Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nYpd6xMTzrlI5PauHy-w7djMJ88.roa
File: nYpd6xMTzrlI5PauHy-w7djMJ88.roa (raw, json)
Hash identifier: wzanvvvITjDjs4VC1MsS4rS0pNhYO+nTCz+mxX/61Tg=
Subject key identifier: 9D:8A:5D:EB:13:13:CE:B9:48:E4:F6:AE:1F:2F:B0:ED:D8:CC:27:CF
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01848F00AA7891A3E87D2B320B76F70B5134
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nYpd6xMTzrlI5PauHy-w7djMJ88.roa
Signing time: Sat 19 Nov 2022 08:28:16 +0000
ROA not before: Sat 19 Nov 2022 08:28:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 88.216.181.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
84.32.213.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8f:00:aa:78:91:a3:e8:7d:2b:32:0b:76:f7:0b:51:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 19 08:28:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9d8a5deb1313ceb948e4f6ae1f2fb0edd8cc27cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:74:8f:d3:72:0a:88:07:c8:3a:ec:bd:6f:8e:
3c:7d:26:0e:d9:64:37:e0:04:53:48:f2:a1:4a:a5:
5e:ff:b6:a8:5a:c0:4d:30:10:57:e2:04:a5:25:61:
1a:41:7a:b7:75:68:49:f2:87:97:80:e9:94:4b:e5:
4c:f6:74:0c:7d:25:69:93:3d:ad:bd:d9:92:2c:af:
28:f6:73:8c:83:3d:66:47:21:8f:f9:56:16:8f:94:
cc:08:2f:f7:4f:cf:fa:ef:44:7e:fb:aa:a7:6f:c8:
dc:5f:46:4f:0f:16:58:60:70:51:b6:e5:6a:af:dc:
3f:ab:8a:99:2c:8a:d9:6d:9a:4f:4c:8f:26:c3:7c:
f2:1b:1a:1b:7f:7e:10:7a:17:25:45:97:49:3f:6d:
2d:4e:65:e9:13:94:4d:50:87:e3:d2:09:f9:ea:73:
1b:9c:89:56:69:99:41:b0:01:53:74:14:3b:d2:16:
b0:ec:dd:d8:46:f1:88:80:36:97:6c:ce:a1:2c:6b:
74:1d:89:a4:2b:24:f3:c0:93:91:5e:36:cc:41:24:
25:0f:d4:41:5a:4f:09:03:c2:7c:3b:01:c7:18:f3:
e4:26:06:23:d0:b9:65:5c:ec:df:06:45:fb:85:cf:
21:5c:45:7f:42:7d:3e:4d:17:70:10:9c:8a:c7:54:
62:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:8A:5D:EB:13:13:CE:B9:48:E4:F6:AE:1F:2F:B0:ED:D8:CC:27:CF
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/nYpd6xMTzrlI5PauHy-w7djMJ88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.213.0/24
84.32.240.0/24
84.32.243.0/24
88.216.90.0/24
88.216.181.0/24
Signature Algorithm: sha256WithRSAEncryption
71:6b:2c:51:51:af:f6:d1:a4:39:bd:95:a2:64:0c:8f:c6:bc:
cc:33:a5:fb:a4:b9:62:98:c4:4f:ef:05:2e:f4:f1:69:d4:c3:
cd:c7:24:7f:94:bf:35:e7:13:45:08:c4:4f:92:7e:87:e5:0c:
5f:03:d4:a1:10:cb:46:c1:c1:da:41:06:a6:c0:67:16:93:bc:
75:e6:c2:88:30:a6:21:1c:1f:b9:e8:ed:9b:06:ff:eb:4a:52:
81:5b:88:21:14:47:c7:bc:92:41:d8:45:9e:79:32:63:2d:ee:
bb:98:d9:4e:89:16:16:3d:5a:b0:29:79:fa:64:9c:ff:0e:02:
b6:cd:72:89:59:e4:42:ec:0e:b0:52:db:da:fd:18:33:c2:a4:
15:55:72:86:e4:54:38:5b:35:10:90:35:71:c7:e4:a5:ad:23:
e6:13:5f:8c:be:93:17:e8:ca:44:2e:2a:3f:06:18:d9:90:02:
50:97:3d:10:b9:ea:55:85:78:f2:95:5b:c5:d2:b5:b8:3e:01:
90:9b:91:56:ea:97:3a:cd:50:79:08:07:05:92:8e:7f:10:ae:
81:f1:07:33:ba:ad:91:fc:9a:c6:dd:cf:8b:1d:e2:4e:7f:a9:
80:5f:ff:35:9e:0e:0d:5f:ed:0a:f3:b3:11:7a:d9:14:cf:92:
9b:3f:3d:7e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSPAKp4kaPofSsyC3b3C1E0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTE5MDgyODE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDhhNWRlYjEzMTNjZWI5NDhlNGY2YWUxZjJmYjBlZGQ4Y2MyN2NmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXSP03IKiAfIOuy9b448fSYO2WQ3
4ARTSPKhSqVe/7aoWsBNMBBX4gSlJWEaQXq3dWhJ8oeXgOmUS+VM9nQMfSVpkz2t
vdmSLK8o9nOMgz1mRyGP+VYWj5TMCC/3T8/670R++6qnb8jcX0ZPDxZYYHBRtuVq
r9w/q4qZLIrZbZpPTI8mw3zyGxobf34QehclRZdJP20tTmXpE5RNUIfj0gn56nMb
nIlWaZlBsAFTdBQ70haw7N3YRvGIgDaXbM6hLGt0HYmkKyTzwJORXjbMQSQlD9RB
Wk8JA8J8OwHHGPPkJgYj0LllXOzfBkX7hc8hXEV/Qn0+TRdwEJyKx1RiNwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ2KXesTE865SOT2rh8vsO3YzCfPMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvbllwZDZ4TVR6cmxJNVBhdUh5LXc3ZGpNSjg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVCDVAwQA
VCDwAwQAVCDzAwQAWNhaAwQAWNi1MA0GCSqGSIb3DQEBCwUAA4IBAQBxayxRUa/2
0aQ5vZWiZAyPxrzMM6X7pLlimMRP7wUu9PFp1MPNxyR/lL815xNFCMRPkn6H5Qxf
A9ShEMtGwcHaQQamwGcWk7x15sKIMKYhHB+56O2bBv/rSlKBW4ghFEfHvJJB2EWe
eTJjLe67mNlOiRYWPVqwKXn6ZJz/DgK2zXKJWeRC7A6wUtva/RgzwqQVVXKG5FQ4
WzUQkDVxx+SlrSPmE1+MvpMX6MpELio/BhjZkAJQlz0QuepVhXjylVvF0rW4PgGQ
m5FW6pc6zVB5CAcFko5/EK6B8Qczuq2R/JrG3c+LHeJOf6mAX/81ng4NX+0K87MR
etkUz5KbPz1+
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org