Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tes7ksSBKVCE7bhI0iR0Vu2Gbbk.roa
File: tes7ksSBKVCE7bhI0iR0Vu2Gbbk.roa (raw, json)
Hash identifier: PLqamPdNCRK/LlETo6CZOwOlaKqyYnsuSxcBUKnpzb8=
Subject key identifier: B5:EB:3B:92:C4:81:29:50:84:ED:B8:48:D2:24:74:56:ED:86:6D:B9
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184FB375F8E8E2762F3242777DEE552ECBE
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tes7ksSBKVCE7bhI0iR0Vu2Gbbk.roa
Signing time: Sat 10 Dec 2022 08:47:00 +0000
ROA not before: Sat 10 Dec 2022 08:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49581
IP address blocks: 84.32.174.0/24 maxlen: 24
84.32.173.0/24 maxlen: 24
88.216.181.0/24 maxlen: 24
88.216.90.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:37:5f:8e:8e:27:62:f3:24:27:77:de:e5:52:ec:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 10 08:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b5eb3b92c481295084edb848d2247456ed866db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:01:20:6b:97:d5:0d:c4:2b:11:1e:d5:19:13:
0e:21:c7:45:5a:dc:c7:ed:c3:b6:c0:29:53:96:67:
ea:b5:6c:f9:91:3e:ad:59:1c:7d:f7:a0:5e:9a:48:
43:17:f8:5b:b0:8b:76:fe:e1:a4:a0:e9:21:50:b5:
bf:9b:24:f6:f7:69:44:0a:1e:8e:21:69:da:3a:66:
89:e4:26:56:00:81:20:db:f3:50:8e:5d:b9:3b:c9:
74:59:dc:fb:9c:4c:18:c5:07:c1:76:51:d3:10:be:
7d:5d:d1:f8:cf:d3:1b:84:49:f5:1b:1a:06:63:0f:
ef:93:1c:98:83:61:d0:45:77:5b:89:1c:9b:20:a2:
c5:56:00:eb:a9:26:52:70:a9:6a:c1:78:f1:71:f3:
a8:29:0a:1b:fc:d4:aa:5b:88:7a:b1:80:32:f0:40:
c5:b9:cd:6d:24:4e:e3:0b:ed:11:a3:ec:eb:c6:63:
93:ab:fd:53:83:6b:85:e2:af:34:76:08:ab:ae:72:
73:81:28:db:b6:81:a8:82:5e:8f:7a:0f:1c:c8:25:
8e:d6:9f:cc:aa:b7:a3:ec:66:10:7f:bb:70:7a:b8:
99:ea:2d:50:8a:bf:8a:c7:ce:eb:26:80:c2:a0:4f:
17:bb:45:2e:1c:40:60:a4:e1:a3:95:cf:b7:39:e2:
9f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:EB:3B:92:C4:81:29:50:84:ED:B8:48:D2:24:74:56:ED:86:6D:B9
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tes7ksSBKVCE7bhI0iR0Vu2Gbbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.173.0-84.32.174.255
84.32.240.0/24
84.32.249.0/24
84.32.251.0/24
88.216.90.0/24
88.216.181.0/24
Signature Algorithm: sha256WithRSAEncryption
76:82:5e:38:c7:5d:6b:fa:3a:d4:d8:73:e3:1d:b9:2d:c6:07:
89:a0:79:c0:7c:88:30:d3:21:2b:be:d0:a7:8b:65:68:13:8c:
2e:71:af:a0:37:32:30:dc:5e:ba:2d:97:4f:d7:2b:cb:33:94:
e9:e7:38:9d:a7:72:dd:49:06:5e:df:0c:6f:18:2f:ce:68:4a:
72:f3:44:80:a6:52:0f:97:c5:24:6b:93:31:6b:78:08:1e:2b:
ea:bd:de:cb:19:83:36:5d:b6:3f:3f:46:33:21:3b:1d:7b:b3:
2e:59:17:17:55:21:39:f4:fa:08:58:03:df:1b:2d:17:74:f9:
c1:ed:75:9d:3c:66:46:ec:a3:ed:ab:66:e6:1e:cb:e1:2a:3f:
f1:6f:0b:83:74:42:4b:49:f1:c5:27:ad:2c:bf:f9:e5:eb:dc:
0d:d4:18:01:6c:9a:1f:1b:f4:7a:39:d7:fa:7a:8d:ba:45:df:
e7:0c:0f:f6:3e:8b:03:f7:a6:b8:2d:d2:33:4c:73:83:28:44:
ad:f1:e4:e3:48:13:24:c3:bf:37:5a:6b:3c:b1:2f:dc:32:f7:
ac:5c:b2:75:97:58:b4:2e:bd:22:88:73:ac:49:36:54:7f:9b:
e3:89:cb:57:73:5c:d4:92:5b:77:4c:a0:8e:6c:65:5c:8a:d0:
ac:97:71:c9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYT7N1+Ojidi8yQnd97lUuy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEwMDg0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWViM2I5MmM0ODEyOTUwODRlZGI4NDhkMjI0NzQ1NmVkODY2ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQEga5fVDcQrER7VGRMOIcdFWtzH
7cO2wClTlmfqtWz5kT6tWRx996BemkhDF/hbsIt2/uGkoOkhULW/myT292lECh6O
IWnaOmaJ5CZWAIEg2/NQjl25O8l0Wdz7nEwYxQfBdlHTEL59XdH4z9MbhEn1GxoG
Yw/vkxyYg2HQRXdbiRybIKLFVgDrqSZScKlqwXjxcfOoKQob/NSqW4h6sYAy8EDF
uc1tJE7jC+0Ro+zrxmOTq/1Tg2uF4q80dgirrnJzgSjbtoGogl6Peg8cyCWO1p/M
qrej7GYQf7tweriZ6i1Qir+Kx87rJoDCoE8Xu0UuHEBgpOGjlc+3OeKfCwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFLXrO5LEgSlQhO24SNIkdFbthm25MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdGVzN2tzU0JLVkNFN2JoSTBpUjBWdTJHYmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABUIK0D
BABUIK4DBABUIPADBABUIPkDBABUIPsDBABY2FoDBABY2LUwDQYJKoZIhvcNAQEL
BQADggEBAHaCXjjHXWv6OtTYc+MduS3GB4mgecB8iDDTISu+0KeLZWgTjC5xr6A3
MjDcXrotl0/XK8szlOnnOJ2nct1JBl7fDG8YL85oSnLzRICmUg+XxSRrkzFreAge
K+q93ssZgzZdtj8/RjMhOx17sy5ZFxdVITn0+ghYA98bLRd0+cHtdZ08Zkbso+2r
ZuYey+EqP/FvC4N0QktJ8cUnrSy/+eXr3A3UGAFsmh8b9Ho51/p6jbpF3+cMD/Y+
iwP3prgt0jNMc4MoRK3x5ONIEyTDvzdaazyxL9wy96xcsnWXWLQuvSKIc6xJNlR/
m+OJy1dzXNSSW3dMoI5sZVyK0KyXcck=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org