Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tj2GLICccIfIx6szooVCBiLMOg4.roa
File: tj2GLICccIfIx6szooVCBiLMOg4.roa (raw, json)
Hash identifier: jJIv4mTTM/K+vm+sAjWoQTJiMcFOj+tIfukNgoJy46c=
Subject key identifier: B6:3D:86:2C:80:9C:70:87:C8:C7:AB:33:A2:85:42:06:22:CC:3A:0E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018387EFE99863B021ABAC5C75D396C07224
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tj2GLICccIfIx6szooVCBiLMOg4.roa
Signing time: Thu 29 Sep 2022 06:29:50 +0000
ROA not before: Thu 29 Sep 2022 06:29:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 84.32.56.0/22 maxlen: 24
84.32.68.0/22 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.48.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:87:ef:e9:98:63:b0:21:ab:ac:5c:75:d3:96:c0:72:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 29 06:29:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b63d862c809c7087c8c7ab33a285420622cc3a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:e7:f6:ae:cd:68:80:da:44:9e:89:ff:86:b2:
54:f5:a8:05:03:3f:72:7a:bf:31:1a:8f:3d:bf:c1:
d7:6d:21:99:b7:cc:77:51:f8:d6:98:71:35:fb:8e:
45:61:1c:6f:de:07:f0:e5:50:25:ef:d5:9a:36:a9:
66:d1:c9:c3:1c:04:8b:a0:86:f9:24:57:89:3b:e3:
f6:5f:67:b4:cf:2f:1f:a4:bb:7e:60:aa:5d:d8:50:
2e:de:cb:05:9f:11:5d:21:4f:1a:00:8d:3e:9a:ff:
e0:5c:f1:9e:8a:d2:59:3d:64:26:23:f0:0f:8c:a8:
ac:71:da:55:82:79:96:1f:c2:cb:a4:8d:83:41:a6:
60:9d:62:4a:fd:89:b2:0d:b6:16:cb:6b:64:7f:9e:
8a:7d:75:ff:04:8a:4d:ce:0a:3f:d3:ca:36:92:7a:
ac:6d:71:7c:69:82:c5:bc:a4:00:31:9c:99:26:2a:
3f:7e:8b:da:93:ff:4a:c7:31:a9:a0:a8:b9:1b:b3:
d1:45:ec:82:53:58:c0:6a:f9:10:f3:e4:a3:8a:ab:
ac:03:32:55:41:ec:ff:74:b3:7c:93:1d:05:4f:d8:
b9:b7:5d:6a:ef:c4:82:2f:32:f6:d0:6a:d7:5f:8d:
6e:15:11:74:47:b4:b0:5d:af:6c:10:e7:c0:73:e2:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:3D:86:2C:80:9C:70:87:C8:C7:AB:33:A2:85:42:06:22:CC:3A:0E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/tj2GLICccIfIx6szooVCBiLMOg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.20.0/22
84.32.48.0/22
84.32.56.0/22
84.32.68.0/22
88.216.208.0/24
Signature Algorithm: sha256WithRSAEncryption
75:32:90:bd:9c:bf:18:ae:e0:48:0c:74:85:b2:83:9c:89:82:
25:9b:25:40:5c:fc:d3:e3:4b:04:84:0d:1d:f7:1f:51:ef:8b:
e1:cb:53:94:3f:40:7f:91:2d:17:1c:04:bb:68:4f:c1:cc:ea:
ed:f7:e9:7a:ef:7f:00:c0:7d:95:25:75:4b:a2:1f:b2:7f:4f:
97:68:24:49:30:39:5d:42:bb:26:f3:4f:28:28:e0:27:4f:a9:
75:36:cc:ba:8c:44:e6:ad:f5:9d:75:18:3f:8b:68:9c:7f:cc:
cd:b1:38:55:b4:02:8b:ee:86:41:02:ef:7b:e1:11:b2:34:5c:
dd:08:30:e8:82:5c:75:ad:ee:ea:d9:37:57:29:41:ce:96:b6:
ec:9c:49:05:2d:0f:89:93:56:fb:23:22:c6:f5:a1:d1:24:07:
27:13:88:81:2d:9a:ca:50:bf:b1:61:af:ec:82:01:d1:65:7e:
b8:bd:8b:12:ea:3e:b6:15:fb:19:2c:3e:c4:70:44:5b:a2:4d:
27:d4:e4:7e:91:b7:b7:48:da:6c:7c:71:31:86:a1:d7:c9:33:
3f:8b:66:49:59:7c:2f:6f:1f:68:a3:92:45:70:75:8e:97:9e:
51:99:9b:a8:eb:26:da:64:88:b3:c7:f5:b0:e7:6a:58:95:4f:
10:ba:e9:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYOH7+mYY7Ahq6xcddOWwHIkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTI5MDYyOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjNkODYyYzgwOWM3MDg3YzhjN2FiMzNhMjg1NDIwNjIyY2MzYTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+f2rs1ogNpEnon/hrJU9agFAz9y
er8xGo89v8HXbSGZt8x3UfjWmHE1+45FYRxv3gfw5VAl79WaNqlm0cnDHASLoIb5
JFeJO+P2X2e0zy8fpLt+YKpd2FAu3ssFnxFdIU8aAI0+mv/gXPGeitJZPWQmI/AP
jKiscdpVgnmWH8LLpI2DQaZgnWJK/YmyDbYWy2tkf56KfXX/BIpNzgo/08o2knqs
bXF8aYLFvKQAMZyZJio/fovak/9KxzGpoKi5G7PRReyCU1jAavkQ8+SjiqusAzJV
Qez/dLN8kx0FT9i5t11q78SCLzL20GrXX41uFRF0R7SwXa9sEOfAc+Kf8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLY9hiyAnHCHyMerM6KFQgYizDoOMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdGoyR0xJQ2NjSWZJeDZzem9vVkNCaUxNT2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCVCAUAwQC
VCAwAwQCVCA4AwQCVCBEAwQAWNjQMA0GCSqGSIb3DQEBCwUAA4IBAQB1MpC9nL8Y
ruBIDHSFsoOciYIlmyVAXPzT40sEhA0d9x9R74vhy1OUP0B/kS0XHAS7aE/BzOrt
9+l6738AwH2VJXVLoh+yf0+XaCRJMDldQrsm808oKOAnT6l1Nsy6jETmrfWddRg/
i2icf8zNsThVtAKL7oZBAu974RGyNFzdCDDoglx1re7q2TdXKUHOlrbsnEkFLQ+J
k1b7IyLG9aHRJAcnE4iBLZrKUL+xYa/sggHRZX64vYsS6j62FfsZLD7EcERbok0n
1OR+kbe3SNpsfHExhqHXyTM/i2ZJWXwvbx9oo5JFcHWOl55RmZuo6ybaZIizx/Ww
52pYlU8Quukh
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org