Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/a5XaPVVPS0yRxSgqvEnGVz0SAJw.roa
File: a5XaPVVPS0yRxSgqvEnGVz0SAJw.roa (raw, json)
Hash identifier: 8wLRylRE6qUHjIF/DzGHi3l5a2OnNT3qR395bcp9e5w=
Subject key identifier: 6B:95:DA:3D:55:4F:4B:4C:91:C5:28:2A:BC:49:C6:57:3D:12:00:9C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01ABAF2C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/a5XaPVVPS0yRxSgqvEnGVz0SAJw.roa
Signing time: Fri 01 Jul 2022 15:50:25 +0000
ROA not before: Fri 01 Jul 2022 15:50:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 84.32.64.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.180.0/22 maxlen: 24
84.32.82.0/23 maxlen: 24
88.216.196.0/22 maxlen: 24
88.216.209.0/24 maxlen: 24
88.216.210.0/23 maxlen: 24
88.216.212.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
84.32.24.0/21 maxlen: 24
84.32.40.0/21 maxlen: 24
88.216.90.0/24 maxlen: 24
88.216.0.0/22 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 28028716 (0x1abaf2c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 1 15:50:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6b95da3d554f4b4c91c5282abc49c6573d12009c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:38:77:60:a0:e0:4a:c7:50:33:b2:42:22:a1:
05:21:ca:d7:52:cf:b0:7e:b8:aa:0d:07:0e:a6:e4:
94:f1:ab:7c:7f:0e:ed:16:01:91:b0:a3:1a:cd:54:
db:5f:ed:f8:ca:28:c5:ce:2d:0a:b8:65:43:a5:90:
ab:fa:1e:9d:99:69:a9:db:aa:c1:48:19:09:57:75:
db:63:32:b7:cc:19:e1:22:fc:2c:00:42:58:37:73:
2d:07:55:33:da:b0:cf:df:cf:a1:51:a0:f1:84:dd:
26:13:26:04:0c:90:de:97:7f:50:f6:ed:08:cb:cf:
fc:8b:76:25:24:ec:eb:8f:2b:8d:b4:7f:af:85:7d:
18:69:1b:94:ba:b9:74:57:d6:fc:6d:25:34:a5:c3:
4d:68:d1:90:9c:c4:7c:18:c7:f6:b6:53:74:ce:f7:
32:63:49:85:8b:69:1b:74:11:9e:01:63:61:e3:e3:
d3:ce:a0:9b:c6:57:de:93:4c:20:f6:f6:fb:8a:90:
2d:55:52:6a:aa:ef:2e:54:a3:84:5a:4c:93:b3:0e:
b0:92:4c:a0:f5:07:c8:11:3f:37:08:cb:15:f7:2f:
68:26:8c:18:88:52:ed:89:a3:d4:ad:3a:e7:be:ab:
c8:53:af:3b:3c:7a:78:aa:40:ed:43:00:cc:58:4d:
34:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:95:DA:3D:55:4F:4B:4C:91:C5:28:2A:BC:49:C6:57:3D:12:00:9C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/a5XaPVVPS0yRxSgqvEnGVz0SAJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/22
84.32.24.0/21
84.32.40.0/21
84.32.64.0/21
84.32.82.0/23
88.216.0.0/22
88.216.16.0/24
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/24
88.216.90.0/24
88.216.180.0/22
88.216.196.0/22
88.216.209.0-88.216.215.255
Signature Algorithm: sha256WithRSAEncryption
8f:65:9f:66:8c:df:ec:bc:6f:8c:9f:a4:ed:95:61:bb:ff:d4:
