Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vzk6euzvp40cLQIz4lQ4cepjfz0.roa
File: vzk6euzvp40cLQIz4lQ4cepjfz0.roa (raw, json)
Hash identifier: sqx9SRpE7CwFXPNlIj/go+85P26hPoT+g6IlKfnEGf0=
Subject key identifier: BF:39:3A:7A:EC:EF:A7:8D:1C:2D:02:33:E2:54:38:71:EA:63:7F:3D
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018417F0C70E431ED313268377B4DEF94A2F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vzk6euzvp40cLQIz4lQ4cepjfz0.roa
Signing time: Thu 27 Oct 2022 05:36:06 +0000
ROA not before: Thu 27 Oct 2022 05:36:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211237
IP address blocks: 84.32.58.0/24 maxlen: 24
84.32.71.0/24 maxlen: 24
88.216.199.0/24 maxlen: 24
84.32.93.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
84.32.41.0/24 maxlen: 24
84.32.48.0/24 maxlen: 24
84.32.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:17:f0:c7:0e:43:1e:d3:13:26:83:77:b4:de:f9:4a:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 27 05:36:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf393a7aecefa78d1c2d0233e2543871ea637f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:30:25:95:bd:64:5c:f7:b8:f6:f6:5f:dc:99:
56:4b:95:ec:84:a0:f4:ce:11:da:d7:f8:c6:b5:ae:
ee:aa:81:ec:35:eb:36:55:85:e0:f6:95:56:ac:e7:
d5:de:e7:1b:dd:21:bb:e5:b8:79:41:9c:20:4b:d0:
b1:23:df:e0:00:b0:ce:10:24:34:35:47:c5:19:f5:
06:76:af:7d:7f:42:e4:44:1b:44:06:46:16:ad:12:
56:1d:df:5a:ac:32:e6:9b:5b:61:91:8a:55:5a:bd:
45:8e:8d:74:0a:63:d5:a0:5f:3c:8e:1b:c0:fd:c9:
13:c2:29:d4:77:9f:4d:9b:27:cd:5c:d0:d2:cc:fa:
23:6d:95:b9:d9:a9:75:fb:04:0f:70:66:ca:49:e6:
2a:cb:7a:87:c3:e0:96:cb:0f:46:93:16:f5:89:ff:
9a:ab:4f:42:f5:ab:1d:fe:93:16:32:38:a3:69:96:
ec:6b:48:21:93:4c:c1:9b:ff:55:86:4c:4f:3f:56:
82:d0:3b:68:b3:7e:69:76:07:98:e0:4a:3e:30:4a:
fc:87:77:87:be:46:bd:37:16:9c:a6:5e:b1:8d:79:
a6:25:5c:d8:bd:91:f8:66:12:64:fe:9a:c1:fa:3c:
5b:b0:ef:8d:74:58:f8:18:b9:d2:e4:70:cf:54:bb:
d7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:39:3A:7A:EC:EF:A7:8D:1C:2D:02:33:E2:54:38:71:EA:63:7F:3D
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vzk6euzvp40cLQIz4lQ4cepjfz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.41.0/24
84.32.48.0/24
84.32.50.0/24
84.32.58.0/24
84.32.71.0/24
84.32.93.0/24
88.216.199.0/24
88.216.223.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:8a:e3:bd:1b:fc:2c:7b:3d:20:64:ba:23:00:de:5f:2a:b7:
6d:80:ea:20:db:6c:bb:15:9d:ef:20:99:7f:fd:3b:fe:f9:cc:
ce:27:37:12:41:92:e1:1f:e2:70:d4:2c:27:e7:86:f5:ed:ed:
5d:0a:c5:06:29:09:39:1b:ad:af:09:26:b5:2d:20:2f:6d:28:
cd:df:30:7e:3d:f1:0c:c2:71:45:4a:fa:7a:ce:d7:36:c7:0c:
61:36:5b:85:1f:f6:79:53:3f:bf:77:28:cb:17:4f:1c:82:5d:
f2:2b:e2:60:b0:7f:0f:c2:95:d0:87:b6:13:d3:6d:f2:7c:60:
95:91:8e:0b:1f:45:b0:c2:f1:9e:0f:34:67:af:34:7e:0a:3a:
83:0b:13:aa:55:e9:0b:99:b0:47:28:11:c7:58:7e:91:3c:6a:
25:e3:b1:59:0d:3e:cd:b4:e7:0d:7e:a0:94:8e:47:10:e2:36:
a5:7a:c5:e4:9b:b7:e0:60:6d:8f:aa:c2:8b:a3:df:26:3e:a0:
62:bc:d9:27:13:58:85:a7:75:7c:59:5f:ba:79:b2:61:a0:9e:
73:1e:9e:2b:37:af:fb:98:ae:3b:fd:77:f2:71:a9:e5:b0:82:
2a:04:1f:01:5b:31:86:55:86:fe:f1:89:ea:47:b8:11:36:d0:
bf:6f:d5:77
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYQX8McOQx7TEyaDd7Te+UovMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI3MDUzNjA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjM5M2E3YWVjZWZhNzhkMWMyZDAyMzNlMjU0Mzg3MWVhNjM3ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jAllb1kXPe49vZf3JlWS5XshKD0
zhHa1/jGta7uqoHsNes2VYXg9pVWrOfV3ucb3SG75bh5QZwgS9CxI9/gALDOECQ0
NUfFGfUGdq99f0LkRBtEBkYWrRJWHd9arDLmm1thkYpVWr1Fjo10CmPVoF88jhvA
/ckTwinUd59NmyfNXNDSzPojbZW52al1+wQPcGbKSeYqy3qHw+CWyw9Gkxb1if+a
q09C9asd/pMWMjijaZbsa0ghk0zBm/9VhkxPP1aC0Dtos35pdgeY4Eo+MEr8h3eH
vka9Nxacpl6xjXmmJVzYvZH4ZhJk/prB+jxbsO+NdFj4GLnS5HDPVLvXrwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFL85Onrs76eNHC0CM+JUOHHqY389MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdnprNmV1enZwNDBjTFFJejRsUTRjZXBqZnowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVCApAwQA
VCAwAwQAVCAyAwQAVCA6AwQAVCBHAwQAVCBdAwQAWNjHAwQAWNjfMA0GCSqGSIb3
DQEBCwUAA4IBAQBeiuO9G/wsez0gZLojAN5fKrdtgOog22y7FZ3vIJl//Tv++czO
JzcSQZLhH+Jw1Cwn54b17e1dCsUGKQk5G62vCSa1LSAvbSjN3zB+PfEMwnFFSvp6
ztc2xwxhNluFH/Z5Uz+/dyjLF08cgl3yK+JgsH8PwpXQh7YT023yfGCVkY4LH0Ww
wvGeDzRnrzR+CjqDCxOqVekLmbBHKBHHWH6RPGol47FZDT7NtOcNfqCUjkcQ4jal
esXkm7fgYG2PqsKLo98mPqBivNknE1iFp3V8WV+6ebJhoJ5zHp4rN6/7mK47/Xfy
canlsIIqBB8BWzGGVYb+8YnqR7gRNtC/b9V3
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org