Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWefRoXrggvq9GfadQ5mEYBA2iQ.roa
File: uWefRoXrggvq9GfadQ5mEYBA2iQ.roa (raw, json)
Hash identifier: W4JlSxQlAA4tJft2lgG8/10cb8kTexWX1I3hHkx2MBE=
Subject key identifier: B9:67:9F:46:85:EB:82:0B:EA:F4:67:DA:75:0E:66:11:80:40:DA:24
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183CB9FE272214F2B3CDB609E54B0E6B753
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWefRoXrggvq9GfadQ5mEYBA2iQ.roa
Signing time: Wed 12 Oct 2022 09:56:36 +0000
ROA not before: Wed 12 Oct 2022 09:56:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 84.32.64.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.186.0/24 maxlen: 24
84.32.82.0/24 maxlen: 24
88.216.96.0/24 maxlen: 24
84.32.4.0/24 maxlen: 24
88.216.18.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
88.216.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:9f:e2:72:21:4f:2b:3c:db:60:9e:54:b0:e6:b7:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 12 09:56:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b9679f4685eb820beaf467da750e66118040da24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1d:d3:a1:9a:97:31:a2:ac:22:8c:57:f7:a9:
67:ed:f6:1d:4b:1b:a5:69:cc:a7:3b:32:e8:6e:e5:
cb:4f:0d:8a:b0:a3:59:7a:7c:0c:be:5d:da:34:5f:
50:90:f9:7e:88:85:57:5f:24:78:ff:02:25:c0:0d:
69:aa:f2:e5:19:35:db:7b:86:f9:52:7f:d4:3f:ee:
0f:82:47:17:ab:79:0e:d2:ed:09:18:30:21:05:20:
19:3e:62:1d:92:40:c4:15:46:37:aa:ab:7d:de:54:
6b:7c:7b:49:20:6e:0a:85:cb:1e:54:57:a5:a8:93:
4a:c8:79:5a:74:6c:2a:a6:54:47:87:bf:8b:bd:b6:
fe:07:f8:19:81:8f:ef:50:71:e8:eb:92:17:ab:52:
de:43:21:ce:29:2c:29:41:06:28:e7:8c:51:1d:3e:
ce:7a:f5:50:ae:6a:e6:9d:63:67:b5:2d:75:df:51:
37:18:38:24:b5:93:7e:2e:25:0e:da:89:2c:60:ab:
f5:71:41:94:9d:5c:a9:88:93:a7:a0:99:91:c9:af:
1e:c2:a5:05:8e:ed:83:cd:f3:6d:53:dd:7d:2e:67:
a9:4c:30:10:cf:e3:12:09:1f:a3:ef:c2:d4:c4:b2:
ed:85:dd:00:b1:83:ea:07:73:fe:aa:3a:73:58:76:
01:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:67:9F:46:85:EB:82:0B:EA:F4:67:DA:75:0E:66:11:80:40:DA:24
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uWefRoXrggvq9GfadQ5mEYBA2iQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.4.0/24
84.32.64.0/24
84.32.70.0/24
84.32.82.0/24
88.216.18.0/24
88.216.34.0/24
88.216.42.0/24
88.216.96.0/24
88.216.128.0/24
88.216.185.0-88.216.186.255
Signature Algorithm: sha256WithRSAEncryption
86:73:93:e1:31:dc:50:90:5b:39:17:be:ad:4a:a2:b4:bf:eb:
4d:88:2d:5f:d9:d2:4d:bc:b8:1e:53:bf:10:e7:d3:ac:c5:ca:
98:8d:5c:39:d0:0a:b7:e2:07:2f:e3:4c:63:57:ad:f2:f8:f6:
8d:68:86:28:b3:a1:7b:e0:f8:8d:51:6c:81:50:48:f6:c3:1f:
26:4f:ab:a3:be:c5:f9:79:79:7e:ae:8a:f2:6f:83:b7:32:bc:
98:36:08:47:51:8b:d5:8b:eb:a4:de:91:08:82:73:61:d0:09:
68:da:c9:32:7a:94:3d:ba:30:e0:7f:a8:61:ba:10:b4:af:ad:
ad:da:89:b6:4c:84:ae:8a:b8:7b:2c:8f:af:1d:99:9b:68:ee:
36:09:20:cd:91:ef:68:57:db:87:17:0c:2b:bb:e1:3e:f6:32:
dd:c1:a1:3c:b3:7c:2d:28:6f:7a:f9:46:03:65:04:88:35:ae:
3b:eb:ce:c3:ec:db:3a:bc:01:d0:d9:21:e2:9e:b7:b5:2e:95:
ec:79:41:c2:bd:ae:dc:8c:10:53:da:4d:07:3e:d6:2c:fa:f5:
b7:f6:84:b8:04:18:c5:65:57:7a:65:9d:82:bb:f0:bf:3b:ae:
68:c7:5c:40:42:4e:4c:93:e8:ce:c2:d9:21:b1:42:e1:aa:62:
72:73:5b:51
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYPLn+JyIU8rPNtgnlSw5rdTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDEyMDk1NjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTY3OWY0Njg1ZWI4MjBiZWFmNDY3ZGE3NTBlNjYxMTgwNDBkYTI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjB3ToZqXMaKsIoxX96ln7fYdSxul
acynOzLobuXLTw2KsKNZenwMvl3aNF9QkPl+iIVXXyR4/wIlwA1pqvLlGTXbe4b5
Un/UP+4PgkcXq3kO0u0JGDAhBSAZPmIdkkDEFUY3qqt93lRrfHtJIG4KhcseVFel
qJNKyHladGwqplRHh7+Lvbb+B/gZgY/vUHHo65IXq1LeQyHOKSwpQQYo54xRHT7O
evVQrmrmnWNntS1131E3GDgktZN+LiUO2oksYKv1cUGUnVypiJOnoJmRya8ewqUF
ju2DzfNtU919LmepTDAQz+MSCR+j78LUxLLthd0AsYPqB3P+qjpzWHYBKQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLlnn0aF64IL6vRn2nUOZhGAQNokMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdVdlZlJvWHJnZ3ZxOUdmYWRRNW1FWUJBMmlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAVCAEAwQA
VCBAAwQAVCBGAwQAVCBSAwQAWNgSAwQAWNgiAwQAWNgqAwQAWNhgAwQAWNiAMAwD
BABY2LkDBABY2LowDQYJKoZIhvcNAQELBQADggEBAIZzk+Ex3FCQWzkXvq1KorS/
602ILV/Z0k28uB5TvxDn06zFypiNXDnQCrfiBy/jTGNXrfL49o1ohiizoXvg+I1R
bIFQSPbDHyZPq6O+xfl5eX6uivJvg7cyvJg2CEdRi9WL66TekQiCc2HQCWjayTJ6
lD26MOB/qGG6ELSvra3aibZMhK6KuHssj68dmZto7jYJIM2R72hX24cXDCu74T72
Mt3BoTyzfC0ob3r5RgNlBIg1rjvrzsPs2zq8AdDZIeKet7Uulex5QcK9rtyMEFPa
TQc+1iz69bf2hLgEGMVlV3plnYK78L87rmjHXEBCTkyT6M7C2SGxQuGqYnJzW1E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org