Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sKHN9ovZQZyrxxH_0gnORifIjxc.roa
File: sKHN9ovZQZyrxxH_0gnORifIjxc.roa (raw, json)
Hash identifier: KsvE+ZHZwVnXOhA+IHQnkiTG2HB6+rXcvkkGoxcseGU=
Subject key identifier: B0:A1:CD:F6:8B:D9:41:9C:AB:C7:11:FF:D2:09:CE:46:27:C8:8F:17
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184C7450F1794822AE795B3CC91939E344E
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sKHN9ovZQZyrxxH_0gnORifIjxc.roa
Signing time: Wed 30 Nov 2022 06:41:42 +0000
ROA not before: Wed 30 Nov 2022 06:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.187.0/24 maxlen: 24
84.32.220.0/22 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c7:45:0f:17:94:82:2a:e7:95:b3:cc:91:93:9e:34:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 30 06:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b0a1cdf68bd9419cabc711ffd209ce4627c88f17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:ac:33:5f:9c:52:d9:6c:42:dd:a9:55:00:42:
ce:48:48:34:93:92:ad:7e:cc:56:1e:31:eb:92:21:
93:70:72:c7:79:cc:ed:4c:46:10:0e:0e:d5:eb:15:
f1:a5:06:82:6e:fb:87:56:ef:92:ab:c5:58:d8:ea:
ab:40:9e:a4:e6:18:b2:99:ff:a7:af:d8:02:9a:02:
f4:77:29:aa:04:15:6c:44:23:3a:f9:dc:2a:00:b5:
29:f0:e1:2d:1e:8a:cf:d8:fc:57:e7:5c:cf:47:be:
31:fa:92:ac:15:87:2c:67:64:66:06:47:50:8b:47:
94:58:86:c6:fb:4f:c7:93:1e:ec:96:da:41:57:61:
98:98:c0:17:59:5c:86:32:0b:cc:29:57:0a:16:f5:
01:61:99:b7:bd:11:ff:00:ac:f1:6d:26:1f:04:68:
a3:d6:cf:e6:20:8e:12:9a:e6:85:93:16:b8:6c:9c:
35:ea:4e:e5:3e:59:bc:1b:f1:10:1f:15:ef:70:48:
86:e4:f7:4e:4c:ab:5f:63:4e:92:9c:89:d8:31:d8:
01:3e:74:cf:9d:8d:45:c0:10:2f:c6:9d:47:bc:c4:
76:42:35:b4:77:eb:ab:c3:3f:50:67:11:d4:e6:98:
a5:be:f1:1c:8c:84:47:e9:5d:69:70:c6:7f:41:b8:
ac:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A1:CD:F6:8B:D9:41:9C:AB:C7:11:FF:D2:09:CE:46:27:C8:8F:17
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sKHN9ovZQZyrxxH_0gnORifIjxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.220.0-84.32.224.255
84.32.254.0/24
88.216.40.0/24
88.216.187.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:5e:d7:c0:d3:ab:ed:b9:2e:99:d6:05:f6:83:df:a0:78:12:
10:69:16:63:62:ed:d5:0c:eb:a6:4e:d9:d1:0e:f8:23:89:54:
64:cf:ea:a7:86:02:26:42:97:77:5b:e9:e8:29:52:3d:c9:6d:
1a:60:73:2d:47:31:c3:39:90:16:18:f0:a0:99:1f:a7:f7:7e:
ca:e3:bf:5d:7c:9d:9d:4e:c2:6d:f9:42:92:5d:9d:0d:f4:2a:
f6:91:3d:54:10:ec:dd:9e:2d:e4:fe:cb:35:53:8f:58:a9:88:
6c:e8:4d:4f:5e:23:be:0c:e8:0e:19:a0:61:52:3d:4c:0a:51:
68:de:68:cd:fe:08:ed:2f:af:fc:12:c4:cb:bf:ae:28:79:f1:
18:de:e4:25:df:0d:0e:18:92:fd:83:4e:f8:cf:07:96:47:56:
b4:ca:d1:fc:62:11:01:3d:48:03:2b:2c:11:ad:01:42:99:19:
68:6a:6d:f2:4b:b6:8a:9e:e7:7e:e8:e5:e3:30:c8:94:bd:a6:
46:c0:36:1f:2f:fa:3a:36:5f:4e:f1:56:00:a8:a4:a7:d4:04:
fc:f9:39:7e:79:e4:93:49:7e:95:85:b5:e5:34:41:7f:11:b2:
bd:47:56:aa:4d:18:b4:4b:86:6b:10:3d:32:12:a5:d3:2e:81:
33:b2:4c:1e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYTHRQ8XlIIq55WzzJGTnjROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTMwMDY0MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGExY2RmNjhiZDk0MTljYWJjNzExZmZkMjA5Y2U0NjI3Yzg4ZjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh6wzX5xS2WxC3alVAELOSEg0k5Kt
fsxWHjHrkiGTcHLHecztTEYQDg7V6xXxpQaCbvuHVu+Sq8VY2OqrQJ6k5hiymf+n
r9gCmgL0dymqBBVsRCM6+dwqALUp8OEtHorP2PxX51zPR74x+pKsFYcsZ2RmBkdQ
i0eUWIbG+0/Hkx7sltpBV2GYmMAXWVyGMgvMKVcKFvUBYZm3vRH/AKzxbSYfBGij
1s/mII4SmuaFkxa4bJw16k7lPlm8G/EQHxXvcEiG5PdOTKtfY06SnInYMdgBPnTP
nY1FwBAvxp1HvMR2QjW0d+urwz9QZxHU5pilvvEcjIRH6V1pcMZ/QbiskQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLChzfaL2UGcq8cR/9IJzkYnyI8XMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc0tITjlvdlpRWnlyeHhIXzBnbk9SaWZJanhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAVCAOAwQA
VCAiMAwDBAJUINwDBABUIOADBABUIP4DBABY2CgDBABY2LswDQYJKoZIhvcNAQEL
BQADggEBADte18DTq+25LpnWBfaD36B4EhBpFmNi7dUM66ZO2dEO+COJVGTP6qeG
AiZCl3db6egpUj3JbRpgcy1HMcM5kBYY8KCZH6f3fsrjv118nZ1Owm35QpJdnQ30
KvaRPVQQ7N2eLeT+yzVTj1ipiGzoTU9eI74M6A4ZoGFSPUwKUWjeaM3+CO0vr/wS
xMu/rih58Rje5CXfDQ4Ykv2DTvjPB5ZHVrTK0fxiEQE9SAMrLBGtAUKZGWhqbfJL
toqe537o5eMwyJS9pkbANh8v+jo2X07xVgCopKfUBPz5OX555JNJfpWFteU0QX8R
sr1HVqpNGLRLhmsQPTISpdMugTOyTB4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:33 2023 by rpki-client on console-ams.rpki-client.org