Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vFR232V-hRuMRYyFP8kpUHO5tOM.roa
File: vFR232V-hRuMRYyFP8kpUHO5tOM.roa (raw, json)
Hash identifier: md4wcGgEQK5wzVjvtJG6dLOV9aCEwDbfTSABny5lZL8=
Subject key identifier: BC:54:76:DF:65:7E:85:1B:8C:45:8C:85:3F:C9:29:50:73:B9:B4:E3
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01849470945F46AC6B59A472ECA9C31CFD7A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vFR232V-hRuMRYyFP8kpUHO5tOM.roa
Signing time: Sun 20 Nov 2022 09:48:36 +0000
ROA not before: Sun 20 Nov 2022 09:48:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 88.216.212.0/22 maxlen: 24
84.32.210.0/23 maxlen: 24
84.32.208.0/23 maxlen: 24
84.32.214.0/23 maxlen: 24
84.32.232.0/23 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.240.0/22 maxlen: 24
84.32.236.0/23 maxlen: 24
88.216.244.0/22 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.252.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:94:70:94:5f:46:ac:6b:59:a4:72:ec:a9:c3:1c:fd:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 20 09:48:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc5476df657e851b8c458c853fc9295073b9b4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:01:89:db:14:0f:b1:f3:e7:57:0f:71:bd:88:
c2:bb:7f:86:8a:03:6e:05:5c:e5:6b:df:9b:9f:d1:
76:87:67:e9:4c:e1:56:b4:43:38:82:6f:a3:23:e2:
ff:0d:f0:1f:25:52:6a:95:be:f9:85:94:97:29:98:
c4:85:0e:f5:da:ee:e7:b9:39:94:0f:08:5f:0e:8b:
77:9e:60:06:dd:a9:3e:e5:d1:48:7a:0a:e5:ae:f3:
cb:5f:86:d6:7e:7a:fa:fe:f6:f2:d7:f2:7d:84:42:
9b:b1:c1:50:e5:07:40:a1:9e:4a:6b:4c:44:3a:a4:
74:7d:23:40:91:26:b9:26:d2:bf:cc:aa:43:44:3f:
97:27:4e:9f:25:69:f9:fa:6f:cd:aa:69:8e:5a:f9:
bb:5a:16:6e:ad:18:d2:20:84:61:f8:7f:96:0e:02:
02:c3:05:38:90:42:c4:d8:89:2c:58:4e:da:05:98:
6c:ab:62:cf:b7:ad:b7:e5:a9:35:04:76:66:10:11:
2f:40:f1:83:0b:9d:a8:09:5f:60:8b:59:c4:57:3a:
22:10:90:38:1d:5b:ce:3f:53:18:c8:09:6d:0b:4c:
a8:17:32:10:6e:e1:6c:38:31:12:58:48:4d:a0:0f:
ea:9c:e4:a6:25:e3:19:90:bf:04:2c:6d:06:8f:e8:
5d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:54:76:DF:65:7E:85:1B:8C:45:8C:85:3F:C9:29:50:73:B9:B4:E3
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vFR232V-hRuMRYyFP8kpUHO5tOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.208.0/22
84.32.214.0/23
84.32.232.0/23
84.32.236.0/23
84.32.246.0/23
84.32.252.0/23
88.216.212.0/22
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
45:db:80:f5:27:54:68:5e:e3:1a:b6:48:3e:8c:8d:9c:e3:da:
47:9d:a8:74:a0:92:8a:0c:69:21:49:cd:ee:9b:99:86:1a:51:
25:21:40:17:d6:23:07:7a:f8:a4:d3:c4:21:48:17:27:92:3c:
9d:d3:1b:c2:83:60:bf:17:07:49:9b:a4:6b:03:61:cd:47:15:
da:fb:99:77:8a:4c:49:3c:46:b2:e7:9e:95:5e:d2:2a:17:32:
0b:7a:0e:0e:9a:6c:52:46:1f:07:b5:f7:cc:c1:26:84:4a:d4:
2c:84:bc:1b:40:eb:94:41:42:e6:44:e9:e9:fa:b0:2f:88:0a:
f2:4a:26:f7:ac:86:65:5e:39:4c:e1:91:3d:26:37:0a:45:1c:
ff:d7:d9:41:c5:96:c5:30:11:b7:34:ae:b4:54:3b:85:43:08:
2d:3b:00:48:a3:81:b5:a6:c0:b5:d6:8c:b6:18:d6:a0:47:ab:
66:27:6b:3a:2f:22:44:47:28:25:e0:f5:92:24:85:ad:1b:31:
f2:4a:8d:73:cd:c6:b3:d3:a1:89:12:20:6c:bf:b1:0e:62:02:
4b:5e:c7:f3:c0:0b:80:5c:3c:b0:6f:2e:7e:12:84:c3:7b:82:
1c:e2:93:10:72:bd:93:b1:85:db:f1:f3:62:d8:c7:61:d4:4a:
b5:82:58:bc
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYSUcJRfRqxrWaRy7KnDHP16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIwMDk0ODM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzU0NzZkZjY1N2U4NTFiOGM0NThjODUzZmM5Mjk1MDczYjliNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkQGJ2xQPsfPnVw9xvYjCu3+GigNu
BVzla9+bn9F2h2fpTOFWtEM4gm+jI+L/DfAfJVJqlb75hZSXKZjEhQ712u7nuTmU
DwhfDot3nmAG3ak+5dFIegrlrvPLX4bWfnr6/vby1/J9hEKbscFQ5QdAoZ5Ka0xE
OqR0fSNAkSa5JtK/zKpDRD+XJ06fJWn5+m/NqmmOWvm7WhZurRjSIIRh+H+WDgIC
wwU4kELE2IksWE7aBZhsq2LPt6235ak1BHZmEBEvQPGDC52oCV9gi1nEVzoiEJA4
HVvOP1MYyAltC0yoFzIQbuFsODESWEhNoA/qnOSmJeMZkL8ELG0Gj+hdmQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLxUdt9lfoUbjEWMhT/JKVBzubTjMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdkZSMjMyVi1oUnVNUll5RlA4a3BVSE81dE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQCVCDQAwQB
VCDWAwQBVCDoAwQBVCDsAwQBVCD2AwQBVCD8AwQCWNjUMAwDBAJY2OwDBANY2PAw
DQYJKoZIhvcNAQELBQADggEBAEXbgPUnVGhe4xq2SD6MjZzj2kedqHSgkooMaSFJ
ze6bmYYaUSUhQBfWIwd6+KTTxCFIFyeSPJ3TG8KDYL8XB0mbpGsDYc1HFdr7mXeK
TEk8RrLnnpVe0ioXMgt6Dg6abFJGHwe198zBJoRK1CyEvBtA65RBQuZE6en6sC+I
CvJKJveshmVeOUzhkT0mNwpFHP/X2UHFlsUwEbc0rrRUO4VDCC07AEijgbWmwLXW
jLYY1qBHq2YnazovIkRHKCXg9ZIkha0bMfJKjXPNxrPToYkSIGy/sQ5iAktex/PA
C4BcPLBvLn4ShMN7ghzikxByvZOxhdvx82LYx2HUSrWCWLw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org