Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fcaULqpDR1ZBIgBmwbbW6uwXGFc.roa
File: fcaULqpDR1ZBIgBmwbbW6uwXGFc.roa (raw, json)
Hash identifier: iKjcFzlsCbquzxIM3zZbCIj6DyN5aulgwdo6psv3BsY=
Subject key identifier: 7D:C6:94:2E:AA:43:47:56:41:22:00:66:C1:B6:D6:EA:EC:17:18:57
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0182AC55C80F6474680FE8BA28A06485BB9E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fcaULqpDR1ZBIgBmwbbW6uwXGFc.roa
Signing time: Wed 17 Aug 2022 15:04:39 +0000
ROA not before: Wed 17 Aug 2022 15:04:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ac:55:c8:0f:64:74:68:0f:e8:ba:28:a0:64:85:bb:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 17 15:04:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7dc6942eaa43475641220066c1b6d6eaec171857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:32:16:1c:56:25:69:72:28:f3:3e:11:6c:9e:
37:cc:c2:b0:e9:05:2d:0d:7d:5f:e5:9a:85:ab:6c:
33:2c:78:db:69:07:ea:25:58:0d:7d:85:a1:d6:aa:
d3:03:7a:e8:ab:fb:46:57:94:fd:11:1d:20:5b:ab:
b7:68:09:db:ca:ff:dd:5b:ee:bb:30:b0:82:5d:d8:
75:36:52:54:f8:21:a2:27:24:d0:5b:cb:4b:16:d7:
2f:93:b2:ac:7f:d4:e4:7f:b9:97:b3:e4:7a:1a:71:
f6:05:2f:4c:cd:c7:67:c2:8d:02:3d:b0:08:2a:ae:
6b:b7:c2:06:e2:15:2a:26:5a:40:5c:64:08:ab:62:
02:bf:c0:17:d2:be:db:cc:9d:d1:bc:a4:b2:9d:f3:
ff:3c:ae:40:e8:8b:38:46:1b:14:ca:84:87:63:e6:
06:27:f4:98:16:08:b3:93:dd:65:da:26:8c:95:df:
0e:a8:c7:08:25:2f:5a:a2:49:77:24:63:f1:ec:3c:
c8:75:46:92:d6:47:da:24:75:ba:ec:c4:38:9f:1f:
06:71:59:f1:a0:52:40:a0:90:35:b4:dd:dc:d3:c2:
0d:37:6d:52:14:dd:ea:38:19:ac:23:fd:e2:7a:12:
57:d8:d6:1e:2b:b1:6e:57:ac:b2:93:99:c1:88:47:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:C6:94:2E:AA:43:47:56:41:22:00:66:C1:B6:D6:EA:EC:17:18:57
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fcaULqpDR1ZBIgBmwbbW6uwXGFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.129.0-88.216.133.255
88.216.224.0/22
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
18:7e:2f:b8:52:8c:c8:fe:8a:ce:50:8a:c0:d5:64:aa:23:7a:
4a:d7:a1:af:32:c6:d7:a4:75:16:4c:e4:e0:a6:64:62:e6:a4:
6a:5d:77:07:f1:24:9e:94:88:cb:88:54:61:a5:c2:1f:b1:df:
24:79:91:eb:cc:fb:18:5c:7f:2f:76:69:5d:59:af:ac:be:5e:
63:74:d5:79:df:31:e2:54:75:7a:c9:52:86:23:46:64:36:29:
8c:24:71:67:b8:91:28:21:7f:46:31:52:c5:2d:17:55:88:84:
f3:35:fd:4a:05:f4:6c:4c:0b:15:20:a0:90:7c:c4:17:d8:ed:
e7:eb:6f:da:7c:a9:d6:d8:bf:26:26:5f:b9:f3:5a:6a:15:80:
a2:dc:08:2a:3f:74:8f:74:db:6e:9b:ca:4b:05:0b:e8:e6:60:
dd:2f:16:5d:4c:7f:61:6c:dc:8e:66:0e:06:7f:e4:11:a3:cf:
1e:ad:fa:09:56:3b:49:51:be:e7:dc:c3:0f:cd:f8:22:d8:db:
49:c2:4d:d3:27:ef:87:92:cf:44:a9:29:0c:41:6b:8c:e6:b4:
5e:f8:17:5d:b4:da:f6:17:54:5a:6b:68:44:7b:60:11:c3:c8:
70:4b:4b:b6:e2:e9:da:48:f3:76:74:b3:64:25:06:d3:d6:e9:
c8:7b:89:31
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYKsVcgPZHRoD+i6KKBkhbueMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODE3MTUwNDM5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGM2OTQyZWFhNDM0NzU2NDEyMjAwNjZjMWI2ZDZlYWVjMTcxODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjIWHFYlaXIo8z4RbJ43zMKw6QUt
DX1f5ZqFq2wzLHjbaQfqJVgNfYWh1qrTA3roq/tGV5T9ER0gW6u3aAnbyv/dW+67
MLCCXdh1NlJU+CGiJyTQW8tLFtcvk7Ksf9Tkf7mXs+R6GnH2BS9Mzcdnwo0CPbAI
Kq5rt8IG4hUqJlpAXGQIq2ICv8AX0r7bzJ3RvKSynfP/PK5A6Is4RhsUyoSHY+YG
J/SYFgizk91l2iaMld8OqMcIJS9aokl3JGPx7DzIdUaS1kfaJHW67MQ4nx8GcVnx
oFJAoJA1tN3c08INN21SFN3qOBmsI/3iehJX2NYeK7FuV6yyk5nBiEckUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFH3GlC6qQ0dWQSIAZsG21ursFxhXMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZmNhVUxxcERSMVpCSWdCbXdiYlc2dXdYR0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCBTAwQA
WNghMAwDBABY2IEDBAFY2IQDBAJY2OADBAJY2OgwDQYJKoZIhvcNAQELBQADggEB
ABh+L7hSjMj+is5QisDVZKojekrXoa8yxtekdRZM5OCmZGLmpGpddwfxJJ6UiMuI
VGGlwh+x3yR5kevM+xhcfy92aV1Zr6y+XmN01XnfMeJUdXrJUoYjRmQ2KYwkcWe4
kSghf0YxUsUtF1WIhPM1/UoF9GxMCxUgoJB8xBfY7efrb9p8qdbYvyYmX7nzWmoV
gKLcCCo/dI90226byksFC+jmYN0vFl1Mf2Fs3I5mDgZ/5BGjzx6t+glWO0lRvufc
ww/N+CLY20nCTdMn74eSz0SpKQxBa4zmtF74F1202vYXVFpraER7YBHDyHBLS7bi
6dpI83Z0s2QlBtPW6ch7iTE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org