Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rGnBXOSiAt_BmRpouBjGAC_79fg.roa
File: rGnBXOSiAt_BmRpouBjGAC_79fg.roa (raw, json)
Hash identifier: ZycypLgfQk21zgnjL3A5gZbx5BJXL6qib15uIHukzSU=
Subject key identifier: AC:69:C1:5C:E4:A2:02:DF:C1:99:1A:68:B8:18:C6:00:2F:FB:F5:F8
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E104A74E1DD83593A7A6758B2BB89AF7
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rGnBXOSiAt_BmRpouBjGAC_79fg.roa
Signing time: Mon 05 Dec 2022 06:41:29 +0000
ROA not before: Mon 05 Dec 2022 06:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 84.32.52.0/22 maxlen: 24
84.32.76.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
88.216.98.0/24 maxlen: 24
84.32.6.0/24 maxlen: 24
88.216.17.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.252.0/22 maxlen: 24
88.216.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:04:a7:4e:1d:d8:35:93:a7:a6:75:8b:2b:b8:9a:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 5 06:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac69c15ce4a202dfc1991a68b818c6002ffbf5f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8f:d9:3b:76:2f:eb:e8:3c:b7:22:d2:cf:ec:
bf:c6:a5:5d:70:69:1d:3e:83:fa:69:a0:4c:9d:f1:
ff:fb:4f:70:63:30:c4:1b:b1:5a:20:d5:37:d6:36:
4e:5a:de:70:f2:e8:8f:27:4a:c3:39:b7:51:d1:8d:
60:3c:c8:0d:58:5d:b8:d3:8f:0d:74:e0:0e:76:b4:
d3:7c:89:bb:c1:4a:00:79:50:92:fd:7c:a8:8d:8c:
30:37:f3:7e:17:52:13:02:0f:b0:ea:71:b9:a2:07:
f8:4f:15:98:32:d5:d4:5f:63:b2:c5:7f:00:eb:02:
7d:b2:40:b4:2f:ea:df:bd:5e:11:a7:1f:2b:d4:a7:
6d:4c:2b:a8:c3:e4:f4:e1:88:93:5e:2d:d7:27:04:
7d:74:23:96:9f:31:71:48:83:a7:a1:bc:e3:e7:9f:
8f:f1:72:0e:4d:af:74:96:3b:ef:36:60:29:55:2b:
ec:ce:ec:da:b2:e1:0b:00:3d:8b:cc:35:ca:cd:46:
10:01:f7:01:ca:9f:96:c9:3c:5c:49:bd:c5:45:00:
75:67:50:4f:b5:bc:33:a6:48:e7:8a:5c:2a:78:7b:
36:57:37:e5:27:5d:64:4f:13:4a:10:65:d7:31:20:
78:a2:fa:8f:f7:e1:0c:02:e7:ad:ad:33:24:f9:af:
ca:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:69:C1:5C:E4:A2:02:DF:C1:99:1A:68:B8:18:C6:00:2F:FB:F5:F8
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/rGnBXOSiAt_BmRpouBjGAC_79fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.6.0/24
84.32.52.0/22
84.32.76.0/23
88.216.17.0/24
88.216.43.0/24
88.216.98.0/24
88.216.228.0/22
88.216.252.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:88:56:39:6b:ee:b0:e8:30:2c:51:a8:5d:b7:fe:29:62:4c:
7f:d1:fb:da:6f:3d:81:5b:aa:dc:b1:7e:99:42:53:7c:5e:ac:
69:6d:e3:9d:29:13:5e:92:39:aa:72:fb:49:b9:73:0d:f6:2f:
24:93:84:e2:ca:cd:5a:4a:68:ef:6f:76:9d:c3:13:a3:92:ea:
17:77:f6:0f:99:63:ab:bb:94:10:f5:8a:d2:d0:27:eb:69:d5:
3c:ab:1a:60:ac:cf:6a:bd:7d:49:00:07:3f:c2:fa:e6:f9:4c:
fd:bd:24:5f:d4:3b:d8:95:7c:ca:65:3b:ad:79:f4:d0:1b:2b:
d4:bb:4c:aa:f5:83:07:14:d1:ab:b0:11:f8:40:aa:70:b5:7b:
42:06:42:48:b2:46:1f:f9:d6:6f:5b:c7:ff:bc:d6:70:9d:19:
c5:6b:b9:1d:de:a2:7b:3e:37:3c:7d:7f:32:0a:85:72:d7:10:
f8:21:d1:5a:36:0f:2f:ee:41:0e:bf:7f:4e:78:84:a0:c8:c1:
cf:30:78:c3:50:01:c5:ba:22:a7:2f:78:d9:b0:a9:c4:19:22:
a0:eb:fb:44:ac:68:45:dc:31:70:89:14:0b:2d:c3:5f:91:c0:
b9:91:29:20:a1:73:94:f9:2b:65:11:67:cd:41:25:a0:c9:64:
f4:e2:af:c0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYThBKdOHdg1k6emdYsruJr3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA1MDY0MTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzY5YzE1Y2U0YTIwMmRmYzE5OTFhNjhiODE4YzYwMDJmZmJmNWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4/ZO3Yv6+g8tyLSz+y/xqVdcGkd
PoP6aaBMnfH/+09wYzDEG7FaINU31jZOWt5w8uiPJ0rDObdR0Y1gPMgNWF24048N
dOAOdrTTfIm7wUoAeVCS/XyojYwwN/N+F1ITAg+w6nG5ogf4TxWYMtXUX2OyxX8A
6wJ9skC0L+rfvV4Rpx8r1KdtTCuow+T04YiTXi3XJwR9dCOWnzFxSIOnobzj55+P
8XIOTa90ljvvNmApVSvszuzasuELAD2LzDXKzUYQAfcByp+WyTxcSb3FRQB1Z1BP
tbwzpkjnilwqeHs2VzflJ11kTxNKEGXXMSB4ovqP9+EMAuetrTMk+a/K+wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKxpwVzkogLfwZkaaLgYxgAv+/X4MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvckduQlhPU2lBdF9CbVJwb3VCakdBQ183OWZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCAGAwQC
VCA0AwQBVCBMAwQAWNgRAwQAWNgrAwQAWNhiAwQCWNjkAwQCWNj8MA0GCSqGSIb3
DQEBCwUAA4IBAQA8iFY5a+6w6DAsUahdt/4pYkx/0fvabz2BW6rcsX6ZQlN8Xqxp
beOdKRNekjmqcvtJuXMN9i8kk4Tiys1aSmjvb3adwxOjkuoXd/YPmWOru5QQ9YrS
0CfradU8qxpgrM9qvX1JAAc/wvrm+Uz9vSRf1DvYlXzKZTutefTQGyvUu0yq9YMH
FNGrsBH4QKpwtXtCBkJIskYf+dZvW8f/vNZwnRnFa7kd3qJ7Pjc8fX8yCoVy1xD4
IdFaNg8v7kEOv39OeISgyMHPMHjDUAHFuiKnL3jZsKnEGSKg6/tErGhF3DFwiRQL
LcNfkcC5kSkgoXOU+StlEWfNQSWgyWT04q/A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org