Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qCGCT4fRARs4vaUg_spfVs0YvJs.roa
File: qCGCT4fRARs4vaUg_spfVs0YvJs.roa (raw, json)
Hash identifier: F34DA7o6VzZXP04hXrFCVRb30FmcypjrP2CcDVXuzOc=
Subject key identifier: A8:21:82:4F:87:D1:01:1B:38:BD:A5:20:FE:CA:5F:56:CD:18:BC:9B
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184C4FCED8EE9AB92B470078D946B6CD3A8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qCGCT4fRARs4vaUg_spfVs0YvJs.roa
Signing time: Tue 29 Nov 2022 20:03:41 +0000
ROA not before: Tue 29 Nov 2022 20:03:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 88.216.188.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.209.0/24 maxlen: 24
84.32.225.0/24 maxlen: 24
84.32.227.0/24 maxlen: 24
84.32.255.0/24 maxlen: 24
84.32.59.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.86.0/24 maxlen: 24
84.32.90.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.94.0/24 maxlen: 24
84.32.15.0/24 maxlen: 24
84.32.44.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.47.0/24 maxlen: 24
88.216.91.0/24 maxlen: 24
88.216.102.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:fc:ed:8e:e9:ab:92:b4:70:07:8d:94:6b:6c:d3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 29 20:03:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a821824f87d1011b38bda520feca5f56cd18bc9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a9:12:5d:e2:df:e1:0c:f0:b0:7f:f1:81:14:
6a:e8:d1:b2:b8:5d:22:fc:55:49:23:ec:a7:b0:12:
f8:8e:1f:f6:ca:b9:df:7a:a1:4d:70:6a:08:5f:c9:
d0:9c:94:52:ca:74:cc:e6:3d:3a:7a:e5:10:e7:53:
99:cd:1a:83:c1:7b:69:26:f7:a2:83:5f:d1:9d:f0:
62:b7:2c:9b:be:31:b4:88:08:4f:46:f2:8c:a5:9e:
74:34:4e:a7:af:8f:84:10:e1:56:e0:7d:d4:b7:05:
f4:b1:15:41:5f:60:5b:8c:f9:29:09:67:fe:84:be:
b6:88:8e:d6:68:0f:b3:de:c1:94:01:15:d4:0a:b6:
57:87:ae:76:20:c7:c9:b5:d9:34:82:56:22:2b:fe:
70:1f:a6:44:fd:14:e7:ff:94:4c:b5:1c:ee:a2:4d:
37:15:55:0c:81:c6:8e:b5:ed:81:ec:fe:00:51:d9:
7a:b8:04:1c:32:d1:b4:30:15:4a:79:07:a2:8c:8b:
a9:1d:15:d5:d3:e6:e4:f9:d6:96:33:75:41:9c:c0:
68:16:1e:1d:33:55:bd:35:98:cb:50:a1:24:41:d3:
bb:86:86:c6:d8:c6:3c:40:ba:33:b9:4d:56:70:a2:
92:d7:46:5a:ea:43:21:af:3c:f6:6b:92:0d:94:44:
c3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:21:82:4F:87:D1:01:1B:38:BD:A5:20:FE:CA:5F:56:CD:18:BC:9B
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/qCGCT4fRARs4vaUg_spfVs0YvJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.15.0/24
84.32.44.0/24
84.32.46.0/23
84.32.59.0-84.32.60.255
84.32.65.0-84.32.66.255
84.32.68.0/24
84.32.86.0/24
