Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iCJHrE_pQr3DhrJEimvUnjhvKbk.roa
File: iCJHrE_pQr3DhrJEimvUnjhvKbk.roa (raw, json)
Hash identifier: oqDaegqEb08B3lR4zn0tRYgRfmFA5mScBUw4PUnGWQk=
Subject key identifier: 88:22:47:AC:4F:E9:42:BD:C3:86:B2:44:8A:6B:D4:9E:38:6F:29:B9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184D199FEF86AAADA1798E239B9EEC5489F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iCJHrE_pQr3DhrJEimvUnjhvKbk.roa
Signing time: Fri 02 Dec 2022 06:50:41 +0000
ROA not before: Fri 02 Dec 2022 06:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
84.32.88.0/23 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.232.0/21 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d1:99:fe:f8:6a:aa:da:17:98:e2:39:b9:ee:c5:48:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 2 06:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=882247ac4fe942bdc386b2448a6bd49e386f29b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:61:67:1e:29:96:47:18:17:77:f6:f2:a4:d4:
f2:b8:93:8d:8b:23:1b:a5:79:63:e7:32:29:03:b6:
2a:61:55:52:f2:f3:85:f3:dc:35:60:78:66:b2:b2:
1c:0e:7a:30:a6:a7:97:88:18:1e:e8:80:f3:ad:e2:
4e:01:2c:14:3f:26:a6:cb:ab:99:f3:f8:1e:dd:fa:
c6:cb:6b:30:d1:c7:01:0a:6a:a4:0a:48:38:6c:7b:
b9:1f:d2:6a:18:79:15:18:50:e7:e3:b6:f8:00:90:
a5:ec:13:ce:55:bb:cd:b1:24:08:29:ea:a4:ef:e9:
9f:f4:2b:0d:01:86:6d:f4:c7:80:22:d2:a7:09:92:
ae:34:4e:70:f4:4e:75:07:c3:a0:35:c4:37:fc:de:
8e:aa:96:61:0b:e3:75:d4:05:15:17:9c:9f:e4:3b:
f2:76:54:c2:1e:2f:08:fb:d8:5c:68:0c:50:a3:be:
7c:f7:e5:c9:2f:fb:56:9a:da:61:24:a0:eb:7a:a5:
e2:5d:5a:58:71:cc:b3:f7:12:30:ca:be:13:9e:b6:
93:60:1c:2a:d4:e1:5a:6d:ac:13:43:89:b4:0c:5a:
68:47:6b:36:28:99:8d:ba:44:cd:fb:02:54:46:62:
a8:6a:22:15:16:a1:f6:89:f8:a7:ab:c8:e3:e4:85:
8e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:22:47:AC:4F:E9:42:BD:C3:86:B2:44:8A:6B:D4:9E:38:6F:29:B9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iCJHrE_pQr3DhrJEimvUnjhvKbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/22
84.32.79.0/24
84.32.88.0/22
84.32.212.0/24
88.216.44.0/23
88.216.128.0/24
88.216.131.0-88.216.135.255
88.216.232.0/21
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:bb:ab:e4:c8:8d:a7:21:74:6c:59:ef:18:73:46:e8:28:6d:
a5:cc:77:07:fa:90:a6:52:ca:c7:43:a6:8d:fa:1e:58:85:78:
88:cc:8a:e0:8d:f1:20:f4:8d:2a:65:08:e5:61:c8:16:cf:d5:
51:c9:2e:49:4d:37:8f:49:a8:ab:32:5e:fd:bf:da:e1:8b:d5:
a9:ad:8f:bd:d0:21:39:ef:de:41:05:06:ca:2a:82:bf:36:e2:
30:53:07:30:a7:ad:24:77:23:07:28:41:56:1e:55:d0:ef:c6:
e6:46:be:bd:f3:53:65:42:56:8b:0b:5e:65:93:21:61:f1:5a:
01:61:df:79:1e:fc:02:f5:ce:86:cb:8e:66:06:4b:fc:66:b4:
1f:be:3a:53:77:0d:9e:7e:b8:ec:90:ff:b1:08:87:17:82:b6:
27:10:e3:38:12:88:6f:ba:22:c4:80:91:e3:11:92:8f:51:1b:
58:e6:2b:a1:33:4d:b0:6e:f3:c1:e9:9d:72:8b:1d:7e:e3:d0:
09:13:48:0f:53:ed:0f:3c:91:da:ea:dc:b0:6f:85:bb:2b:b2:
ec:94:0c:3f:f7:84:14:4e:08:25:ce:6b:3e:00:40:87:6a:bd:
10:d2:5c:e0:0e:92:32:6f:f7:18:e6:03:2d:ce:1b:47:57:10:
83:60:4e:8c
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYTRmf74aqraF5jiObnuxUifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjAyMDY1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODIyNDdhYzRmZTk0MmJkYzM4NmIyNDQ4YTZiZDQ5ZTM4NmYyOWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2FnHimWRxgXd/bypNTyuJONiyMb
pXlj5zIpA7YqYVVS8vOF89w1YHhmsrIcDnowpqeXiBge6IDzreJOASwUPyamy6uZ
8/ge3frGy2sw0ccBCmqkCkg4bHu5H9JqGHkVGFDn47b4AJCl7BPOVbvNsSQIKeqk
7+mf9CsNAYZt9MeAItKnCZKuNE5w9E51B8OgNcQ3/N6OqpZhC+N11AUVF5yf5Dvy
dlTCHi8I+9hcaAxQo7589+XJL/tWmtphJKDreqXiXVpYccyz9xIwyr4TnraTYBwq
1OFabawTQ4m0DFpoR2s2KJmNukTN+wJURmKoaiIVFqH2ifinq8jj5IWOuQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFIgiR6xP6UK9w4ayRIpr1J44bym5MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaUNKSHJFX3BRcjNEaHJKRWltdlVuamh2S2JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQCVCAYAwQA
VCBPAwQCVCBYAwQAVCDUAwQBWNgsAwQAWNiAMAwDBABY2IMDBANY2IADBANY2OgD
BAJY2PgwDQYJKoZIhvcNAQELBQADggEBAAq7q+TIjachdGxZ7xhzRugobaXMdwf6
kKZSysdDpo36HliFeIjMiuCN8SD0jSplCOVhyBbP1VHJLklNN49JqKsyXv2/2uGL
1amtj73QITnv3kEFBsoqgr824jBTBzCnrSR3IwcoQVYeVdDvxuZGvr3zU2VCVosL
XmWTIWHxWgFh33ke/AL1zobLjmYGS/xmtB++OlN3DZ5+uOyQ/7EIhxeCticQ4zgS
iG+6IsSAkeMRko9RG1jmK6EzTbBu88HpnXKLHX7j0AkTSA9T7Q88kdrq3LBvhbsr
suyUDD/3hBROCCXOaz4AQIdqvRDSXOAOkjJv9xjmAy3OG0dXEINgTow=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:34 2024 by rpki-client on console-fra.rpki-client.org