Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bUhRNi75eEObQr1NiuAH4hJDBFU.roa
File: bUhRNi75eEObQr1NiuAH4hJDBFU.roa (raw, json)
Hash identifier: b/ysLZZ7WQ+KRbEEQmSukZM0fAvklXxGD6kZekOCwo8=
Subject key identifier: 6D:48:51:36:2E:F9:78:43:9B:42:BD:4D:8A:E0:07:E2:12:43:04:55
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018446A1A77E6DCA50EC238E08B5480C8C09
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bUhRNi75eEObQr1NiuAH4hJDBFU.roa
Signing time: Sat 05 Nov 2022 07:11:50 +0000
ROA not before: Sat 05 Nov 2022 07:11:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.82.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
84.32.4.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:a1:a7:7e:6d:ca:50:ec:23:8e:08:b5:48:0c:8c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 5 07:11:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=6d4851362ef978439b42bd4d8ae007e212430455
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:be:c9:a9:98:6c:b9:4a:69:6f:c2:c6:c3:
dd:77:91:ca:66:9f:5e:e9:51:fd:75:21:01:c1:e3:
e6:1c:1a:96:92:3a:85:fe:95:06:e9:28:4e:92:57:
55:b4:0d:1d:d4:a3:f5:e3:08:90:d8:41:7f:35:f8:
b4:e8:78:2d:71:f0:dd:9c:88:aa:45:93:ff:8a:42:
3e:66:86:50:2f:29:ba:ae:87:5a:05:26:73:b4:66:
93:e7:bc:c1:51:07:b9:b8:bc:f9:60:09:53:7d:59:
4f:78:50:49:a5:a4:85:81:11:96:7c:ad:ea:8b:d4:
72:99:73:0b:d0:9f:2f:4f:aa:62:78:e6:ff:47:0c:
75:40:25:b2:88:19:35:c5:20:f2:5e:3d:9f:64:89:
29:94:a3:3a:a5:91:0e:6f:4f:67:23:d3:7a:36:42:
e5:f3:c5:85:e4:ec:73:d9:58:a4:44:82:88:1e:0d:
18:16:9e:3d:2e:71:5e:d7:40:98:6f:48:5c:14:46:
e3:de:57:b5:75:1a:4d:54:04:ea:ba:78:b8:4b:13:
f9:24:7b:d0:85:2c:84:fb:f2:de:08:a9:14:21:7f:
2c:96:91:f5:01:7f:ec:3f:55:39:cd:32:11:de:1c:
d9:54:1b:c1:b9:c0:23:a6:5e:6b:c2:29:4b:30:ce:
e4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:48:51:36:2E:F9:78:43:9B:42:BD:4D:8A:E0:07:E2:12:43:04:55
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/bUhRNi75eEObQr1NiuAH4hJDBFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.64.0/24
84.32.70.0/24
84.32.82.0/24
88.216.18.0/24
88.216.42.0/24
88.216.96.0/24
88.216.128.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
8a:4a:72:cc:b3:a5:cb:e6:d8:6f:52:a2:2c:0f:7a:5e:5c:b9:
16:c2:d2:b7:73:1a:68:86:81:44:ff:75:7b:bd:41:c9:29:42:
56:43:70:47:71:1b:fc:6b:25:3c:a2:db:59:c5:40:70:15:4b:
85:a3:8c:b9:f5:04:24:c9:93:a5:6b:7d:84:cc:5f:5f:35:0e:
11:54:12:7e:15:0f:ef:ef:89:8f:e2:a4:10:d9:e3:2d:42:fd:
af:ce:14:95:73:80:0a:16:ad:49:f0:e0:64:1d:16:78:75:c3:
97:2f:20:c3:f7:98:d4:73:73:4d:7d:74:9f:5d:c6:a4:94:fc:
dc:02:b4:36:cb:79:13:3b:5c:d1:2d:5e:49:cb:c1:bb:80:b4:
ee:6b:df:e8:49:29:ba:a2:0e:ff:78:ec:b6:3e:e3:c0:77:9c:
95:25:fc:46:0e:90:80:79:1b:4a:da:e9:00:c8:77:25:f5:76:
e4:f9:b4:70:ba:c9:76:f5:3b:8d:3f:b4:1e:75:00:a1:c8:13:
8d:2a:6b:93:1c:4f:4d:98:51:ae:ec:bc:e4:e1:3c:c9:9b:6f:
04:5e:7c:2a:8f:3d:c2:e1:22:2d:60:94:1d:cc:c2:ce:9b:16:
0d:6e:da:f1:6b:96:d7:73:21:28:9c:15:ad:c5:a2:1d:ee:c7:
fb:87:c5:6a
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYRGoad+bcpQ7COOCLVIDIwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTA1MDcxMTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQ4NTEzNjJlZjk3ODQzOWI0MmJkNGQ4YWUwMDdlMjEyNDMwNDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNC+yamYbLlKaW/CxsPdd5HKZp9e
6VH9dSEBwePmHBqWkjqF/pUG6ShOkldVtA0d1KP14wiQ2EF/Nfi06HgtcfDdnIiq
RZP/ikI+ZoZQLym6rodaBSZztGaT57zBUQe5uLz5YAlTfVlPeFBJpaSFgRGWfK3q
i9RymXML0J8vT6pieOb/Rwx1QCWyiBk1xSDyXj2fZIkplKM6pZEOb09nI9N6NkLl
88WF5Oxz2VikRIKIHg0YFp49LnFe10CYb0hcFEbj3le1dRpNVATquni4SxP5JHvQ
hSyE+/LeCKkUIX8slpH1AX/sP1U5zTIR3hzZVBvBucAjpl5rwilLMM7k1QIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFG1IUTYu+XhDm0K9TYrgB+ISQwRVMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvYlVoUk5pNzVlRU9iUXIxTml1QUg0aEpEQkZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAVCAEAwQA
VCBAAwQAVCBGAwQAVCBSAwQAWNgSAwQAWNgqAwQAWNhgAwQAWNiAMAwDBABY2LkD
BABY2LowDQYJKoZIhvcNAQELBQADggEBAIpKcsyzpcvm2G9SoiwPel5cuRbC0rdz
GmiGgUT/dXu9QckpQlZDcEdxG/xrJTyi21nFQHAVS4WjjLn1BCTJk6VrfYTMX181
DhFUEn4VD+/viY/ipBDZ4y1C/a/OFJVzgAoWrUnw4GQdFnh1w5cvIMP3mNRzc019
dJ9dxqSU/NwCtDbLeRM7XNEtXknLwbuAtO5r3+hJKbqiDv947LY+48B3nJUl/EYO
kIB5G0ra6QDIdyX1duT5tHC6yXb1O40/tB51AKHIE40qa5McT02YUa7svOThPMmb
bwRefCqPPcLhIi1glB3Mws6bFg1u2vFrltdzISicFa3Foh3ux/uHxWo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-fra.rpki-client.org