84.32.90.0/24
84.32.92.0/24
84.32.94.0/24
84.32.225.0/24
84.32.227.0/24
84.32.255.0/24
88.216.40.0/24
88.216.91.0/24
88.216.102.0/23
88.216.188.0/24
88.216.190.0/23
88.216.198.0/24
88.216.209.0/24
Signature Algorithm: sha256WithRSAEncryption
81:c6:68:15:0c:bd:1d:67:6c:3a:72:15:87:bd:6f:fc:39:42:
25:5c:07:f3:a3:7f:4b:fd:d4:0c:82:cd:90:f6:0a:01:d9:22:
f5:bc:2e:31:d4:f1:da:ec:d9:85:20:46:0c:fa:0a:32:c7:c5:
5d:1c:ab:3c:fd:01:cb:16:22:63:fd:ba:fa:e4:b1:1e:e3:85:
52:46:03:81:34:fd:24:02:0f:c5:ba:75:04:54:71:e0:a5:56:
bd:26:60:5b:ea:fa:a7:89:4f:92:c0:8a:3a:47:95:84:44:10:
72:b0:d2:d4:25:27:92:d8:c0:2e:bb:c8:aa:51:1f:dd:ab:e2:
33:22:4c:13:aa:39:7f:18:ce:52:09:23:a3:8e:e4:a9:84:a0:
81:b9:d3:4c:ea:db:42:b5:00:de:0f:19:5f:28:4b:1b:ed:8b:
d2:f3:38:9c:5e:cd:6a:33:55:ba:44:bd:af:db:76:42:18:3b:
40:65:7e:d5:2f:4e:8a:85:b2:10:99:e9:f1:42:2f:7e:f3:a4:
53:9b:4a:31:ac:7d:c5:8d:ef:e5:d2:69:93:fd:3e:9f:35:42:
0d:32:de:83:91:29:0b:2f:b2:e0:18:23:93:bb:d2:e7:a1:6e:
70:f7:a0:14:c6:37:8f:18:71:4e:de:66:64:7d:62:86:ba:71:
1e:44:8b:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYTE/O2O6auStHAHjZRrbNOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTI5MjAwMzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODIxODI0Zjg3ZDEwMTFiMzhiZGE1MjBmZWNhNWY1NmNkMThiYzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqakSXeLf4QzwsH/xgRRq6NGyuF0i
/FVJI+ynsBL4jh/2yrnfeqFNcGoIX8nQnJRSynTM5j06euUQ51OZzRqDwXtpJvei
g1/RnfBityybvjG0iAhPRvKMpZ50NE6nr4+EEOFW4H3UtwX0sRVBX2BbjPkpCWf+
hL62iI7WaA+z3sGUARXUCrZXh652IMfJtdk0glYiK/5wH6ZE/RTn/5RMtRzuok03
FVUMgcaOte2B7P4AUdl6uAQcMtG0MBVKeQeijIupHRXV0+bk+daWM3VBnMBoFh4d
M1W9NZjLUKEkQdO7hobG2MY8QLozuU1WcKKS10Za6kMhrzz2a5INlETDEQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKghgk+H0QEbOL2lIP7KX1bNGLybMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcUNHQ1Q0ZlJBUnM0dmFVZ19zcGZWczBZdkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBABU
IA8DBABUICwDBAFUIC4wDAMEAFQgOwMEAFQgPDAMAwQAVCBBAwQAVCBCAwQAVCBE
AwQAVCBWAwQAVCBaAwQAVCBcAwQAVCBeAwQAVCDhAwQAVCDjAwQAVCD/AwQAWNgo
AwQAWNhbAwQBWNhmAwQAWNi8AwQBWNi+AwQAWNjGAwQAWNjRMA0GCSqGSIb3DQEB
CwUAA4IBAQCBxmgVDL0dZ2w6chWHvW/8OUIlXAfzo39L/dQMgs2Q9goB2SL1vC4x
1PHa7NmFIEYM+goyx8VdHKs8/QHLFiJj/br65LEe44VSRgOBNP0kAg/FunUEVHHg
pVa9JmBb6vqniU+SwIo6R5WERBBysNLUJSeS2MAuu8iqUR/dq+IzIkwTqjl/GM5S
CSOjjuSphKCBudNM6ttCtQDeDxlfKEsb7YvS8zicXs1qM1W6RL2v23ZCGDtAZX7V
L06KhbIQmenxQi9+86RTm0oxrH3Fje/l0mmT/T6fNUINMt6DkSkLL7LgGCOTu9Ln
oW5w96AUxjePGHFO3mZkfWKGunEeRIu0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org