Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lvLZy2O-OOdVEIznSUE-OyJZOnI.roa
File: lvLZy2O-OOdVEIznSUE-OyJZOnI.roa (raw, json)
Hash identifier: WqjoB5JwYFnMfc1gfdzOpkDRkldp/yi7YrfuGLi5vjo=
Subject key identifier: 96:F2:D9:CB:63:BE:38:E7:55:10:8C:E7:49:41:3E:3B:22:59:3A:72
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01843F2CC6EB59D63523EAE49E93AE0EBD13
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lvLZy2O-OOdVEIznSUE-OyJZOnI.roa
Signing time: Thu 03 Nov 2022 20:26:49 +0000
ROA not before: Thu 03 Nov 2022 20:26:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 88.216.214.0/24 maxlen: 24
84.32.43.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3f:2c:c6:eb:59:d6:35:23:ea:e4:9e:93:ae:0e:bd:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 20:26:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96f2d9cb63be38e755108ce749413e3b22593a72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3e:4a:de:ab:4e:e2:c3:d4:6f:eb:76:3d:8a:
c5:46:96:90:02:f6:ff:43:62:aa:02:7a:cf:c8:9b:
1f:3d:de:b6:86:52:77:e9:a7:c9:2d:32:68:e4:f9:
19:e8:b6:bf:9d:4e:14:49:4d:94:ce:5a:42:f8:e4:
e1:78:2c:d9:4f:f6:0a:98:00:87:89:81:79:a9:d5:
f1:fb:a9:48:da:cb:07:d1:f0:05:c0:63:6a:d6:7e:
4f:54:4a:f4:0f:e1:ba:44:f9:e2:08:27:b4:39:cf:
e3:85:e3:c6:16:28:44:21:b0:11:37:02:46:fc:9a:
7f:94:a9:02:72:24:3b:14:aa:16:81:9c:13:d4:37:
28:ab:c9:b0:23:90:2a:f5:69:e8:cc:89:b1:e6:ce:
35:ff:9a:09:6f:b2:dd:ae:43:bb:81:85:02:8a:cc:
49:23:fa:32:3e:36:9a:a6:11:dd:fe:8d:64:f4:eb:
d9:f4:91:81:c5:f7:46:78:5d:cb:ad:80:1e:27:c8:
57:18:20:b6:f8:b2:d3:12:db:3c:70:2b:e9:a1:10:
24:9c:c3:eb:6e:6b:c3:be:d3:b6:2d:61:ee:07:89:
f3:48:a3:93:3f:ed:b5:e7:74:43:4f:39:51:7a:19:
f3:1b:d2:62:ce:26:dd:82:e2:5d:fc:30:bf:27:65:
61:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F2:D9:CB:63:BE:38:E7:55:10:8C:E7:49:41:3E:3B:22:59:3A:72
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/lvLZy2O-OOdVEIznSUE-OyJZOnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.40.0/24
84.32.43.0/24
88.216.214.0/24
Signature Algorithm: sha256WithRSAEncryption
79:6d:6f:84:94:1a:a2:ea:d3:77:0c:a6:84:4f:61:fd:ea:e5:
f1:6d:c6:08:0d:f9:c6:08:a8:c8:89:0e:b2:fa:84:c3:b1:19:
e5:16:c0:f0:b9:5e:26:bd:2f:ea:3d:5a:6a:f0:2c:81:1c:3a:
87:90:4d:62:38:49:95:60:4c:54:71:aa:7a:50:c2:6b:3d:a0:
e6:8a:5e:84:0a:d7:48:8a:96:94:57:2c:e4:f3:16:18:44:94:
72:7e:a5:c4:73:f4:2a:7c:f9:0d:4e:8d:b6:0d:c1:7c:65:ad:
b5:a2:4c:eb:0a:d5:d7:23:8a:0d:e0:64:8f:83:20:2b:3a:4f:
1d:4f:1d:13:17:07:90:80:9f:dc:87:2a:8b:d5:47:2b:2c:b4:
75:9b:b0:28:20:00:3d:ff:0a:8f:17:58:04:4d:7c:b9:29:12:
3c:a3:58:15:97:d5:60:a7:6a:03:a1:92:95:e3:61:3e:f2:f4:
f2:b6:d3:1e:b1:2c:c5:71:ba:1a:2b:9e:8a:f9:e6:48:e5:2f:
7c:16:87:29:c6:92:ea:f3:19:4f:34:97:ea:f8:9f:50:bb:7c:
13:32:73:27:f8:e4:fe:77:7e:1c:eb:4b:2a:e7:3e:da:8d:fa:
d2:54:61:07:5f:4f:5c:95:94:b0:a5:72:03:6e:3d:05:fc:c8:
a6:86:2d:ae
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQ/LMbrWdY1I+rknpOuDr0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTAzMjAyNjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYyZDljYjYzYmUzOGU3NTUxMDhjZTc0OTQxM2UzYjIyNTkzYTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjT5K3qtO4sPUb+t2PYrFRpaQAvb/
Q2KqAnrPyJsfPd62hlJ36afJLTJo5PkZ6La/nU4USU2UzlpC+OTheCzZT/YKmACH
iYF5qdXx+6lI2ssH0fAFwGNq1n5PVEr0D+G6RPniCCe0Oc/jhePGFihEIbARNwJG
/Jp/lKkCciQ7FKoWgZwT1Dcoq8mwI5Aq9WnozImx5s41/5oJb7LdrkO7gYUCisxJ
I/oyPjaaphHd/o1k9OvZ9JGBxfdGeF3LrYAeJ8hXGCC2+LLTEts8cCvpoRAknMPr
bmvDvtO2LWHuB4nzSKOTP+2153RDTzlRehnzG9JizibdguJd/DC/J2VhiwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJby2ctjvjjnVRCM50lBPjsiWTpyMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbHZMWnkyTy1PT2RWRUl6blNVRS1PeUpaT25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAoAwQA
VCArAwQAWNjWMA0GCSqGSIb3DQEBCwUAA4IBAQB5bW+ElBqi6tN3DKaET2H96uXx
bcYIDfnGCKjIiQ6y+oTDsRnlFsDwuV4mvS/qPVpq8CyBHDqHkE1iOEmVYExUcap6
UMJrPaDmil6ECtdIipaUVyzk8xYYRJRyfqXEc/QqfPkNTo22DcF8Za21okzrCtXX
I4oN4GSPgyArOk8dTx0TFweQgJ/chyqL1UcrLLR1m7AoIAA9/wqPF1gETXy5KRI8
o1gVl9Vgp2oDoZKV42E+8vTyttMesSzFcboaK56K+eZI5S98FocpxpLq8xlPNJfq
+J9Qu3wTMnMn+OT+d34c60sq5z7ajfrSVGEHX09clZSwpXIDbj0F/Mimhi2u
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:32 2023 by rpki-client on console-ams.rpki-client.org