Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/whTrBHEvhDEZA6SCOVzA6fMwVrc.roa
File: whTrBHEvhDEZA6SCOVzA6fMwVrc.roa (raw, json)
Hash identifier: VOycdMGbGrdnUtHUZN5rj4j4NqavkvWDZ4n8jj5vj3M=
Subject key identifier: C2:14:EB:04:71:2F:84:31:19:03:A4:82:39:5C:C0:E9:F3:30:56:B7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018543ED9A5F1541D919EFAF66367E46B139
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/whTrBHEvhDEZA6SCOVzA6fMwVrc.roa
Signing time: Sat 24 Dec 2022 11:38:42 +0000
ROA not before: Sat 24 Dec 2022 11:38:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207279
IP address blocks: 88.216.185.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
84.32.250.0/24 maxlen: 24
88.216.215.0/24 maxlen: 24
84.32.64.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
84.32.172.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
84.32.176.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
88.216.23.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
84.32.152.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:43:ed:9a:5f:15:41:d9:19:ef:af:66:36:7e:46:b1:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 24 11:38:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c214eb04712f84311903a482395cc0e9f33056b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:81:7c:53:d8:ac:9d:a5:9f:4d:5e:8e:98:11:
40:36:25:26:ab:37:f8:15:78:c0:a3:47:c3:7b:bd:
09:02:a1:cb:83:9f:c4:56:77:b0:9e:7a:c3:1c:99:
c3:40:cb:01:c1:8e:bb:e5:10:8e:e7:89:98:5b:72:
7a:d3:ad:62:c5:38:df:19:b2:9c:8f:74:e7:85:16:
ce:4c:df:d7:c4:0d:f7:6c:c0:ad:a2:c1:f8:fc:eb:
d4:50:01:26:4e:59:c5:90:e2:bf:3d:b1:92:85:84:
5a:32:df:5a:db:64:10:f7:64:09:f0:96:a3:6e:56:
c7:ab:0d:5e:81:48:cc:fd:b3:75:1b:b6:35:d9:10:
22:1b:8d:0e:7b:a6:a7:57:3e:9d:38:1b:46:b1:48:
e5:30:15:fb:5c:e5:cc:94:bf:ed:85:33:41:1c:2c:
d0:93:93:b7:7f:63:5e:22:cb:59:d6:97:f3:1d:95:
32:e6:c6:8d:63:35:de:86:a3:db:57:1c:05:27:ba:
98:09:30:b1:70:e7:fa:73:74:e1:84:02:f9:5a:b9:
1a:5b:20:0a:0d:2f:06:17:79:ed:46:5e:3a:e5:80:
93:36:2e:74:a6:c8:02:66:6b:09:79:2c:84:cf:31:
66:36:64:1a:44:8a:7c:9c:f2:57:96:33:79:2b:7b:
52:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:14:EB:04:71:2F:84:31:19:03:A4:82:39:5C:C0:E9:F3:30:56:B7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/whTrBHEvhDEZA6SCOVzA6fMwVrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.31.0/24
84.32.64.0/24
84.32.89.0/24
84.32.152.0-84.32.154.255
84.32.156.0/22
84.32.172.0/24
84.32.175.0-84.32.176.255
84.32.250.0/24
88.216.20.0/24
88.216.23.0/24
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.185.0/24
88.216.213.0/24
88.216.215.0/24
Signature Algorithm: sha256WithRSAEncryption
09:34:bd:5a:d3:6a:3a:08:35:47:88:41:7a:3a:17:27:40:ff:
02:20:64:eb:f5:8a:0e:5b:40:13:e0:60:44:f5:18:32:e0:fa:
48:30:f8:78:99:a9:9e:df:6a:d3:19:e1:a1:e3:0a:d3:f6:5d:
fc:3b:2e:23:d1:98:e8:fb:93:14:43:b9:26:36:a2:ee:dd:95:
c8:ae:13:1e:5b:cf:cc:46:3e:e3:80:28:da:51:12:6b:45:56:
2a:db:fe:bc:fc:02:db:ec:43:64:5d:d5:51:02:7a:7e:24:89:
3e:04:82:ec:6b:47:67:3a:75:ad:ba:6d:79:14:1c:08:3a:c3:
39:5e:d9:d5:4f:a1:68:50:f8:ae:51:73:da:44:b7:b5:47:c7:
cb:91:b7:bd:3f:3c:69:23:81:56:42:c7:1e:59:d2:42:cc:ec:
83:e8:9c:4f:3c:45:56:00:b4:fa:51:90:4c:ae:f1:b6:92:05:
ca:2c:53:66:15:08:e4:4b:3d:ea:38:2d:81:37:6f:82:3c:5a:
2e:66:a5:91:09:ba:af:79:b5:7a:ec:a8:e9:37:a1:8c:3a:cb:
dc:8e:bd:db:b4:17:97:30:dc:f5:db:be:d9:87:a3:e6:be:f6:
24:dc:c0:5d:94:ec:4b:29:19:3a:f8:6a:f3:43:fe:35:b9:76:
2e:68:37:3d
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYVD7ZpfFUHZGe+vZjZ+RrE5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjI0MTEzODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjE0ZWIwNDcxMmY4NDMxMTkwM2E0ODIzOTVjYzBlOWYzMzA1NmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYF8U9isnaWfTV6OmBFANiUmqzf4
FXjAo0fDe70JAqHLg5/EVnewnnrDHJnDQMsBwY675RCO54mYW3J6061ixTjfGbKc
j3TnhRbOTN/XxA33bMCtosH4/OvUUAEmTlnFkOK/PbGShYRaMt9a22QQ92QJ8Jaj
blbHqw1egUjM/bN1G7Y12RAiG40Oe6anVz6dOBtGsUjlMBX7XOXMlL/thTNBHCzQ
k5O3f2NeIstZ1pfzHZUy5saNYzXehqPbVxwFJ7qYCTCxcOf6c3ThhAL5WrkaWyAK
DS8GF3ntRl465YCTNi50psgCZmsJeSyEzzFmNmQaRIp8nPJXljN5K3tSgQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFMIU6wRxL4QxGQOkgjlcwOnzMFa3MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvd2hUckJIRXZoREVaQTZTQ09WekE2Zk13VnJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAFQgHwME
AFQgQAMEAFQgWTAMAwQDVCCYAwQAVCCaAwQCVCCcAwQAVCCsMAwDBABUIK8DBABU
ILADBABUIPoDBABY2BQDBABY2BcDBAFY2CwwDAMEA1jYOAMEAVjYQAMEAFjYuQME
AFjY1QMEAFjY1zANBgkqhkiG9w0BAQsFAAOCAQEACTS9WtNqOgg1R4hBejoXJ0D/
AiBk6/WKDltAE+BgRPUYMuD6SDD4eJmpnt9q0xnhoeMK0/Zd/DsuI9GY6PuTFEO5
Jjai7t2VyK4THlvPzEY+44Ao2lESa0VWKtv+vPwC2+xDZF3VUQJ6fiSJPgSC7GtH
Zzp1rbpteRQcCDrDOV7Z1U+haFD4rlFz2kS3tUfHy5G3vT88aSOBVkLHHlnSQszs
g+icTzxFVgC0+lGQTK7xtpIFyixTZhUI5Es96jgtgTdvgjxaLmalkQm6r3m1euyo
6TehjDrL3I6927QXlzDc9du+2Yej5r72JNzAXZTsSykZOvhq80P+Nbl2Lmg3PQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org