Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oVSWFWk8a83RekrnCsSCHj45Z5o.roa
File: oVSWFWk8a83RekrnCsSCHj45Z5o.roa (raw, json)
Hash identifier: oIFG7esJff+enULFuldaaR5UdWsLoCK19fSVHD2nWVs=
Subject key identifier: A1:54:96:15:69:3C:6B:CD:D1:7A:4A:E7:0A:C4:82:1E:3E:39:67:9A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184B839DFCE69D6F90C5A8E7AB7B84CA19C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oVSWFWk8a83RekrnCsSCHj45Z5o.roa
Signing time: Sun 27 Nov 2022 08:35:11 +0000
ROA not before: Sun 27 Nov 2022 08:35:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207459
IP address blocks: 84.32.69.0/24 maxlen: 24
88.216.214.0/24 maxlen: 24
84.32.242.0/24 maxlen: 24
88.216.41.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:b8:39:df:ce:69:d6:f9:0c:5a:8e:7a:b7:b8:4c:a1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 27 08:35:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1549615693c6bcdd17a4ae70ac4821e3e39679a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:2c:2e:ab:b0:cf:08:1f:19:a8:c3:5c:cf:39:
c5:43:05:a9:7b:e0:2a:dd:aa:61:a9:0e:5b:ef:1a:
62:2f:63:cf:18:9e:6e:db:4c:76:b8:24:b9:f3:2d:
41:9b:b0:92:ff:fd:f8:bb:74:d7:47:18:97:94:98:
19:45:26:e5:8c:81:60:37:eb:b0:a5:89:97:16:7b:
47:97:80:dd:e1:ad:79:38:f1:c8:ac:92:fa:fb:ed:
d6:c6:ab:56:4f:1a:f1:d8:3b:d0:d9:a7:03:18:25:
16:e4:70:88:67:e3:32:da:84:6a:e8:82:d2:87:02:
a2:22:45:e8:b8:a6:18:74:82:21:cf:ff:14:b9:56:
a2:48:99:eb:b1:7f:75:33:3d:28:77:35:19:15:83:
84:82:da:09:3f:4b:62:4c:95:cf:25:6e:88:b1:41:
2d:f1:ed:6d:73:03:99:62:1a:31:79:63:70:87:bc:
99:96:46:27:cd:f3:c7:84:0b:3b:47:ab:d5:00:4f:
6a:ee:d7:5c:a8:e3:5d:b6:4b:36:b1:26:04:e0:a8:
78:87:f7:a8:2f:ee:b6:1a:2d:d5:98:d4:de:b5:b4:
8e:27:0c:cd:5d:a7:60:a1:05:0b:23:10:68:82:1b:
ee:18:16:59:41:98:eb:52:59:a5:b1:ee:1d:0a:a8:
66:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:54:96:15:69:3C:6B:CD:D1:7A:4A:E7:0A:C4:82:1E:3E:39:67:9A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oVSWFWk8a83RekrnCsSCHj45Z5o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.69.0/24
84.32.242.0/24
88.216.41.0/24
88.216.214.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ee:d0:1a:12:a3:6d:66:02:31:78:ea:b4:b5:15:64:c7:39:
a0:61:87:3a:c8:66:15:91:b3:af:25:50:1d:b6:d2:24:bd:70:
f2:90:aa:ab:32:4e:dc:03:97:f7:10:64:66:54:0e:15:cf:ef:
56:71:12:e9:e7:de:37:2c:d9:8b:14:20:72:43:6e:11:d7:29:
c5:92:28:3f:4b:32:c0:56:88:5b:6f:a8:3e:60:c8:22:5f:4b:
e8:89:c2:22:a4:30:02:54:60:6e:5b:62:83:09:dc:3d:6c:18:
44:52:fa:91:64:40:46:16:dd:cb:08:3d:f3:d2:36:f0:37:4b:
67:a2:fc:10:42:34:e4:8f:03:5b:d4:67:9e:43:84:d4:d9:1f:
55:ea:5e:55:cc:04:01:7c:d5:0d:1e:c9:a2:1c:2b:e5:93:f7:
ab:62:e4:79:0a:24:3f:99:78:23:71:00:ed:94:a9:cb:dc:a4:
ab:ce:31:61:30:06:b3:14:c2:92:a8:c1:4d:f4:9e:77:27:74:
3d:9f:f3:d4:4a:b9:12:d3:ce:82:de:71:e8:bd:6b:d0:a0:93:
69:28:6e:f5:77:16:92:42:b4:15:32:3b:cc:60:f6:e3:2a:d2:
55:78:6b:1f:9f:88:9a:7c:17:23:ed:98:ec:7d:6a:05:58:c1:
06:d2:23:75
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYS4Od/Oadb5DFqOere4TKGcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI3MDgzNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTU0OTYxNTY5M2M2YmNkZDE3YTRhZTcwYWM0ODIxZTNlMzk2NzlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkywuq7DPCB8ZqMNczznFQwWpe+Aq
3aphqQ5b7xpiL2PPGJ5u20x2uCS58y1Bm7CS//34u3TXRxiXlJgZRSbljIFgN+uw
pYmXFntHl4Dd4a15OPHIrJL6++3WxqtWTxrx2DvQ2acDGCUW5HCIZ+My2oRq6ILS
hwKiIkXouKYYdIIhz/8UuVaiSJnrsX91Mz0odzUZFYOEgtoJP0tiTJXPJW6IsUEt
8e1tcwOZYhoxeWNwh7yZlkYnzfPHhAs7R6vVAE9q7tdcqONdtks2sSYE4Kh4h/eo
L+62Gi3VmNTetbSOJwzNXadgoQULIxBoghvuGBZZQZjrUlmlse4dCqhmvQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKFUlhVpPGvN0XpK5wrEgh4+OWeaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb1ZTV0ZXazhhODNSZWtybkNzU0NIajQ1WjVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCBFAwQA
VCDyAwQAWNgpAwQAWNjWMA0GCSqGSIb3DQEBCwUAA4IBAQAj7tAaEqNtZgIxeOq0
tRVkxzmgYYc6yGYVkbOvJVAdttIkvXDykKqrMk7cA5f3EGRmVA4Vz+9WcRLp5943
LNmLFCByQ24R1ynFkig/SzLAVohbb6g+YMgiX0voicIipDACVGBuW2KDCdw9bBhE
UvqRZEBGFt3LCD3z0jbwN0tnovwQQjTkjwNb1GeeQ4TU2R9V6l5VzAQBfNUNHsmi
HCvlk/erYuR5CiQ/mXgjcQDtlKnL3KSrzjFhMAazFMKSqMFN9J53J3Q9n/PUSrkS
086C3nHovWvQoJNpKG71dxaSQrQVMjvMYPbjKtJVeGsfn4iafBcj7ZjsfWoFWMEG
0iN1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org