Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oGMKbHrY4p4EoNaiC1TQrySSfYM.roa
File: oGMKbHrY4p4EoNaiC1TQrySSfYM.roa (raw, json)
Hash identifier: OuZwvWCLKxfCGdMhL5MM7pb8c+wsUrJOnsbwi1x77eA=
Subject key identifier: A0:63:0A:6C:7A:D8:E2:9E:04:A0:D6:A2:0B:54:D0:AF:24:92:7D:83
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01853560BE682EA026BC1DED1D314CFBB5F3
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oGMKbHrY4p4EoNaiC1TQrySSfYM.roa
Signing time: Wed 21 Dec 2022 15:50:10 +0000
ROA not before: Wed 21 Dec 2022 15:50:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.230.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:60:be:68:2e:a0:26:bc:1d:ed:1d:31:4c:fb:b5:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 21 15:50:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0630a6c7ad8e29e04a0d6a20b54d0af24927d83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:f9:9f:53:85:1f:4e:a3:cb:06:83:f8:80:65:
91:56:aa:ab:29:72:78:15:f8:db:4c:45:53:2b:85:
9e:9d:07:05:ca:75:7d:a3:6b:a3:d0:c3:a2:0b:3a:
34:dd:62:5c:7c:fe:c2:31:65:63:cd:3a:97:9b:85:
54:c5:72:74:58:cf:e4:63:ac:a2:40:34:98:c2:b0:
2a:9d:2c:a6:59:ee:d9:15:8c:f0:06:d9:68:47:7a:
ec:6d:f3:21:d4:8b:90:aa:39:43:b0:58:ba:ef:74:
c3:04:c3:d8:34:6e:1f:2c:f7:90:d4:67:ef:60:d8:
f6:e9:75:9e:f3:53:dc:05:42:5c:d1:02:05:e0:fc:
96:02:ae:70:ae:1d:3b:ec:8c:86:d2:0d:78:07:72:
60:cf:24:3c:8c:01:27:48:ec:b3:45:e0:ac:3c:24:
7e:10:1e:77:78:8f:aa:61:05:08:06:30:87:a4:e0:
09:46:18:77:cf:39:1d:19:e6:0a:0f:ed:f1:81:b2:
e3:86:24:e5:cd:7b:64:be:72:f9:72:29:21:6c:c4:
0b:e7:21:00:9d:3e:95:34:72:a4:29:3e:27:c7:da:
a1:e3:3f:d9:68:30:2d:53:67:32:bc:74:52:a2:03:
05:b8:72:75:75:02:36:56:35:cd:ff:ec:26:dc:ad:
88:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:63:0A:6C:7A:D8:E2:9E:04:A0:D6:A2:0B:54:D0:AF:24:92:7D:83
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oGMKbHrY4p4EoNaiC1TQrySSfYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
84.32.63.0/24
84.32.95.0/24
84.32.230.0/24
88.216.2.0/24
88.216.34.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
03:2f:60:02:8f:dd:10:c9:d1:1c:d3:55:40:46:cc:e6:50:fd:
62:11:83:9c:c4:c7:fb:74:30:24:0e:56:4e:ca:1e:60:29:4d:
c8:3e:ff:7a:85:06:2e:9a:5a:c2:46:33:ea:d7:0f:5b:22:60:
14:99:43:d4:2f:27:cf:c3:51:52:a1:e9:04:10:a3:93:98:c2:
86:86:c4:e6:cd:ae:17:da:3e:a5:53:bb:84:9a:a1:4a:c6:37:
33:d9:46:5f:f8:df:33:dd:4b:40:66:23:28:e9:b8:2b:9f:ff:
4d:7b:7b:4b:97:2a:97:73:1b:b5:20:2b:ab:03:78:11:e1:62:
90:5d:42:1a:9f:65:7b:35:75:47:f3:92:3e:cc:0e:eb:59:cc:
f1:7a:ff:37:a6:7f:ba:b5:52:ad:8a:7f:2a:f5:3c:c5:46:f8:
47:4e:b0:f9:be:e3:74:60:7d:d2:5d:ac:d8:58:a9:7c:79:d6:
95:0e:7b:e8:b5:18:51:d4:53:3c:52:f0:1b:ef:79:14:be:be:
57:69:be:08:5b:a7:cc:17:f8:e5:cd:ad:8e:35:9b:3a:27:b4:
9d:35:03:b9:9b:40:26:4a:35:d5:39:30:15:cb:48:32:54:59:
b4:94:b5:ac:51:27:67:e5:e6:76:36:c6:24:c5:55:4e:c2:5f:
de:a4:39:87
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYU1YL5oLqAmvB3tHTFM+7XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIxMTU1MDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDYzMGE2YzdhZDhlMjllMDRhMGQ2YTIwYjU0ZDBhZjI0OTI3ZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPmfU4UfTqPLBoP4gGWRVqqrKXJ4
FfjbTEVTK4WenQcFynV9o2uj0MOiCzo03WJcfP7CMWVjzTqXm4VUxXJ0WM/kY6yi
QDSYwrAqnSymWe7ZFYzwBtloR3rsbfMh1IuQqjlDsFi673TDBMPYNG4fLPeQ1Gfv
YNj26XWe81PcBUJc0QIF4PyWAq5wrh077IyG0g14B3JgzyQ8jAEnSOyzReCsPCR+
EB53eI+qYQUIBjCHpOAJRhh3zzkdGeYKD+3xgbLjhiTlzXtkvnL5cikhbMQL5yEA
nT6VNHKkKT4nx9qh4z/ZaDAtU2cyvHRSogMFuHJ1dQI2VjXN/+wm3K2IBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKBjCmx62OKeBKDWogtU0K8kkn2DMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb0dNS2JIclk0cDRFb05haUMxVFFyeVNTZllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVCA4AwQA
VCA/AwQAVCBfAwQAVCDmAwQAWNgCAwQAWNgiAwQAWNjFMA0GCSqGSIb3DQEBCwUA
A4IBAQADL2ACj90QydEc01VARszmUP1iEYOcxMf7dDAkDlZOyh5gKU3IPv96hQYu
mlrCRjPq1w9bImAUmUPULyfPw1FSoekEEKOTmMKGhsTmza4X2j6lU7uEmqFKxjcz
2UZf+N8z3UtAZiMo6bgrn/9Ne3tLlyqXcxu1ICurA3gR4WKQXUIan2V7NXVH85I+
zA7rWczxev83pn+6tVKtin8q9TzFRvhHTrD5vuN0YH3SXazYWKl8edaVDnvotRhR
1FM8UvAb73kUvr5Xab4IW6fMF/jlza2ONZs6J7SdNQO5m0AmSjXVOTAVy0gyVFm0
lLWsUSdn5eZ2NsYkxVVOwl/epDmH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:35 2024 by rpki-client on console-fra.rpki-client.org