e3:ac:0a:11:a7:4b:3d:ab:0e:98:a1:c1:92:d1:4b:f6:58:6e:
0b:25:b5:e9:49:74:47:9e:f1:1a:90:99:86:ce:85:64:79:5c:
3a:da:4e:07:c5:1f:c3:65:a0:7a:8c:f2:45:66:3c:bb:12:53:
8f:22:09:8e:ec:00:6c:ae:ed:c0:b2:fc:dd:17:bc:7c:31:95:
fd:1d:c9:56:10:ec:5c:e3:a3:31:e3:55:a6:5d:b7:ef:fe:aa:
ef:d4:58:8a:70:2d:02:a7:10:23:1a:a3:f0:3e:65:a0:91:3a:
8d:85:13:cb:fd:87:ed:a4:8a:11:11:b6:b7:b3:fc:c4:13:f7:
48:ca:43:d0:ea:43:bf:c8:9c:83:a1:b8:c1:76:3d:40:d9:54:
de:8c:81:80:ee:cb:0f:6d:4a:b5:d8:7f:75:08:5a:27:cb:c9:
28:a7:b4:7a:bd:a0:5a:e4:6c:7c:62:37:8c:b8:94:53:50:d0:
f8:f1:b3:87:c9:ce:d1:51:34:cb:26:6c:87:58:08:29:0c:02:
0d:2b:13:37:8e:6d:06:0d:2f:5a:b8:ec:42:aa:9e:8d:b4:a8:
e5:fb:3c:b9:cf:18:35:5f:1a:14:53:1f:83:09:2b:3e:7b:ae:
76:6f:49:d0
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEAauvLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZmJkNDVmY2UzNTZlMmE2NWYxZTRkMWRhZjc4MTRiNmQ2YmRhM2M1MB4XDTIyMDcw
MTE1NTAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNmI5NWRhM2Q1NTRm
NGI0YzkxYzUyODJhYmM0OWM2NTczZDEyMDA5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIA4d2Cg4ErHUDOyQiKhBSHK11LPsH64qg0HDqbklPGrfH8O
7RYBkbCjGs1U21/t+Mooxc4tCrhlQ6WQq/oenZlpqduqwUgZCVd122Myt8wZ4SL8
LABCWDdzLQdVM9qwz9/PoVGg8YTdJhMmBAyQ3pd/UPbtCMvP/It2JSTs648rjbR/
r4V9GGkblLq5dFfW/G0lNKXDTWjRkJzEfBjH9rZTdM73MmNJhYtpG3QRngFjYePj
086gm8ZX3pNMIPb2+4qQLVVSaqrvLlSjhFpMk7MOsJJMoPUHyBE/NwjLFfcvaCaM
GIhS7Ymj1K06576ryFOvOzx6eKpA7UMAzFhNNEUCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBRrldo9VU9LTJHFKCq8ScZXPRIAnDAfBgNVHSMEGDAWgBRPvUX841bipl8e
TR2veBS21r2jxTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q3MUZfT05XNHFaZkhrMGRyM2dVdHRhOW84VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8x
L2E1WGFQVlZQUzB5UnhTZ3F2RW5HVnowU0FKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
Mzk0YzkzLWRjYTMtNGJjNS04YzliLTIzNDgxYmYwOTFjMy8xL1Q3MUZfT05XNHFa
ZkhrMGRyM2dVdHRhOW84VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwagQCAAEwZAMEAlQgCAMEA1QgGAMEA1QgKAMEA1Qg
QAMEAVQgUgMEAljYAAMEAFjYEDAMAwQAWNgTAwQDWNgQAwQAWNggAwQAWNguAwQA
WNhaAwQCWNi0AwQCWNjEMAwDBABY2NEDBANY2NAwDQYJKoZIhvcNAQELBQADggEB
AI9ln2aM3+y8b4yfpO2VYbv/1OOsChGnSz2rDpihwZLRS/ZYbgsltelJdEee8RqQ
mYbOhWR5XDraTgfFH8NloHqM8kVmPLsSU48iCY7sAGyu7cCy/N0XvHwxlf0dyVYQ
7FzjozHjVaZdt+/+qu/UWIpwLQKnECMao/A+ZaCROo2FE8v9h+2kihERtrez/MQT
90jKQ9DqQ7/InIOhuMF2PUDZVN6MgYDuyw9tSrXYf3UIWifLySintHq9oFrkbHxi
N4y4lFNQ0Pjxs4fJztFRNMsmbIdYCCkMAg0rEzeObQYNL1q47EKqno20qOX7PLnP
GDVfGhRTH4MJKz57rnZvSdA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:31 2023 by rpki-client on console-ams.rpki-client.org