Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mF2XQ9xDBr9XdmKIdGFJ_RC3ZSY.roa
File: mF2XQ9xDBr9XdmKIdGFJ_RC3ZSY.roa (raw, json)
Hash identifier: hMt+5rllfjntrrbtLDC23tIfVd+22VeC9m7ZVot0tK4=
Subject key identifier: 98:5D:97:43:DC:43:06:BF:57:76:62:88:74:61:49:FD:10:B7:65:26
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018536D472BA493B9E0FAF560C304E414B3A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mF2XQ9xDBr9XdmKIdGFJ_RC3ZSY.roa
Signing time: Wed 21 Dec 2022 22:36:10 +0000
ROA not before: Wed 21 Dec 2022 22:36:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:36:d4:72:ba:49:3b:9e:0f:af:56:0c:30:4e:41:4b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 21 22:36:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=985d9743dc4306bf57766288746149fd10b76526
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1a:83:bd:4c:0f:d5:18:c4:9c:23:f5:ea:f9:
71:e3:ed:98:6e:e2:dc:e1:42:90:dc:d7:59:38:45:
d8:43:38:eb:f2:1a:96:ef:b9:84:36:a3:14:9a:51:
66:47:99:66:c7:16:c2:2d:0c:49:15:2c:e3:d9:e4:
18:28:6d:74:55:a6:e4:9e:14:46:e2:a1:1c:fd:ba:
3a:30:33:d0:54:77:11:8d:26:aa:6c:d6:79:56:6c:
7d:8a:7b:ae:74:31:2c:92:d7:9b:b4:d9:ee:0b:2d:
39:fa:65:3c:74:bb:6f:0c:14:6f:40:b1:d8:92:bb:
16:e9:d2:f3:e5:9d:89:58:20:f1:b1:87:a8:3e:85:
29:25:ef:f3:19:b4:93:40:d9:e3:55:28:8d:31:18:
3e:99:17:f0:8b:5a:49:37:2e:23:8d:dc:8d:bb:c5:
dd:6f:7d:93:ca:99:9d:9a:f3:7d:88:ed:b2:87:f3:
54:af:8b:78:db:a5:09:9b:32:9c:e5:52:81:86:76:
64:bb:4d:59:a2:e6:6a:1e:70:2f:44:93:99:44:df:
9d:6d:11:84:8a:7b:71:7b:d4:fa:f3:7e:10:cc:5e:
cf:89:1e:37:2a:58:84:0c:8c:7b:01:c8:f5:06:d1:
47:3d:da:e8:a1:f1:56:8e:1f:ed:17:b9:f7:0e:bf:
77:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:5D:97:43:DC:43:06:BF:57:76:62:88:74:61:49:FD:10:B7:65:26
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/mF2XQ9xDBr9XdmKIdGFJ_RC3ZSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.89.0/24
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.172.0/24
84.32.175.0-84.32.176.255
84.32.250.0/24
88.216.20.0/24
88.216.23.0/24
88.216.45.0/24
88.216.56.0-88.216.65.255
88.216.185.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e6:7e:fd:17:62:14:ea:70:6a:c7:27:b8:c1:dc:3c:55:40:
3f:f0:54:d7:cd:97:10:72:78:48:63:36:dd:11:ab:56:31:93:
99:70:5f:7e:ff:a9:a2:7c:ff:a8:79:d6:ec:fa:a6:7b:f3:77:
e3:49:90:d5:64:9b:d3:19:74:11:cf:4c:be:4a:be:c1:86:55:
52:ca:e1:e0:7d:4a:91:ee:b0:89:ba:69:20:74:e8:5b:54:b5:
67:a8:dd:fc:ae:8f:9e:90:a7:0d:81:b8:d0:f0:dc:7e:e5:d4:
cd:d3:cd:8b:82:74:c5:5f:2e:f1:ea:4b:ba:f1:67:0d:c9:da:
1a:8f:2f:35:16:13:92:cf:64:0c:9f:ea:92:3d:39:19:08:2f:
70:b9:c6:07:40:43:77:58:7d:19:3d:de:b0:2c:42:05:4d:8d:
07:47:73:36:e9:41:b8:40:e8:d8:20:6e:a5:01:9b:eb:f3:56:
39:ef:15:74:b9:e9:d6:15:3f:56:ec:c8:a8:47:4b:89:73:1c:
c4:31:42:d7:45:3d:93:fc:a6:c2:a6:89:55:c6:cc:e3:32:9d:
13:84:9e:ed:d6:ef:9e:a3:62:2b:67:dd:2a:72:07:d7:51:68:
cb:8f:48:f7:de:e5:a3:84:d2:f6:0f:bd:02:51:c7:cf:5b:bc:
1e:9a:7f:c3
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAYU21HK6STueD69WDDBOQUs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIxMjIzNjEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODVkOTc0M2RjNDMwNmJmNTc3NjYyODg3NDYxNDlmZDEwYjc2NTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRqDvUwP1RjEnCP16vlx4+2YbuLc
4UKQ3NdZOEXYQzjr8hqW77mENqMUmlFmR5lmxxbCLQxJFSzj2eQYKG10VabknhRG
4qEc/bo6MDPQVHcRjSaqbNZ5Vmx9inuudDEsktebtNnuCy05+mU8dLtvDBRvQLHY
krsW6dLz5Z2JWCDxsYeoPoUpJe/zGbSTQNnjVSiNMRg+mRfwi1pJNy4jjdyNu8Xd
b32TypmdmvN9iO2yh/NUr4t426UJmzKc5VKBhnZku01ZouZqHnAvRJOZRN+dbRGE
intxe9T6834QzF7PiR43KliEDIx7Acj1BtFHPdroofFWjh/tF7n3Dr93vQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFJhdl0PcQwa/V3ZiiHRhSf0Qt2UmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbUYyWFE5eERCcjlYZG1LSWRHRkpfUkMzWlNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAFQgHwME
AFQgWTAMAwQDVCCYAwQAVCCaAwQCVCCcAwQAVCCsMAwDBABUIK8DBABUILADBABU
IPoDBABY2BQDBABY2BcDBABY2C0wDAMEA1jYOAMEAVjYQAMEAFjYuQMEAFjY1QME
AFjY1zANBgkqhkiG9w0BAQsFAAOCAQEAfeZ+/RdiFOpwascnuMHcPFVAP/BU182X
EHJ4SGM23RGrVjGTmXBffv+ponz/qHnW7Pqme/N340mQ1WSb0xl0Ec9Mvkq+wYZV
Usrh4H1Kke6wibppIHToW1S1Z6jd/K6PnpCnDYG40PDcfuXUzdPNi4J0xV8u8epL
uvFnDcnaGo8vNRYTks9kDJ/qkj05GQgvcLnGB0BDd1h9GT3esCxCBU2NB0dzNulB
uEDo2CBupQGb6/NWOe8VdLnp1hU/VuzIqEdLiXMcxDFC10U9k/ymwqaJVcbM4zKd
E4Se7dbvnqNiK2fdKnIH11Foy49I997lo4TS9g+9AlHHz1u8Hpp/ww==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org