Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktFCoXpq1iUjNSz5aW1RaZdqBe8.roa
File: ktFCoXpq1iUjNSz5aW1RaZdqBe8.roa (raw, json)
Hash identifier: GJfQB3D+RchPd3a7rEOS8J8P8+1/D/ePvFLX0YPQ/S0=
Subject key identifier: 92:D1:42:A1:7A:6A:D6:25:23:35:2C:F9:69:6D:51:69:97:6A:05:EF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183FB6EEC6274BA161C1B980EE6CF3EBE98
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktFCoXpq1iUjNSz5aW1RaZdqBe8.roa
Signing time: Fri 21 Oct 2022 16:44:54 +0000
ROA not before: Fri 21 Oct 2022 16:44:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
88.216.210.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
88.216.224.0/21 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.22.0/24 maxlen: 24
88.216.19.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.240.0/21 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.248.0/21 maxlen: 24
88.216.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:6e:ec:62:74:ba:16:1c:1b:98:0e:e6:cf:3e:be:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 21 16:44:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=92d142a17a6ad62523352cf9696d5169976a05ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:fe:2e:e7:ef:c7:96:a0:f9:97:98:e4:57:1c:
00:48:ce:ca:e1:3a:eb:82:e6:91:9c:de:23:69:19:
cd:5f:28:ef:34:da:fa:25:9e:f2:4d:72:7c:19:91:
53:e1:6f:d5:b6:f2:38:ca:d5:4f:cb:15:e8:c6:63:
c2:27:03:91:db:ee:b8:c5:1f:39:a7:7d:20:54:07:
27:ff:08:5e:12:3f:81:42:65:6d:29:c4:62:c7:fd:
d6:07:4b:e6:be:0d:6a:30:fd:db:18:eb:3a:12:89:
2f:80:14:6f:bc:43:9b:0c:00:24:fb:6f:06:42:41:
f9:9a:d6:3e:ba:92:0d:17:2c:1c:1a:8b:17:f0:7d:
d9:07:57:55:9f:2a:89:f0:d5:59:63:c2:e6:b6:54:
c2:4c:a9:79:61:96:72:c3:59:2c:4e:3a:38:53:4b:
f9:98:3c:58:7a:45:e4:66:e9:56:cd:af:d9:69:19:
91:e8:4e:8e:eb:79:8a:8d:ed:26:d6:e9:31:c4:06:
99:a5:d3:47:09:18:db:9d:56:e9:9b:a9:3d:c2:ce:
4e:8a:fe:e1:8e:65:b2:61:55:50:a9:3a:b3:fc:24:
11:96:86:55:68:b2:c6:73:16:ce:9b:55:ea:e2:be:
1e:ba:01:f5:48:10:d4:21:0a:24:2f:28:85:89:ff:
0d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:D1:42:A1:7A:6A:D6:25:23:35:2C:F9:69:6D:51:69:97:6A:05:EF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ktFCoXpq1iUjNSz5aW1RaZdqBe8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
88.216.19.0-88.216.23.255
88.216.32.0/24
88.216.46.0/24
88.216.98.0/24
88.216.209.0-88.216.211.255
88.216.224.0/21
88.216.240.0/20
Signature Algorithm: sha256WithRSAEncryption
9e:d1:c3:ef:37:ed:a6:0c:af:fb:3e:e9:89:de:0f:be:f4:93:
63:09:e5:56:81:49:c3:54:2d:87:7d:26:0b:f7:48:3d:11:06:
d0:f7:2a:54:50:1c:fb:4a:be:8c:77:6a:76:fe:e5:80:cb:1e:
6d:06:0d:26:3f:3d:b5:aa:d8:e1:bb:e8:91:07:4a:6f:48:07:
f8:3e:69:38:98:fc:42:d5:9c:b8:2c:fb:d5:35:7f:62:35:ec:
59:7a:6d:7a:69:eb:40:81:f9:db:87:1a:b1:60:aa:b4:b5:b0:
22:f4:85:b2:15:c0:ca:5f:24:31:40:01:1c:24:dc:49:d0:3e:
db:59:81:62:1e:f7:63:6c:9d:b1:89:78:2e:7f:13:ff:10:02:
da:bb:bb:9f:6d:88:10:a7:f2:4a:7b:40:a3:15:e9:4c:88:43:
1f:0d:3a:bb:10:f5:5e:38:d3:98:89:0d:7d:9e:4f:15:49:c1:
ec:22:06:2b:c3:d8:80:ec:54:f8:b4:0f:df:4b:91:33:3e:b1:
03:fa:08:a8:74:86:c0:84:bb:5d:e9:6a:fd:47:93:48:3e:44:
3c:a5:ed:8d:b5:95:ed:82:5d:1a:29:d3:44:b1:47:7c:5d:53:
96:63:06:b8:e8:b6:9c:13:48:23:9d:1b:80:3d:8b:51:e6:5d:
5c:2e:2f:90
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYP7buxidLoWHBuYDubPPr6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDIxMTY0NDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmQxNDJhMTdhNmFkNjI1MjMzNTJjZjk2OTZkNTE2OTk3NmEwNWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/4u5+/HlqD5l5jkVxwASM7K4Trr
guaRnN4jaRnNXyjvNNr6JZ7yTXJ8GZFT4W/VtvI4ytVPyxXoxmPCJwOR2+64xR85
p30gVAcn/wheEj+BQmVtKcRix/3WB0vmvg1qMP3bGOs6EokvgBRvvEObDAAk+28G
QkH5mtY+upINFywcGosX8H3ZB1dVnyqJ8NVZY8LmtlTCTKl5YZZyw1ksTjo4U0v5
mDxYekXkZulWza/ZaRmR6E6O63mKje0m1ukxxAaZpdNHCRjbnVbpm6k9ws5Oiv7h
jmWyYVVQqTqz/CQRloZVaLLGcxbOm1Xq4r4eugH1SBDUIQokLyiFif8N8wIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFJLRQqF6atYlIzUs+WltUWmXagXvMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEva3RGQ29YcHExaVVqTlN6NWFXMVJhWmRxQmU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAVCAGAwQC
VCA0MAwDBABY2BMDBANY2BADBABY2CADBABY2C4DBABY2GIwDAMEAFjY0QMEAljY
0AMEA1jY4AMEBFjY8DANBgkqhkiG9w0BAQsFAAOCAQEAntHD7zftpgyv+z7pid4P
vvSTYwnlVoFJw1Qth30mC/dIPREG0PcqVFAc+0q+jHdqdv7lgMsebQYNJj89tarY
4bvokQdKb0gH+D5pOJj8QtWcuCz71TV/YjXsWXptemnrQIH524casWCqtLWwIvSF
shXAyl8kMUABHCTcSdA+21mBYh73Y2ydsYl4Ln8T/xAC2ru7n22IEKfySntAoxXp
TIhDHw06uxD1XjjTmIkNfZ5PFUnB7CIGK8PYgOxU+LQP30uRMz6xA/oIqHSGwIS7
Xelq/UeTSD5EPKXtjbWV7YJdGinTRLFHfF1TlmMGuOi2nBNII50bgD2LUeZdXC4v
kA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org