Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iJ5zsbELCb_GCwHHBJ1I0umoXXU.roa
File: iJ5zsbELCb_GCwHHBJ1I0umoXXU.roa (raw, json)
Hash identifier: D1LL7I1jjEjZ5GkNjZagQiKONr/GglqABkGOHF4+3RQ=
Subject key identifier: 88:9E:73:B1:B1:0B:09:BF:C6:0B:01:C7:04:9D:48:D2:E9:A8:5D:75
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184C220810D0E0F4912AEEA2D8058DD038F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iJ5zsbELCb_GCwHHBJ1I0umoXXU.roa
Signing time: Tue 29 Nov 2022 06:43:40 +0000
ROA not before: Tue 29 Nov 2022 06:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 88.216.180.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c2:20:81:0d:0e:0f:49:12:ae:ea:2d:80:58:dd:03:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 29 06:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=889e73b1b10b09bfc60b01c7049d48d2e9a85d75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b7:84:a6:e4:58:4d:d5:7f:73:4f:7d:ce:32:
d4:f1:1f:1a:45:a9:b5:36:4d:01:68:34:84:26:9f:
04:b7:9a:52:91:8f:3d:36:37:7d:b8:ca:b8:bf:9a:
54:f6:06:fd:05:cb:00:0b:20:ef:71:95:3a:75:8e:
17:4c:9b:2b:8f:97:39:fe:c5:0b:08:33:1c:4c:05:
6f:09:65:36:f3:b1:a6:23:6d:31:a5:0a:c5:a8:45:
75:84:77:b8:52:ff:61:79:3a:b3:33:77:e3:3e:55:
e0:9b:25:16:1e:59:92:6b:3f:38:2a:f9:6f:f3:de:
7e:81:7f:5b:b9:c7:a0:09:77:b3:c4:e5:e1:ad:b3:
d1:c5:ac:cc:b6:7b:cb:e0:1f:66:e9:32:3b:71:69:
e8:cf:46:de:69:8f:a0:3a:2e:19:14:56:46:d4:2c:
1d:95:af:99:a3:4e:68:d5:f4:33:03:b7:b3:d6:b2:
69:3a:28:cc:38:ac:9a:1c:37:f9:cd:a3:23:40:0c:
8d:19:36:7c:99:4b:37:0c:ac:ab:5e:ed:f1:99:61:
6d:c2:9f:b6:62:4d:fb:ae:5a:8b:ee:94:c4:9f:d6:
71:47:fa:33:b5:45:e5:a4:60:ca:c9:7a:92:e8:44:
3c:32:b7:1b:19:59:5e:05:04:72:83:6c:ef:f4:af:
80:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9E:73:B1:B1:0B:09:BF:C6:0B:01:C7:04:9D:48:D2:E9:A8:5D:75
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/iJ5zsbELCb_GCwHHBJ1I0umoXXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.95.0/24
84.32.228.0/24
88.216.2.0/24
88.216.34.0/24
88.216.36.0/24
88.216.180.0/24
Signature Algorithm: sha256WithRSAEncryption
79:5b:54:d2:b0:f6:e1:1b:cf:45:3a:77:91:c8:a9:46:15:7e:
1c:d3:5d:81:c5:eb:55:75:15:99:6b:6f:bf:49:de:de:eb:08:
26:0d:ef:56:73:00:62:54:df:5f:2b:b5:ab:b4:bb:ff:aa:f3:
43:4a:c9:b8:f4:a2:0b:b7:d8:e8:f0:ae:e4:7d:26:22:0a:5a:
0c:ff:3c:b4:ea:ad:96:b5:bf:97:99:cc:06:a7:07:02:13:1e:
22:cf:65:3f:ac:11:1d:23:2f:b0:fd:68:24:59:ea:d4:1c:c2:
c2:83:de:cb:c4:b3:65:c7:b8:c7:a3:9b:31:60:b9:39:f8:dc:
a0:7e:0e:a9:ed:90:ee:93:8f:5c:e1:83:7f:62:fc:a8:0e:06:
fa:95:63:f4:2f:db:94:31:95:d8:af:7b:7d:2f:fb:18:d0:76:
6a:4a:c2:e7:57:79:e2:da:df:9a:19:f5:a2:5e:22:f7:db:56:
6f:ad:c7:1a:09:82:73:0e:df:e1:ed:0f:c7:62:4d:7d:66:b0:
90:40:ea:cf:a8:9a:f3:17:e5:1d:c4:0b:bd:70:23:14:a8:a4:
38:7b:df:f7:1e:87:5e:b8:c1:cb:b3:6f:43:52:3f:59:51:0a:
d4:9a:85:e2:7b:7f:00:28:3f:92:f8:31:88:10:f7:b0:39:85:
00:0c:9b:0b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTCIIENDg9JEq7qLYBY3QOPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI5MDY0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODllNzNiMWIxMGIwOWJmYzYwYjAxYzcwNDlkNDhkMmU5YTg1ZDc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoreEpuRYTdV/c099zjLU8R8aRam1
Nk0BaDSEJp8Et5pSkY89Njd9uMq4v5pU9gb9BcsACyDvcZU6dY4XTJsrj5c5/sUL
CDMcTAVvCWU287GmI20xpQrFqEV1hHe4Uv9heTqzM3fjPlXgmyUWHlmSaz84Kvlv
895+gX9bucegCXezxOXhrbPRxazMtnvL4B9m6TI7cWnoz0beaY+gOi4ZFFZG1Cwd
la+Zo05o1fQzA7ez1rJpOijMOKyaHDf5zaMjQAyNGTZ8mUs3DKyrXu3xmWFtwp+2
Yk37rlqL7pTEn9ZxR/oztUXlpGDKyXqS6EQ8MrcbGVleBQRyg2zv9K+A1QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIiec7GxCwm/xgsBxwSdSNLpqF11MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaUo1enNiRUxDYl9HQ3dISEJKMUkwdW1vWFhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCBfAwQA
VCDkAwQAWNgCAwQAWNgiAwQAWNgkAwQAWNi0MA0GCSqGSIb3DQEBCwUAA4IBAQB5
W1TSsPbhG89FOneRyKlGFX4c012BxetVdRWZa2+/Sd7e6wgmDe9WcwBiVN9fK7Wr
tLv/qvNDSsm49KILt9jo8K7kfSYiCloM/zy06q2Wtb+XmcwGpwcCEx4iz2U/rBEd
Iy+w/WgkWerUHMLCg97LxLNlx7jHo5sxYLk5+Nygfg6p7ZDuk49c4YN/YvyoDgb6
lWP0L9uUMZXYr3t9L/sY0HZqSsLnV3ni2t+aGfWiXiL321ZvrccaCYJzDt/h7Q/H
Yk19ZrCQQOrPqJrzF+UdxAu9cCMUqKQ4e9/3HodeuMHLs29DUj9ZUQrUmoXie38A
KD+S+DGIEPewOYUADJsL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org