Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/skwovwInrqfWnUnMtn0D-u9afx8.roa
File: skwovwInrqfWnUnMtn0D-u9afx8.roa (raw, json)
Hash identifier: F9q7vy1Ie+GCOIyIM0DzcYzWmK9qQBiwUfo7x/5dwxE=
Subject key identifier: B2:4C:28:BF:02:27:AE:A7:D6:9D:49:CC:B6:7D:03:FA:EF:5A:7F:1F
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018461923D3F0F66F292EC02A91FD8A51592
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/skwovwInrqfWnUnMtn0D-u9afx8.roa
Signing time: Thu 10 Nov 2022 12:44:44 +0000
ROA not before: Thu 10 Nov 2022 12:44:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 88.216.188.0/22 maxlen: 24
84.32.79.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.220.0/22 maxlen: 24
84.32.14.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.248.0/22 maxlen: 24
84.32.34.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
84.32.40.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:92:3d:3f:0f:66:f2:92:ec:02:a9:1f:d8:a5:15:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 10 12:44:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b24c28bf0227aea7d69d49ccb67d03faef5a7f1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:13:39:8a:68:6f:c7:de:71:7e:81:5c:d3:44:
38:d1:f9:6e:8e:60:80:82:dd:8d:b9:fe:14:fc:33:
a6:92:01:2e:d3:6f:09:72:2b:5a:69:ea:ff:be:0a:
50:e9:cc:7f:4a:c0:c3:9e:11:bc:36:96:69:77:c8:
e6:12:f2:4e:1e:23:08:03:d1:7e:b5:ce:f8:ea:b2:
b3:8b:62:4c:bd:0a:6b:c3:f7:eb:6c:90:2a:95:0f:
71:ee:08:1b:b3:fc:f8:a4:e2:01:65:a3:77:b5:b3:
b5:19:79:f0:b4:48:10:6e:b5:4b:5a:81:a8:c0:fd:
a0:61:be:1f:c5:06:7c:e0:1a:75:f7:17:4a:f1:8f:
61:3a:b1:4e:d0:56:02:9a:c9:c7:9d:ab:a4:a4:56:
ef:39:f6:f6:3f:25:f0:68:ed:71:79:53:5a:7b:45:
55:e4:ce:71:d5:55:1d:96:81:d6:0d:47:53:f8:cf:
ec:3a:9e:24:56:b0:2e:6b:2b:39:53:d4:6a:32:88:
bf:aa:e7:58:47:58:4b:e0:8a:49:ab:73:46:76:d6:
7a:f1:f9:49:16:7f:0e:f6:a7:7e:d9:87:94:2e:5a:
fa:e8:bd:aa:07:cc:c8:2e:2e:60:3a:64:45:ed:ba:
58:de:83:4c:bd:70:39:53:f9:bd:30:ac:42:92:95:
3f:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:4C:28:BF:02:27:AE:A7:D6:9D:49:CC:B6:7D:03:FA:EF:5A:7F:1F
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/skwovwInrqfWnUnMtn0D-u9afx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.40.0/22
84.32.79.0/24
84.32.88.0/24
84.32.220.0/22
88.216.18.0/24
88.216.40.0/24
88.216.187.0-88.216.191.255
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:7a:be:67:aa:31:6c:95:5a:21:e5:22:bc:0d:b8:90:0e:92:
a0:db:a9:32:eb:2d:74:05:d8:25:b7:6c:33:37:0a:64:df:d1:
c9:a4:5a:c9:ad:00:fb:fd:ad:9c:21:a6:5a:eb:cd:38:af:28:
b9:52:6b:fc:1a:55:f8:ef:03:c9:cb:ad:30:fa:f6:57:cb:2f:
f6:10:24:e5:0e:ba:11:6e:21:b6:18:91:b0:c4:de:80:95:f8:
97:0c:7d:c6:75:fa:aa:b5:f2:94:a9:0e:19:55:5f:14:81:47:
27:f5:65:ef:fa:02:2a:39:2f:c4:98:e8:23:0c:5f:9d:6f:e3:
61:24:a3:53:69:33:5e:5a:7d:1f:f5:d3:70:96:6b:42:05:40:
7b:39:23:a2:40:65:2d:93:0c:14:74:9e:a4:cc:82:e8:b4:43:
cc:2a:2f:bf:2b:f7:4e:44:bd:c9:26:a0:f3:9d:ca:fd:5c:d3:
f4:02:ac:59:8e:ef:55:e0:71:90:13:46:6d:b4:76:1d:e4:bc:
e3:c1:6d:3d:0a:08:34:49:40:60:b7:96:60:88:0a:ab:6a:bd:
e6:09:f0:16:4e:4b:9d:a8:72:3c:4a:d7:e6:4d:b9:59:58:50:
83:9b:3d:81:6d:82:5c:59:9d:0a:d0:17:8b:cf:09:42:1b:14:
d4:58:23:10
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYRhkj0/D2bykuwCqR/YpRWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTEwMTI0NDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjRjMjhiZjAyMjdhZWE3ZDY5ZDQ5Y2NiNjdkMDNmYWVmNWE3ZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtBM5imhvx95xfoFc00Q40flujmCA
gt2Nuf4U/DOmkgEu028Jcitaaer/vgpQ6cx/SsDDnhG8NpZpd8jmEvJOHiMIA9F+
tc746rKzi2JMvQprw/frbJAqlQ9x7ggbs/z4pOIBZaN3tbO1GXnwtEgQbrVLWoGo
wP2gYb4fxQZ84Bp19xdK8Y9hOrFO0FYCmsnHnaukpFbvOfb2PyXwaO1xeVNae0VV
5M5x1VUdloHWDUdT+M/sOp4kVrAuays5U9RqMoi/qudYR1hL4IpJq3NGdtZ68flJ
Fn8O9qd+2YeULlr66L2qB8zILi5gOmRF7bpY3oNMvXA5U/m9MKxCkpU/dwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLJMKL8CJ66n1p1JzLZ9A/rvWn8fMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc2t3b3Z3SW5ycWZXblVuTXRuMEQtdTlhZng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAVCAOAwQA
VCAiAwQCVCAoAwQAVCBPAwQAVCBYAwQCVCDcAwQAWNgSAwQAWNgoMAwDBABY2LsD
BAZY2IADBAJY2PgwDQYJKoZIhvcNAQELBQADggEBAB96vmeqMWyVWiHlIrwNuJAO
kqDbqTLrLXQF2CW3bDM3CmTf0cmkWsmtAPv9rZwhplrrzTivKLlSa/waVfjvA8nL
rTD69lfLL/YQJOUOuhFuIbYYkbDE3oCV+JcMfcZ1+qq18pSpDhlVXxSBRyf1Ze/6
Aio5L8SY6CMMX51v42Eko1NpM15afR/103CWa0IFQHs5I6JAZS2TDBR0nqTMgui0
Q8wqL78r905EvckmoPOdyv1c0/QCrFmO71XgcZATRm20dh3kvOPBbT0KCDRJQGC3
lmCICqtqveYJ8BZOS52ocjxK1+ZNuVlYUIObPYFtglxZnQrQF4vPCUIbFNRYIxA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org