Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oxSVFJJYitp_klxr78Mf-CgorZA.roa
File: oxSVFJJYitp_klxr78Mf-CgorZA.roa (raw, json)
Hash identifier: lZoKdevM4UwB5dCUpbHF0HlH+ibg8ZHSCStyxfpruAQ=
Subject key identifier: A3:14:95:14:92:58:8A:DA:7F:92:5C:6B:EF:C3:1F:F8:28:28:AD:90
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C5CFC4BEF1D404688A697161EBD20E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oxSVFJJYitp_klxr78Mf-CgorZA.roa
Signing time: Thu 08 Dec 2022 17:26:00 +0000
ROA not before: Thu 08 Dec 2022 17:26:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.63.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
88.216.2.0/24 maxlen: 24
84.32.228.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c5:cf:c4:be:f1:d4:04:68:8a:69:71:61:eb:d2:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:26:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a314951492588ada7f925c6befc31ff82828ad90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:54:e2:0b:3d:b8:fe:c7:2d:7b:fa:d1:b2:f9:
f3:26:2f:6a:d8:40:df:9a:e9:08:f6:d6:f4:16:d5:
c4:16:65:4c:88:b8:c0:b6:53:ef:d7:3d:b7:50:94:
5b:51:24:0e:77:f8:dc:42:bd:50:be:07:cc:0f:42:
57:ce:10:b3:e5:7d:3e:31:a1:b8:f8:c2:74:1a:c8:
ec:52:f7:c2:25:9f:f9:33:73:db:de:75:5d:8d:6b:
26:d5:f1:4d:07:a3:58:d6:28:c3:de:e2:79:13:93:
58:2c:58:48:41:ae:9b:a9:fe:ca:34:1d:b5:3f:10:
67:fb:bb:04:47:54:b1:e1:0e:c5:cc:99:a5:21:89:
80:85:a7:d4:58:24:f9:d6:2a:d4:66:07:bf:da:14:
51:61:9e:e2:ac:05:4a:c2:90:c6:98:de:3d:1c:2d:
09:a9:b0:52:5a:28:d2:3c:f8:7f:3f:e1:45:75:cf:
bf:55:58:b7:80:1f:f5:11:2f:43:d8:da:91:4e:85:
c8:23:57:d8:fd:83:0d:d6:84:03:72:6d:f5:29:0b:
2f:0d:3e:5e:ce:12:e8:8a:8b:20:be:20:0e:7c:6a:
0f:1d:46:05:84:3b:d9:36:e5:48:8c:1f:96:76:70:
e8:27:6b:3c:ca:9a:42:30:6b:ee:18:72:a4:4a:98:
cf:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:14:95:14:92:58:8A:DA:7F:92:5C:6B:EF:C3:1F:F8:28:28:AD:90
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oxSVFJJYitp_klxr78Mf-CgorZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
84.32.63.0/24
84.32.95.0/24
84.32.228.0/24
88.216.2.0/24
88.216.34.0/24
Signature Algorithm: sha256WithRSAEncryption
42:ec:9f:82:f7:33:01:74:75:cc:56:c0:7e:ac:a6:87:35:7a:
04:56:fe:50:b7:c7:de:23:86:06:c0:e6:90:3d:f4:63:55:0c:
d8:5f:ab:7f:c4:59:93:aa:e6:14:6c:66:49:ca:a4:85:38:03:
40:7d:45:fe:cf:68:d9:cd:31:6b:f4:01:04:cb:0f:09:4b:e3:
b1:8e:01:f3:d3:39:0d:91:28:5d:07:df:61:a2:a6:96:fc:ac:
10:78:8b:85:df:e9:89:34:c4:8d:b3:a5:3a:5a:8d:fe:9f:63:
c5:15:87:06:92:90:31:5d:92:e4:bd:12:d4:4a:d2:1e:45:90:
31:77:93:e6:61:fe:93:90:91:ff:25:ab:c6:47:57:52:14:a9:
e0:0c:60:7f:c0:c5:d5:96:96:55:7b:a1:46:65:3f:8f:07:ba:
ea:60:39:7c:73:7b:d3:c2:b2:23:cc:db:e1:a6:ec:fa:ca:49:
ca:a1:14:0d:92:1d:99:3d:85:b2:30:ec:e3:ac:b1:dc:65:b0:
99:c4:2d:e1:17:14:85:7b:92:eb:8f:a9:3c:5b:70:bb:df:d3:
c3:91:9f:e0:41:3d:2b:5d:e5:43:7e:ca:98:d3:49:d8:0a:b3:
83:54:50:7b:03:88:16:fa:ae:14:c0:27:9e:e1:c6:59:89:2b:
58:b6:7d:32
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTyxc/EvvHUBGiKaXFh69IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTcyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE0OTUxNDkyNTg4YWRhN2Y5MjVjNmJlZmMzMWZmODI4MjhhZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1TiCz24/scte/rRsvnzJi9q2EDf
mukI9tb0FtXEFmVMiLjAtlPv1z23UJRbUSQOd/jcQr1QvgfMD0JXzhCz5X0+MaG4
+MJ0GsjsUvfCJZ/5M3Pb3nVdjWsm1fFNB6NY1ijD3uJ5E5NYLFhIQa6bqf7KNB21
PxBn+7sER1Sx4Q7FzJmlIYmAhafUWCT51irUZge/2hRRYZ7irAVKwpDGmN49HC0J
qbBSWijSPPh/P+FFdc+/VVi3gB/1ES9D2NqRToXII1fY/YMN1oQDcm31KQsvDT5e
zhLoiosgviAOfGoPHUYFhDvZNuVIjB+WdnDoJ2s8yppCMGvuGHKkSpjP0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKMUlRSSWIraf5Jca+/DH/goKK2QMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb3hTVkZKSllpdHBfa2x4cjc4TWYtQ2dvclpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAVCA4AwQA
VCA/AwQAVCBfAwQAVCDkAwQAWNgCAwQAWNgiMA0GCSqGSIb3DQEBCwUAA4IBAQBC
7J+C9zMBdHXMVsB+rKaHNXoEVv5Qt8feI4YGwOaQPfRjVQzYX6t/xFmTquYUbGZJ
yqSFOANAfUX+z2jZzTFr9AEEyw8JS+OxjgHz0zkNkShdB99hoqaW/KwQeIuF3+mJ
NMSNs6U6Wo3+n2PFFYcGkpAxXZLkvRLUStIeRZAxd5PmYf6TkJH/JavGR1dSFKng
DGB/wMXVlpZVe6FGZT+PB7rqYDl8c3vTwrIjzNvhpuz6yknKoRQNkh2ZPYWyMOzj
rLHcZbCZxC3hFxSFe5Lrj6k8W3C739PDkZ/gQT0rXeVDfsqY00nYCrODVFB7A4gW
+q4UwCee4cZZiStYtn0y
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org