Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gbRp-iznff22E1Kj4xq4-5SkYd8.roa
File: gbRp-iznff22E1Kj4xq4-5SkYd8.roa (raw, json)
Hash identifier: vUULol9PWXe/JhZHQCA9vL19M3arnDS2oqBVe0dP8Sc=
Subject key identifier: 81:B4:69:FA:2C:E7:7D:FD:B6:13:52:A3:E3:1A:B8:FB:94:A4:61:DF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183A2D8449C3017C610368DC79FA1DEDE0D
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gbRp-iznff22E1Kj4xq4-5SkYd8.roa
Signing time: Tue 04 Oct 2022 11:53:45 +0000
ROA not before: Tue 04 Oct 2022 11:53:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a2:d8:44:9c:30:17:c6:10:36:8d:c7:9f:a1:de:de:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 4 11:53:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=81b469fa2ce77dfdb61352a3e31ab8fb94a461df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:bc:ac:dc:c7:2f:56:61:ed:26:81:84:21:6d:
22:0c:22:b2:7e:93:95:66:8f:9e:ee:9d:de:de:c4:
2d:46:a8:87:c7:e8:56:15:0e:e3:55:d6:51:b1:d0:
48:6e:3c:6d:ff:45:84:e9:a9:ca:e6:de:23:f3:9e:
7e:4a:87:42:92:12:77:51:31:2c:fb:04:55:5c:6b:
51:25:d8:d0:c7:ba:01:26:e0:25:0c:1a:fd:0d:8e:
97:c2:df:7e:9a:9c:dc:a4:f0:04:2b:e1:25:49:74:
86:64:3e:8f:8f:6c:2a:5f:fb:7e:a9:97:b7:aa:ea:
a0:af:1f:0d:b0:54:e5:55:4b:48:cb:35:15:4d:22:
fe:9a:1b:29:cb:43:1d:c7:76:f0:43:31:eb:cc:20:
99:69:d4:af:48:3e:4f:e1:12:03:92:1a:3e:34:e2:
30:12:8f:7d:8e:64:83:33:85:c5:5b:5b:82:01:a7:
74:a9:0a:be:11:27:8e:16:48:27:03:9b:7f:1f:d6:
fd:8e:3d:51:5c:e3:f5:03:7e:d0:b0:7f:91:fd:9e:
e2:b6:e8:03:48:ee:c8:7e:6e:9d:2d:52:36:3f:79:
3d:33:e6:d4:a5:52:c5:44:12:a1:1d:c0:20:a6:65:
16:8b:81:1c:c2:e1:b6:c0:08:87:02:a9:42:e5:d5:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:B4:69:FA:2C:E7:7D:FD:B6:13:52:A3:E3:1A:B8:FB:94:A4:61:DF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gbRp-iznff22E1Kj4xq4-5SkYd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.130.0-88.216.133.255
88.216.224.0/22
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:27:16:41:a4:8f:fb:3f:2b:00:84:0f:e3:a9:d5:5f:0a:1c:
41:e2:26:d7:2e:21:7e:30:8e:79:1e:b0:98:ad:7a:17:c2:df:
41:a2:ed:7a:bc:b0:bb:71:9a:3d:76:5e:1b:f8:14:d9:33:44:
66:83:a9:a5:3a:0e:51:96:1d:35:6d:5f:e2:31:77:32:cf:94:
b8:03:74:f0:15:43:5a:59:97:7d:3b:28:65:bf:a0:3e:10:b4:
ad:ae:90:4b:8f:8a:49:25:18:f9:ba:ad:ab:c3:97:9f:60:ae:
29:37:92:15:41:69:96:1b:50:94:ac:c8:8f:d7:55:a6:40:64:
88:ea:3c:21:13:e1:b7:1c:de:a7:d7:5a:fb:8c:18:28:ee:0e:
72:e5:a3:09:d2:69:53:1a:9f:05:42:52:ab:41:a6:6c:10:ab:
c5:f9:30:c8:65:a9:b8:ff:fe:d7:ff:da:91:88:be:58:58:c3:
97:84:66:ac:52:7e:ca:9e:cf:67:30:8d:26:b5:33:36:9d:e8:
e8:8c:bf:23:4f:dd:1c:03:e9:87:a9:15:99:88:e2:71:90:63:
76:f8:bc:a6:bd:bf:d8:04:7b:0d:57:75:27:a0:23:e9:a1:7a:
27:74:38:7d:88:0d:6f:a2:08:eb:dc:39:11:f2:3f:6c:a1:de:
39:53:0f:2b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYOi2EScMBfGEDaNx5+h3t4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDA0MTE1MzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWI0NjlmYTJjZTc3ZGZkYjYxMzUyYTNlMzFhYjhmYjk0YTQ2MWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1bys3McvVmHtJoGEIW0iDCKyfpOV
Zo+e7p3e3sQtRqiHx+hWFQ7jVdZRsdBIbjxt/0WE6anK5t4j855+SodCkhJ3UTEs
+wRVXGtRJdjQx7oBJuAlDBr9DY6Xwt9+mpzcpPAEK+ElSXSGZD6Pj2wqX/t+qZe3
quqgrx8NsFTlVUtIyzUVTSL+mhspy0Mdx3bwQzHrzCCZadSvSD5P4RIDkho+NOIw
Eo99jmSDM4XFW1uCAad0qQq+ESeOFkgnA5t/H9b9jj1RXOP1A37QsH+R/Z7itugD
SO7Ifm6dLVI2P3k9M+bUpVLFRBKhHcAgpmUWi4EcwuG2wAiHAqlC5dUfiQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIG0afos5339thNSo+MauPuUpGHfMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZ2JScC1pem5mZjIyRTFLajR4cTQtNVNrWWQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCBTAwQA
WNghMAwDBAFY2IIDBAFY2IQDBAJY2OADBAJY2OgwDQYJKoZIhvcNAQELBQADggEB
AIonFkGkj/s/KwCED+Op1V8KHEHiJtcuIX4wjnkesJitehfC30Gi7Xq8sLtxmj12
Xhv4FNkzRGaDqaU6DlGWHTVtX+IxdzLPlLgDdPAVQ1pZl307KGW/oD4QtK2ukEuP
ikklGPm6ravDl59grik3khVBaZYbUJSsyI/XVaZAZIjqPCET4bcc3qfXWvuMGCju
DnLlownSaVManwVCUqtBpmwQq8X5MMhlqbj//tf/2pGIvlhYw5eEZqxSfsqez2cw
jSa1Mzad6OiMvyNP3RwD6YepFZmI4nGQY3b4vKa9v9gEew1XdSegI+mheid0OH2I
DW+iCOvcORHyP2yh3jlTDys=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org