Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lSPpWVXIxW4fWKkLIvCnFaz_uQs.roa
File: lSPpWVXIxW4fWKkLIvCnFaz_uQs.roa (raw, json)
Hash identifier: 80aZcfSg93CRhcer9xH/4ZhlgcB7y+CENuXOC48J4C8=
Subject key identifier: 95:23:E9:59:55:C8:C5:6E:1F:58:A9:0B:22:F0:A7:15:AC:FF:B9:0B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E843FC145949725A3F68D70ABC4E3237
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lSPpWVXIxW4fWKkLIvCnFaz_uQs.roa
Signing time: Tue 06 Dec 2022 16:28:00 +0000
ROA not before: Tue 06 Dec 2022 16:28:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.28.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
88.216.95.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:43:fc:14:59:49:72:5a:3f:68:d7:0a:bc:4e:32:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 6 16:28:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9523e95955c8c56e1f58a90b22f0a715acffb90b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:85:7a:61:64:1b:35:ed:b6:d6:6f:1f:80:7c:
ca:71:f9:71:c1:8a:5b:06:08:69:51:fe:4f:b9:29:
f6:9e:36:e9:64:e9:c8:ea:c1:90:b1:11:fb:fb:5f:
70:1e:22:dd:c4:6b:d7:49:4b:2a:4f:85:fe:9b:80:
dd:5c:9e:8e:f0:13:1f:ca:c9:bb:79:98:c7:ac:e7:
c2:f3:fd:9a:68:18:d3:ec:1b:af:09:0c:08:c1:38:
d8:52:a4:81:fe:bf:c3:f1:2d:3c:62:5c:cb:91:4b:
dd:8f:34:c2:93:d7:5f:39:3b:b4:01:41:f4:a5:fc:
60:87:28:1b:46:b3:ed:25:60:33:97:33:67:5d:10:
49:76:b9:99:f7:c5:2b:7a:15:dc:7b:81:a5:11:f5:
1e:5d:2e:d9:cf:1d:00:14:db:d5:ca:e8:51:10:43:
95:50:7f:34:3f:1b:1c:f9:ab:6e:2e:a0:a5:0a:4d:
29:d9:6a:ce:e4:68:82:37:98:61:62:03:6d:48:58:
3b:8a:86:2d:07:d7:a4:46:25:c8:87:b0:0c:80:4e:
05:d0:69:f1:79:72:53:83:22:a9:bf:f0:0e:03:af:
e3:63:86:6c:b4:a3:6c:bc:7e:5a:39:83:90:b2:f7:
f1:0e:f4:08:c0:44:94:47:66:40:97:ec:d6:e0:d3:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:23:E9:59:55:C8:C5:6E:1F:58:A9:0B:22:F0:A7:15:AC:FF:B9:0B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lSPpWVXIxW4fWKkLIvCnFaz_uQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.28.0/24
84.32.30.0/24
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.40.0/24
88.216.95.0/24
88.216.102.0/23
88.216.188.0/24
88.216.190.0/23
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:57:0b:39:f5:1b:c1:44:8d:3c:9f:c4:d5:56:93:23:83:b9:
f8:78:f4:cc:6d:65:6c:a6:28:4c:7c:84:98:f4:15:63:82:10:
3b:63:fd:46:b2:cc:cb:48:02:4e:c9:ea:3f:17:07:b1:ab:5e:
cc:ba:6f:5c:90:6e:c3:f0:63:a9:60:9a:a0:d5:fa:b1:68:46:
46:33:a7:57:0f:fe:be:b7:1e:f6:a2:0a:41:16:c0:57:e5:2d:
ea:31:9f:52:39:69:9d:ea:4a:23:d4:ec:55:ec:20:39:8c:70:
33:3d:77:53:16:cf:65:2a:d5:64:4c:ac:c4:ee:e2:fb:10:74:
a7:fe:5f:f1:66:0b:a9:56:ee:75:f5:04:93:45:bc:27:97:af:
db:e5:da:96:a5:7d:1d:02:b5:a5:35:dc:fb:73:f2:36:57:f8:
22:de:7a:dc:8d:22:0c:c4:7e:d1:57:92:9f:7a:b7:28:fe:f8:
1a:30:05:83:e0:d9:7f:fe:d1:73:7e:c0:80:23:4f:2f:68:73:
6c:bc:0d:33:eb:6a:0f:a2:cd:8d:52:11:76:f8:94:3a:a6:7f:
3b:1c:3d:b6:d7:34:84:bc:5d:68:ae:17:80:36:87:39:cc:fc:
b4:7c:ca:b3:b4:16:92:c9:f5:cb:db:ed:4e:dd:22:37:a5:38:
cb:29:c4:51
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYToQ/wUWUlyWj9o1wq8TjI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA2MTYyODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIzZTk1OTU1YzhjNTZlMWY1OGE5MGIyMmYwYTcxNWFjZmZiOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4V6YWQbNe221m8fgHzKcflxwYpb
BghpUf5PuSn2njbpZOnI6sGQsRH7+19wHiLdxGvXSUsqT4X+m4DdXJ6O8BMfysm7
eZjHrOfC8/2aaBjT7BuvCQwIwTjYUqSB/r/D8S08YlzLkUvdjzTCk9dfOTu0AUH0
pfxghygbRrPtJWAzlzNnXRBJdrmZ98UrehXce4GlEfUeXS7Zzx0AFNvVyuhREEOV
UH80Pxsc+atuLqClCk0p2WrO5GiCN5hhYgNtSFg7ioYtB9ekRiXIh7AMgE4F0Gnx
eXJTgyKpv/AOA6/jY4ZstKNsvH5aOYOQsvfxDvQIwESUR2ZAl+zW4NNEmwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFJUj6VlVyMVuH1ipCyLwpxWs/7kLMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbFNQcFdWWEl4VzRmV0trTEl2Q25GYXpfdVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBABU
IBwDBABUIB4DBABUICwDBAFUIC4wDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBC
AwQAVCBEAwQAVCBWAwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDhAwQAVCDjAwQAVCD/
AwQAWNgoAwQAWNhfAwQBWNhmAwQAWNi8AwQBWNi+AwQAWNjGAwQAWNjRMA0GCSqG
SIb3DQEBCwUAA4IBAQAcVws59RvBRI08n8TVVpMjg7n4ePTMbWVspihMfISY9BVj
ghA7Y/1GsszLSAJOyeo/Fwexq17Mum9ckG7D8GOpYJqg1fqxaEZGM6dXD/6+tx72
ogpBFsBX5S3qMZ9SOWmd6koj1OxV7CA5jHAzPXdTFs9lKtVkTKzE7uL7EHSn/l/x
ZgupVu519QSTRbwnl6/b5dqWpX0dArWlNdz7c/I2V/gi3nrcjSIMxH7RV5Kferco
/vgaMAWD4Nl//tFzfsCAI08vaHNsvA0z62oPos2NUhF2+JQ6pn87HD221zSEvF1o
rheANoc5zPy0fMqztBaSyfXL2+1O3SI3pTjLKcRR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org