Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szupHo1RtMpmcEoBvi4DxrPzFOM.roa
File: szupHo1RtMpmcEoBvi4DxrPzFOM.roa (raw, json)
Hash identifier: z6rPEo2srqs5tg5xCSKoFQ3uvim8jkwHPMbg3DfT+/k=
Subject key identifier: B3:3B:A9:1E:8D:51:B4:CA:66:70:4A:01:BE:2E:03:C6:B3:F3:14:E3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01845B0E23F536C48E59FF4778673A8FCDE2
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szupHo1RtMpmcEoBvi4DxrPzFOM.roa
Signing time: Wed 09 Nov 2022 06:22:44 +0000
ROA not before: Wed 09 Nov 2022 06:22:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.59.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.36.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:0e:23:f5:36:c4:8e:59:ff:47:78:67:3a:8f:cd:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 9 06:22:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b33ba91e8d51b4ca66704a01be2e03c6b3f314e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:31:1c:2a:94:70:60:f1:0e:98:40:d6:9b:d5:
36:d5:d6:dd:de:d1:e1:92:cb:38:75:fd:5f:7c:55:
20:3a:bd:16:d7:60:43:61:6c:48:62:26:82:11:8d:
26:81:d4:30:e6:32:23:1a:a5:b8:d1:ef:a6:50:a9:
6d:3c:6a:47:64:3a:e1:3f:62:f3:78:d9:48:0b:68:
fa:6e:e7:1c:54:aa:5e:a9:64:29:71:8b:04:be:12:
61:52:b6:14:af:75:19:f5:57:23:21:a9:cf:46:4c:
ae:31:d1:75:78:df:4e:99:f6:1e:4d:50:bf:58:27:
ba:72:03:f9:0d:dc:40:bd:36:ee:15:db:bf:5d:b4:
56:41:7b:65:5f:fc:76:ed:41:a5:7a:18:52:7a:10:
34:d5:3d:59:bb:cb:74:21:25:1f:08:de:45:e7:e9:
b3:2e:94:d5:0b:0c:2e:03:76:57:70:21:9c:36:a4:
e3:57:dc:19:e7:27:48:30:71:05:80:3f:db:dc:fe:
0f:ce:5b:e7:f9:37:ae:83:d7:21:c8:99:5a:c5:c3:
80:c5:5a:2c:dd:67:3e:dc:42:06:d1:a4:cd:2d:0c:
ac:01:cc:39:d0:7f:95:91:d6:bb:eb:39:5a:11:30:
a4:aa:a3:36:b7:a0:8c:ed:4d:3a:8a:c6:9d:3a:52:
40:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3B:A9:1E:8D:51:B4:CA:66:70:4A:01:BE:2E:03:C6:B3:F3:14:E3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/szupHo1RtMpmcEoBvi4DxrPzFOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.45.0/24
84.32.59.0/24
88.216.33.0-88.216.34.255
88.216.36.0/24
88.216.180.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:3f:d3:0f:66:d7:c7:a6:2a:b1:ef:19:fa:3e:26:fd:33:4b:
e6:61:84:89:ef:31:66:4c:04:9f:78:78:d7:38:f2:d7:54:29:
b8:5d:f0:23:9c:19:27:a7:1b:64:f5:d1:ce:a3:a1:ea:17:2d:
32:03:1f:52:d5:ab:f2:69:1b:af:6d:6c:3e:df:e9:83:ad:9f:
15:1c:e3:c1:27:46:6b:06:ff:ba:1b:6f:f2:79:94:cc:59:47:
1e:40:10:f7:f2:8b:c9:27:68:a8:5e:4d:dd:cb:d0:3a:12:dd:
ea:fb:4d:11:1e:90:bb:d2:f1:d1:91:40:f0:3e:cf:9b:b5:f0:
ad:79:1c:e7:48:3e:28:e8:95:6e:aa:24:33:35:2e:11:58:2c:
47:4c:73:0f:5b:71:74:2a:8e:3c:3f:6b:34:d7:c4:34:32:ad:
cf:5f:6f:8a:61:8b:7b:8c:a8:54:2a:40:13:74:0c:42:ae:d3:
32:d1:28:b1:ab:76:41:8a:48:db:ca:a3:20:ab:d6:61:4b:b1:
56:f0:9b:1e:f4:28:46:ec:17:1c:5c:d6:a2:c9:58:6a:28:bc:
f0:30:45:b6:39:da:28:91:35:ae:30:00:87:a9:51:82:e9:3d:
2a:21:8d:ae:1c:65:82:eb:82:18:6e:bf:1e:59:d1:31:63:5e:
96:49:f5:2d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYRbDiP1NsSOWf9HeGc6j83iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTA5MDYyMjQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNiYTkxZThkNTFiNGNhNjY3MDRhMDFiZTJlMDNjNmIzZjMxNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhjEcKpRwYPEOmEDWm9U21dbd3tHh
kss4df1ffFUgOr0W12BDYWxIYiaCEY0mgdQw5jIjGqW40e+mUKltPGpHZDrhP2Lz
eNlIC2j6buccVKpeqWQpcYsEvhJhUrYUr3UZ9VcjIanPRkyuMdF1eN9OmfYeTVC/
WCe6cgP5DdxAvTbuFdu/XbRWQXtlX/x27UGlehhSehA01T1Zu8t0ISUfCN5F5+mz
LpTVCwwuA3ZXcCGcNqTjV9wZ5ydIMHEFgD/b3P4Pzlvn+Teug9chyJlaxcOAxVos
3Wc+3EIG0aTNLQysAcw50H+Vkda76zlaETCkqqM2t6CM7U06isadOlJAAQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLM7qR6NUbTKZnBKAb4uA8az8xTjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvc3p1cEhvMVJ0TXBtY0VvQnZpNER4clB6Rk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCAtAwQA
VCA7MAwDBABY2CEDBABY2CIDBABY2CQDBABY2LQwDQYJKoZIhvcNAQELBQADggEB
AE8/0w9m18emKrHvGfo+Jv0zS+ZhhInvMWZMBJ94eNc48tdUKbhd8COcGSenG2T1
0c6joeoXLTIDH1LVq/JpG69tbD7f6YOtnxUc48EnRmsG/7obb/J5lMxZRx5AEPfy
i8knaKheTd3L0DoS3er7TREekLvS8dGRQPA+z5u18K15HOdIPijolW6qJDM1LhFY
LEdMcw9bcXQqjjw/azTXxDQyrc9fb4phi3uMqFQqQBN0DEKu0zLRKLGrdkGKSNvK
oyCr1mFLsVbwmx70KEbsFxxc1qLJWGoovPAwRbY52iiRNa4wAIepUYLpPSohja4c
ZYLrghhuvx5Z0TFjXpZJ9S0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:34 2023 by rpki-client on console-ams.rpki-client.org