:98:ea
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPQgn8ircFK22XWceG1eqntMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDEzMDg0MjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTQ2ZTc4YjBkMGEwNTM5ZDZiZmM5M2U5NGI2OTMwNzg2NzZlMTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5unP4FeV1hHYekIM5yClMGYW1+1
+ma/+miAIWbNA+fqUCa8R6jvcb8Pdjf1wwbLi7A2C1mnf9tZOwJzKK8ehuRb9pJE
mfdelveL8XdZuZR9gaPWxwes13kLKI5Lndfh9eC4qVccmq4aWiA4WZ4B8bccKhc9
cBOzXmvtxKfFfg0WVd4IAYAkB+mQK5IC/j9MGshzdRr9W5WjVP6M6WuCAx45m8gz
MoOHSKfrBkdC6TtiX8NUyW8TsUdE63KKB2xPvh24ZRPRhzxLXJ8NwD6ir/cMoRyt
a/AyQBa8zq0Ccdq1V6a5mLR3SMEQWgB7jb10Pd8Qko+MRULGJNLksezI4QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFP5G54sNCgU51r/JPpS2kweGduEZMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvX2tibml3MEtCVG5XdjhrLWxMYVRCNFoyNFJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCAnAwQA
VCA5AwQAVCBXAwQAWNglAwQAWNi7MA0GCSqGSIb3DQEBCwUAA4IBAQAQ/jOYaiss
V8sF7/WLEpk5LDms/0wz6qz6n7kq6rU9xjd2gh1UADBjkgXSqWvhPTfcQzX6PRwW
SQ1123uaq9zkdroQ9ZsW44HgQ9aVmXVfcFyLiAGrr1ECPRYQnVzex/xAL+mpA1En
HVx6NFes1v6YvMV1YeR+OAyN1CVZl6gbzd9olIG6RXFZ643ABT7WTVKSRI7yZvPb
kW6USrSRov3sRP+b6YUu99OEFjkCQMfBk5Q10iJPqLVKaxvA9AonpcYgmT5vJVe/
m4Myp/aK8HzffwItB5Z7B4HXdUjOBaVvgRbBXYASSHMDKxjDI3O2NIv9q/y1ZsyB
jsjhBLxmJJjq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:33 2024 by rpki-client on console-fra.rpki-client.org