Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oP3SDu9Q-C9XJAHXZqeUkgtwJ1Y.roa
File: oP3SDu9Q-C9XJAHXZqeUkgtwJ1Y.roa (raw, json)
Hash identifier: Vy/OxxNpN2JlBj/Cv0xd5gzWAKMXY1UsPifooEYLUQ0=
Subject key identifier: A0:FD:D2:0E:EF:50:F8:2F:57:24:01:D7:66:A7:94:92:0B:70:27:56
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183D63D2D4EDF4DB5BD162DB9DD558B9CFB
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oP3SDu9Q-C9XJAHXZqeUkgtwJ1Y.roa
Signing time: Fri 14 Oct 2022 11:24:37 +0000
ROA not before: Fri 14 Oct 2022 11:24:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34984
IP address blocks: 84.32.83.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.130.0/24 maxlen: 24
88.216.132.0/23 maxlen: 24
88.216.33.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:3d:2d:4e:df:4d:b5:bd:16:2d:b9:dd:55:8b:9c:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 14 11:24:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a0fdd20eef50f82f572401d766a794920b702756
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:3b:10:06:c4:99:6d:77:0e:78:ec:8d:f5:
6b:0f:99:60:79:19:a8:5b:c7:00:5c:ee:62:39:19:
bb:35:c7:6e:db:f6:3a:b3:41:fb:76:63:93:73:ce:
73:c3:76:82:13:45:2d:c0:fd:d7:f3:c2:4c:83:e4:
46:9b:43:c1:4f:8b:be:74:0b:ab:16:7a:b9:64:10:
0a:97:8b:24:39:1f:a0:ff:b5:a5:0d:62:60:46:d1:
f3:7c:b2:af:45:b4:7b:8d:0f:ac:20:59:f5:fa:fe:
32:b9:bb:1b:8d:e2:9e:83:77:a0:0a:f7:73:91:1a:
2c:27:3f:80:8c:b9:81:13:10:77:53:2c:88:11:c0:
f4:13:62:f8:7b:ad:57:ab:7c:0e:fe:51:69:29:5a:
16:e1:74:09:c2:0c:76:9c:71:4b:e8:83:6d:e4:28:
a5:4c:c0:67:c0:68:cd:3c:3b:a8:c7:9f:cf:06:1e:
3f:c2:42:5c:70:91:0c:12:36:9c:d4:85:bf:da:f7:
b1:88:f4:3c:d4:e6:1a:9a:f2:93:70:8f:b5:f0:50:
c7:5a:f8:2d:ff:d0:d3:7c:27:1c:da:7f:e5:60:b7:
06:f3:5d:ef:9a:f8:5f:78:c3:23:62:60:f8:74:bd:
dd:c1:64:31:75:dc:2a:f9:7a:a0:34:0c:5c:50:e7:
fd:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FD:D2:0E:EF:50:F8:2F:57:24:01:D7:66:A7:94:92:0B:70:27:56
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oP3SDu9Q-C9XJAHXZqeUkgtwJ1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.83.0/24
88.216.33.0/24
88.216.130.0-88.216.133.255
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:1d:cb:e0:00:0a:81:ea:18:3c:c6:a8:e3:50:e2:86:d7:92:
86:1f:5d:c7:bf:04:a0:04:e4:2d:d4:f6:47:b1:4c:92:62:a3:
aa:38:93:8f:b0:da:43:37:46:94:f2:f3:e6:56:1e:b9:b1:cb:
f9:0d:db:88:bb:e4:41:bb:db:ec:4d:32:58:80:e1:31:19:76:
dc:f2:b1:ca:b8:f7:de:a6:fe:47:50:95:ec:82:bb:3c:6d:fa:
3f:5e:ed:c3:6c:8c:a5:3c:45:e7:74:57:7a:4c:f1:db:88:c4:
d4:8d:9c:41:45:7e:b1:a7:dd:45:0b:21:ed:49:e9:14:8f:5f:
39:d8:54:ed:7e:ff:96:2c:4c:84:3a:30:8e:2d:58:13:3f:03:
74:bf:66:01:0e:64:06:7a:db:13:c0:54:c7:53:5e:26:58:fc:
b4:da:05:54:36:ec:69:3c:02:0d:67:2f:13:99:00:a2:6e:d9:
fe:49:d3:4a:a7:e1:46:2e:fd:25:7b:08:7e:6f:c6:3f:92:25:
01:33:95:9a:d8:e7:a6:c8:e0:fe:0a:d2:05:48:d1:77:7d:a9:
f4:53:c5:9e:fe:cf:1f:28:5e:88:61:bf:3f:70:01:b1:06:47:
a1:a3:c9:4b:16:b5:b4:9a:a6:a0:40:95:42:5c:ae:2c:a3:78:
1e:89:2b:0c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYPWPS1O3021vRYtud1Vi5z7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDE0MTEyNDM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZkZDIwZWVmNTBmODJmNTcyNDAxZDc2NmE3OTQ5MjBiNzAyNzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1I7EAbEmW13DnjsjfVrD5lgeRmo
W8cAXO5iORm7Ncdu2/Y6s0H7dmOTc85zw3aCE0UtwP3X88JMg+RGm0PBT4u+dAur
Fnq5ZBAKl4skOR+g/7WlDWJgRtHzfLKvRbR7jQ+sIFn1+v4yubsbjeKeg3egCvdz
kRosJz+AjLmBExB3UyyIEcD0E2L4e61Xq3wO/lFpKVoW4XQJwgx2nHFL6INt5Cil
TMBnwGjNPDuox5/PBh4/wkJccJEMEjac1IW/2vexiPQ81OYamvKTcI+18FDHWvgt
/9DTfCcc2n/lYLcG813vmvhfeMMjYmD4dL3dwWQxddwq+XqgNAxcUOf9cwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKD90g7vUPgvVyQB12anlJILcCdWMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb1AzU0R1OVEtQzlYSkFIWFpxZVVrZ3R3SjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAVCBTAwQA
WNghMAwDBAFY2IIDBAFY2IQDBAJY2OgwDQYJKoZIhvcNAQELBQADggEBAD8dy+AA
CoHqGDzGqONQ4obXkoYfXce/BKAE5C3U9kexTJJio6o4k4+w2kM3RpTy8+ZWHrmx
y/kN24i75EG72+xNMliA4TEZdtzyscq4996m/kdQleyCuzxt+j9e7cNsjKU8Red0
V3pM8duIxNSNnEFFfrGn3UULIe1J6RSPXznYVO1+/5YsTIQ6MI4tWBM/A3S/ZgEO
ZAZ62xPAVMdTXiZY/LTaBVQ27Gk8Ag1nLxOZAKJu2f5J00qn4UYu/SV7CH5vxj+S
JQEzlZrY56bI4P4K0gVI0Xd9qfRTxZ7+zx8oXohhvz9wAbEGR6GjyUsWtbSapqBA
lUJcriyjeB6JKww=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org