Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lbtWf_QEz3aLRFUhtovVsD9h9uo.roa
File: lbtWf_QEz3aLRFUhtovVsD9h9uo.roa (raw, json)
Hash identifier: tWNu2gbnZtEHK47ZkkZ8VLbpbjH0uPCHkJbyjJk5qqo=
Subject key identifier: 95:BB:56:7F:F4:04:CF:76:8B:44:55:21:B6:8B:D5:B0:3F:61:F6:EA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C310A18F021C50B66EDF8C93A3783F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lbtWf_QEz3aLRFUhtovVsD9h9uo.roa
Signing time: Thu 08 Dec 2022 17:23:00 +0000
ROA not before: Thu 08 Dec 2022 17:23:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 84.32.172.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c3:10:a1:8f:02:1c:50:b6:6e:df:8c:93:a3:78:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:23:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95bb567ff404cf768b445521b68bd5b03f61f6ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:ab:95:c5:41:16:64:e2:f7:ef:3e:dd:08:bd:
17:74:f7:b6:67:39:35:b2:0b:87:34:85:1f:0e:42:
05:25:49:2e:a1:6d:de:90:d9:2a:8a:dc:43:05:0e:
5d:6d:cb:b7:02:a7:21:a6:41:e8:5a:c7:72:29:85:
a2:38:ae:51:a2:8b:0a:2f:0a:43:26:0e:19:05:df:
d9:63:d0:d7:47:9c:94:65:57:94:ca:6e:33:d8:0c:
a0:73:05:4c:c1:48:b3:31:a3:48:9d:33:1c:b9:74:
da:0b:c8:75:11:f3:e2:8b:bc:47:c3:5d:53:e5:44:
78:da:07:76:d3:2e:c4:0a:03:1e:6c:45:a3:03:b2:
46:3c:17:2a:bf:53:59:2a:99:76:fc:f3:d3:9f:bb:
62:d3:f3:d0:af:d8:f9:3f:77:36:e1:86:e3:a2:58:
4d:fb:0e:7e:97:a6:51:74:83:dd:29:27:d7:67:6e:
2d:21:4f:3a:ed:cc:40:15:fb:61:d9:b0:64:a4:d8:
b0:31:5b:c8:21:79:e7:75:4e:5c:da:92:c9:23:32:
e0:da:d1:cb:c6:04:17:bb:ae:11:f1:1d:5d:37:f7:
69:c7:2e:85:ee:5e:03:fc:8a:16:47:db:ce:df:e6:
c4:a4:8b:82:5c:b8:d2:71:44:e4:3d:25:82:b6:85:
c2:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:BB:56:7F:F4:04:CF:76:8B:44:55:21:B6:8B:D5:B0:3F:61:F6:EA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lbtWf_QEz3aLRFUhtovVsD9h9uo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.89.0/24
84.32.172.0/24
88.216.20.0/24
88.216.23.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:4f:e7:8c:a8:75:27:5a:d0:14:8c:c3:e9:cb:85:17:8d:bc:
a9:8d:62:45:d1:a2:95:c1:f1:70:0d:c0:c2:56:99:56:69:64:
78:df:21:65:2f:1e:31:22:0d:8e:fb:92:53:07:ef:39:0e:a1:
40:1c:b9:65:68:05:09:1f:17:40:4b:05:e3:0d:86:5a:af:20:
29:79:39:2b:4b:9b:0a:c5:bb:56:94:88:70:62:86:36:5d:71:
44:84:12:1c:0e:e9:4e:bb:a1:e9:96:f7:99:5c:35:1a:51:ad:
fa:23:c2:e9:7e:50:96:cb:65:18:70:55:dd:df:8d:14:e7:6a:
a0:7a:06:36:f5:8f:05:e8:dd:2d:dc:cd:3d:ba:ba:c4:0e:f4:
18:70:b8:b2:e5:c2:b5:cc:88:7f:ad:88:f6:00:7f:d9:d2:db:
ff:2d:f1:6f:fc:32:50:90:1d:23:8a:55:2d:15:4c:b1:63:32:
35:a8:cd:06:e2:70:c1:89:20:bd:1c:04:5b:60:bb:cf:b1:49:
6d:85:d3:8d:26:2c:4a:78:cc:40:cb:33:92:98:3b:cf:d5:62:
22:52:c9:9c:57:de:48:2a:29:5b:f8:b8:dd:c7:d8:41:3d:0f:
06:1f:e1:15:12:f3:ab:4a:46:83:c3:d6:91:67:ce:22:d3:f3:
7a:5f:67:90
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYTywxChjwIcULZu34yTo3g/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTcyMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWJiNTY3ZmY0MDRjZjc2OGI0NDU1MjFiNjhiZDViMDNmNjFmNmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKuVxUEWZOL37z7dCL0XdPe2Zzk1
sguHNIUfDkIFJUkuoW3ekNkqitxDBQ5dbcu3AqchpkHoWsdyKYWiOK5RoosKLwpD
Jg4ZBd/ZY9DXR5yUZVeUym4z2AygcwVMwUizMaNInTMcuXTaC8h1EfPii7xHw11T
5UR42gd20y7ECgMebEWjA7JGPBcqv1NZKpl2/PPTn7ti0/PQr9j5P3c24YbjolhN
+w5+l6ZRdIPdKSfXZ24tIU867cxAFfth2bBkpNiwMVvIIXnndU5c2pLJIzLg2tHL
xgQXu64R8R1dN/dpxy6F7l4D/IoWR9vO3+bEpIuCXLjScUTkPSWCtoXC1wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJW7Vn/0BM92i0RVIbaL1bA/YfbqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbGJ0V2ZfUUV6M2FMUkZVaHRvdlZzRDloOXVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCAfAwQA
VCBZAwQAVCCsAwQAWNgUAwQAWNgXAwQAWNjVAwQAWNjXMA0GCSqGSIb3DQEBCwUA
A4IBAQA9T+eMqHUnWtAUjMPpy4UXjbypjWJF0aKVwfFwDcDCVplWaWR43yFlLx4x
Ig2O+5JTB+85DqFAHLllaAUJHxdASwXjDYZaryApeTkrS5sKxbtWlIhwYoY2XXFE
hBIcDulOu6HplveZXDUaUa36I8LpflCWy2UYcFXd340U52qgegY29Y8F6N0t3M09
urrEDvQYcLiy5cK1zIh/rYj2AH/Z0tv/LfFv/DJQkB0jilUtFUyxYzI1qM0G4nDB
iSC9HARbYLvPsUlthdONJixKeMxAyzOSmDvP1WIiUsmcV95IKilb+Ljdx9hBPQ8G
H+EVEvOrSkaDw9aRZ84i0/N6X2eQ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org