Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sx6e0lJ7Dc8b6OrfdslpgIMkNLE.roa
File: sx6e0lJ7Dc8b6OrfdslpgIMkNLE.roa (raw, json)
Hash identifier: Hc7tBvh8c3T3HGlAZiv2lHUi0cZfSwNEioXhjF1I1ls=
Subject key identifier: B3:1E:9E:D2:52:7B:0D:CF:1B:E8:EA:DF:76:C9:69:80:83:24:34:B1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E3B6089B8EE3A246D35DD40FEC999750
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sx6e0lJ7Dc8b6OrfdslpgIMkNLE.roa
Signing time: Mon 05 Dec 2022 19:14:28 +0000
ROA not before: Mon 05 Dec 2022 19:14:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e3:b6:08:9b:8e:e3:a2:46:d3:5d:d4:0f:ec:99:97:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 5 19:14:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b31e9ed2527b0dcf1be8eadf76c96980832434b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:8a:15:33:8c:c3:42:b7:ba:48:c4:6d:93:55:
28:84:33:ec:57:b8:33:c1:7f:f9:bc:4e:bc:37:34:
38:f6:97:b0:f2:6b:77:2c:d3:7b:41:9d:d9:f7:ac:
60:93:87:24:73:81:99:ef:4d:06:e1:28:3d:c2:3f:
bf:48:34:ea:c9:48:d3:29:57:04:bd:27:b0:9d:6b:
ff:82:3a:c9:40:a6:04:b9:09:c5:e3:23:93:d6:ec:
98:37:5d:06:a1:99:ed:46:04:9b:74:14:1b:5d:2c:
1b:8e:32:b0:5e:8a:23:ad:f6:c1:c4:f3:5a:e3:12:
d8:4d:12:fc:ba:97:e1:53:7e:4e:e4:f7:d4:4b:2a:
c5:02:2e:f6:9f:f2:b8:73:25:5a:32:cc:4b:d3:21:
a6:2c:81:7e:3a:ae:a2:ce:4b:8d:e5:22:c7:7b:ee:
b5:a0:0e:f4:61:3f:53:a8:66:02:98:92:13:71:37:
84:04:49:62:74:d7:9c:ad:b1:09:d6:c1:0d:6a:c8:
c7:26:50:29:f9:8d:08:1b:c6:93:50:5e:d7:b0:5e:
1c:74:26:30:38:1a:0e:fe:c3:3a:10:f3:8c:b8:2f:
23:7a:f0:fb:ae:48:df:48:40:ed:05:4e:43:74:50:
9b:d7:2b:a7:e3:cd:a6:c7:93:cb:d3:1d:41:98:59:
9e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:1E:9E:D2:52:7B:0D:CF:1B:E8:EA:DF:76:C9:69:80:83:24:34:B1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/sx6e0lJ7Dc8b6OrfdslpgIMkNLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.64.0/24
84.32.70.0/24
88.216.96.0/24
88.216.128.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
37:d5:12:94:d9:73:b7:d9:56:90:6d:08:ae:fe:ba:3c:1a:cf:
5a:bf:9a:e9:e4:41:de:61:55:23:02:7e:93:97:7e:6e:56:a3:
0e:06:15:64:ad:ca:e0:9f:9c:c7:46:e8:59:5c:fe:da:66:00:
96:c6:7c:c8:22:9f:37:9b:a0:ea:9d:17:cc:3f:56:60:56:be:
ad:f1:1b:a2:4f:36:f4:cc:19:2f:4d:3b:f2:ff:bd:06:72:e5:
8b:80:26:d1:61:78:ec:f0:fc:1f:16:b4:c3:02:52:52:a8:40:
9e:44:cd:51:a8:20:4f:2f:3a:96:0b:7f:15:dc:18:fc:c0:df:
dc:c3:05:53:90:8c:d7:42:96:e4:d9:e6:1d:3a:29:b6:9b:43:
1c:a7:af:93:ae:64:64:94:a2:de:b4:54:a8:b2:d6:07:30:b0:
76:a6:b0:ba:7a:bf:d4:e7:2d:1b:3c:48:4b:e8:b8:02:fe:82:
b9:5a:0a:a9:cf:05:dd:77:56:00:a2:79:01:b5:51:f7:1b:ed:
e8:ff:21:a5:94:29:f6:7c:43:e3:65:38:17:2b:80:5b:75:c9:
77:34:fa:99:70:3b:39:2e:aa:e1:42:b4:0c:c2:af:88:e8:79:
c9:75:6f:d0:ba:48:48:b5:63:ef:63:ed:e2:d7:a5:19:5e:f0:
ae:1a:89:4f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTjtgibjuOiRtNd1A/smZdQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA1MTkxNDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzFlOWVkMjUyN2IwZGNmMWJlOGVhZGY3NmM5Njk4MDgzMjQzNGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjooVM4zDQre6SMRtk1UohDPsV7gz
wX/5vE68NzQ49pew8mt3LNN7QZ3Z96xgk4ckc4GZ700G4Sg9wj+/SDTqyUjTKVcE
vSewnWv/gjrJQKYEuQnF4yOT1uyYN10GoZntRgSbdBQbXSwbjjKwXoojrfbBxPNa
4xLYTRL8upfhU35O5PfUSyrFAi72n/K4cyVaMsxL0yGmLIF+Oq6izkuN5SLHe+61
oA70YT9TqGYCmJITcTeEBElidNecrbEJ1sENasjHJlAp+Y0IG8aTUF7XsF4cdCYw
OBoO/sM6EPOMuC8jevD7rkjfSEDtBU5DdFCb1yun482mx5PL0x1BmFmeeQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLMentJSew3PG+jq33bJaYCDJDSxMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc3g2ZTBsSjdEYzhiNk9yZmRzbHBnSU1rTkxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCBAAwQA
VCBGAwQAWNhgAwQAWNiAMAwDBABY2LkDBABY2LowDQYJKoZIhvcNAQELBQADggEB
ADfVEpTZc7fZVpBtCK7+ujwaz1q/munkQd5hVSMCfpOXfm5Wow4GFWStyuCfnMdG
6Flc/tpmAJbGfMginzeboOqdF8w/VmBWvq3xG6JPNvTMGS9NO/L/vQZy5YuAJtFh
eOzw/B8WtMMCUlKoQJ5EzVGoIE8vOpYLfxXcGPzA39zDBVOQjNdCluTZ5h06Kbab
Qxynr5OuZGSUot60VKiy1gcwsHamsLp6v9TnLRs8SEvouAL+grlaCqnPBd13VgCi
eQG1Ufcb7ej/IaWUKfZ8Q+NlOBcrgFt1yXc0+plwOzkuquFCtAzCr4joecl1b9C6
SEi1Y+9j7eLXpRle8K4aiU8=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org