Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hEgrI9MG91TjWZsRsoRjvoZOmWw.roa
File: hEgrI9MG91TjWZsRsoRjvoZOmWw.roa (raw, json)
Hash identifier: RcvWmKnclEkgVKmuTM+Q8ofFSO1dE6t5oqLutNcNolE=
Subject key identifier: 84:48:2B:23:D3:06:F7:54:E3:59:9B:11:B2:84:63:BE:86:4E:99:6C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C9799C0905BE5EC0333767F45256D0
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hEgrI9MG91TjWZsRsoRjvoZOmWw.roa
Signing time: Thu 08 Dec 2022 17:30:00 +0000
ROA not before: Thu 08 Dec 2022 17:30:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 84.32.174.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c9:79:9c:09:05:be:5e:c0:33:37:67:f4:52:56:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:30:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84482b23d306f754e3599b11b28463be864e996c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0a:e8:2d:93:49:45:6b:b6:e4:d7:5e:ee:03:
20:b9:8c:20:5a:73:b6:24:da:d0:c5:f6:21:06:66:
de:f4:5e:09:f4:d1:f3:3b:e7:5b:82:ee:34:cf:d2:
ce:50:d5:ae:ac:ff:8a:ff:df:05:5a:f8:61:51:48:
5b:b5:c1:46:c6:d9:85:a7:99:8a:04:a5:88:91:b9:
64:cc:5c:e6:18:95:4e:9f:15:98:0c:06:c1:08:4b:
5d:86:42:19:a9:ce:e6:8b:15:21:54:be:0a:e0:b4:
99:16:bc:c8:12:7a:ff:bf:5c:ec:4c:e2:53:d2:78:
64:f6:81:ba:c1:41:2b:9a:5c:36:4d:ba:93:37:8c:
01:6e:68:03:7f:a6:d2:e8:8d:b8:b2:3e:44:2f:ef:
47:0c:11:27:02:77:79:92:0a:2f:93:d9:1e:46:c7:
8e:f0:de:93:0b:83:dd:80:a5:fc:03:c3:69:63:a9:
7f:04:ca:50:5c:ca:40:26:12:e9:96:ce:d8:8f:25:
2c:cf:8b:82:e4:21:e5:76:a2:f3:bb:db:09:ed:81:
39:3f:d1:84:09:95:22:65:70:e1:fe:32:b0:58:a2:
d6:db:8f:ea:cd:af:18:89:fd:94:cc:ec:4c:ce:f8:
75:a7:9c:a8:d8:8b:41:d4:7a:04:2a:ed:df:db:e8:
72:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:48:2B:23:D3:06:F7:54:E3:59:9B:11:B2:84:63:BE:86:4E:99:6C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/hEgrI9MG91TjWZsRsoRjvoZOmWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.174.0/24
84.32.213.0/24
84.32.240.0/24
84.32.243.0/24
84.32.249.0/24
84.32.251.0/24
88.216.90.0/24
88.216.181.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:c1:d8:ce:a9:2d:32:c8:9d:7a:13:e5:75:43:7e:f9:91:f3:
fd:34:75:99:3c:03:e3:6c:f4:48:b3:8a:ff:53:9b:e9:39:cd:
54:5b:e8:94:3e:03:eb:8c:7f:13:f0:42:d3:bb:78:7f:f5:44:
a0:cf:ce:1d:a9:28:ae:42:97:44:af:41:58:c4:50:00:73:8f:
06:0d:db:18:97:5d:9e:a6:10:4c:6f:ab:b8:a7:92:bc:73:e9:
19:99:11:af:3a:6e:39:f1:14:f1:46:f2:ac:f3:2b:6c:99:21:
7b:74:c8:3b:36:4e:db:91:77:54:a9:08:61:64:cd:d3:64:1d:
ba:16:67:36:f7:c5:c4:99:2a:1f:3a:b1:18:2d:f4:80:18:cb:
9c:c6:bf:62:b3:b9:a4:38:0b:a3:dd:44:dc:02:8a:55:79:ae:
10:63:41:41:2f:1b:20:25:d4:9c:41:ec:f2:0c:65:ca:ee:35:
07:ef:2d:f2:92:22:2b:5b:47:f8:91:55:c2:b5:02:23:9e:49:
7b:2a:45:a9:32:4f:51:e2:11:7b:76:30:b1:c3:c1:48:e4:5d:
bd:bb:96:b4:c4:ac:60:43:d3:29:d7:29:d6:a4:bc:08:64:be:
c8:a4:3c:e3:83:af:31:38:97:3b:b0:8d:06:b3:0a:f1:f3:f7:
87:b0:a2:1c
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYTyyXmcCQW+XsAzN2f0UlbQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTczMDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ4MmIyM2QzMDZmNzU0ZTM1OTliMTFiMjg0NjNiZTg2NGU5OTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAroLZNJRWu25Nde7gMguYwgWnO2
JNrQxfYhBmbe9F4J9NHzO+dbgu40z9LOUNWurP+K/98FWvhhUUhbtcFGxtmFp5mK
BKWIkblkzFzmGJVOnxWYDAbBCEtdhkIZqc7mixUhVL4K4LSZFrzIEnr/v1zsTOJT
0nhk9oG6wUErmlw2TbqTN4wBbmgDf6bS6I24sj5EL+9HDBEnAnd5kgovk9keRseO
8N6TC4PdgKX8A8NpY6l/BMpQXMpAJhLpls7YjyUsz4uC5CHldqLzu9sJ7YE5P9GE
CZUiZXDh/jKwWKLW24/qza8Yif2UzOxMzvh1p5yo2ItB1HoEKu3f2+hynwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFIRIKyPTBvdU41mbEbKEY76GTplsMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaEVnckk5TUc5MVRqV1pzUnNvUmp2b1pPbVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCCuAwQA
VCDVAwQAVCDwAwQAVCDzAwQAVCD5AwQAVCD7AwQAWNhaAwQAWNi1MA0GCSqGSIb3
DQEBCwUAA4IBAQBKwdjOqS0yyJ16E+V1Q375kfP9NHWZPAPjbPRIs4r/U5vpOc1U
W+iUPgPrjH8T8ELTu3h/9USgz84dqSiuQpdEr0FYxFAAc48GDdsYl12ephBMb6u4
p5K8c+kZmRGvOm458RTxRvKs8ytsmSF7dMg7Nk7bkXdUqQhhZM3TZB26Fmc298XE
mSofOrEYLfSAGMucxr9is7mkOAuj3UTcAopVea4QY0FBLxsgJdScQezyDGXK7jUH
7y3ykiIrW0f4kVXCtQIjnkl7KkWpMk9R4hF7djCxw8FI5F29u5a0xKxgQ9Mp1ynW
pLwIZL7IpDzjg68xOJc7sI0Gswrx8/eHsKIc
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org