Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygh65fC87R1KmopI9V8AfQwIYsE.roa
File: ygh65fC87R1KmopI9V8AfQwIYsE.roa (raw, json)
Hash identifier: 5uYN7A4KR3TteOLnJ2SBDsgR4p7hFOfCCbYISw1WBnY=
Subject key identifier: CA:08:7A:E5:F0:BC:ED:1D:4A:9A:8A:48:F5:5F:00:7D:0C:08:62:C1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018446A1A6E479E651EE170AE434D84FFB00
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygh65fC87R1KmopI9V8AfQwIYsE.roa
Signing time: Sat 05 Nov 2022 07:11:49 +0000
ROA not before: Sat 05 Nov 2022 07:11:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.59.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
88.216.34.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:a1:a6:e4:79:e6:51:ee:17:0a:e4:34:d8:4f:fb:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 5 07:11:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ca087ae5f0bced1d4a9a8a48f55f007d0c0862c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a3:ea:85:9d:aa:43:0c:40:c7:ae:2c:01:fb:
df:27:73:e2:05:9d:41:a2:87:e9:0f:ca:df:e9:48:
fc:b2:3b:7e:0a:0e:bd:d2:52:38:d9:81:b5:62:50:
3c:56:84:8d:39:d4:fb:79:ea:18:2b:f2:0c:f1:77:
23:52:c3:ae:dd:20:7e:74:72:a8:03:cd:40:49:87:
21:8c:06:88:f6:90:6d:6e:a1:65:bb:8e:bb:a0:34:
d2:fc:2f:a7:47:97:aa:a7:7d:6c:5b:ac:91:b3:52:
5a:a5:87:df:a3:0d:ce:4a:1f:bb:1d:be:90:fa:54:
fb:77:a5:4a:31:ae:e4:75:f1:0d:70:46:43:10:e3:
a4:c5:8b:7e:b8:f7:0c:65:63:21:5a:d9:71:f6:45:
ff:15:db:62:ed:ab:72:2c:51:3a:a8:6c:86:00:ff:
09:d1:16:58:bd:3f:d6:97:6d:9c:2a:eb:88:15:46:
94:52:1e:e5:65:9f:0f:de:38:1e:d9:9e:00:74:aa:
9e:60:e4:3d:25:7d:c6:0b:29:b5:58:0d:44:9e:29:
80:62:dc:18:2e:29:40:93:0b:16:ad:32:35:28:a9:
a6:52:5c:7c:68:68:fc:50:ed:e5:8d:ce:d9:3e:d8:
63:19:1e:5c:05:d5:eb:7a:cc:27:c7:80:a8:42:40:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:08:7A:E5:F0:BC:ED:1D:4A:9A:8A:48:F5:5F:00:7D:0C:08:62:C1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ygh65fC87R1KmopI9V8AfQwIYsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.45.0/24
84.32.59.0/24
88.216.33.0-88.216.34.255
Signature Algorithm: sha256WithRSAEncryption
14:d9:c1:3a:1a:8e:9a:a9:e5:16:02:5d:32:ce:c6:e7:cb:fc:
66:cb:14:10:f1:a3:04:d4:ac:24:8e:7e:83:cd:4f:16:70:22:
f3:8c:a7:a8:71:fb:1b:a8:2a:f3:fe:c3:bf:ce:3b:ed:69:31:
5f:2a:4d:cd:c2:47:b6:69:a5:95:81:4e:a1:66:d2:85:f1:86:
b7:34:68:51:6a:ce:a2:ad:6f:9b:9e:ba:a1:39:2b:83:91:f8:
91:74:8e:9c:42:32:d3:5b:83:07:a3:ba:7a:2c:bb:1a:36:08:
7a:6a:40:01:91:55:3e:d7:e9:d5:4a:d0:0f:98:a0:2c:98:0e:
39:70:ed:7a:6b:56:c8:92:8c:97:93:8d:10:db:df:ef:d4:12:
2f:58:8c:3e:86:8f:7c:0b:f6:98:69:44:f8:47:f7:10:c5:af:
e4:7c:0e:0b:6f:38:2a:47:32:74:42:b0:3c:35:9b:e2:08:d4:
bf:96:fc:e5:53:51:79:5f:07:c7:c7:db:63:ef:e0:45:63:da:
25:5d:86:21:f1:68:8b:22:20:a2:d3:76:c8:ed:35:cd:da:0e:
89:fb:8b:f2:b4:f5:9b:7d:d4:b3:49:df:49:d8:a5:f8:d6:cd:
db:be:da:a6:63:2f:59:3c:97:82:2f:7e:fb:e4:8c:d7:d0:87:
ef:42:8d:06
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYRGoabkeeZR7hcK5DTYT/sAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTA1MDcxMTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTA4N2FlNWYwYmNlZDFkNGE5YThhNDhmNTVmMDA3ZDBjMDg2MmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaPqhZ2qQwxAx64sAfvfJ3PiBZ1B
oofpD8rf6Uj8sjt+Cg690lI42YG1YlA8VoSNOdT7eeoYK/IM8XcjUsOu3SB+dHKo
A81ASYchjAaI9pBtbqFlu467oDTS/C+nR5eqp31sW6yRs1JapYffow3OSh+7Hb6Q
+lT7d6VKMa7kdfENcEZDEOOkxYt+uPcMZWMhWtlx9kX/Fdti7atyLFE6qGyGAP8J
0RZYvT/Wl22cKuuIFUaUUh7lZZ8P3jge2Z4AdKqeYOQ9JX3GCym1WA1EnimAYtwY
LilAkwsWrTI1KKmmUlx8aGj8UO3ljc7ZPthjGR5cBdXreswnx4CoQkCKeQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMoIeuXwvO0dSpqKSPVfAH0MCGLBMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveWdoNjVmQzg3UjFLbW9wSTlWOEFmUXdJWXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVCAtAwQA
VCA7MAwDBABY2CEDBABY2CIwDQYJKoZIhvcNAQELBQADggEBABTZwToajpqp5RYC
XTLOxufL/GbLFBDxowTUrCSOfoPNTxZwIvOMp6hx+xuoKvP+w7/OO+1pMV8qTc3C
R7ZppZWBTqFm0oXxhrc0aFFqzqKtb5ueuqE5K4OR+JF0jpxCMtNbgwejunosuxo2
CHpqQAGRVT7X6dVK0A+YoCyYDjlw7XprVsiSjJeTjRDb3+/UEi9YjD6Gj3wL9php
RPhH9xDFr+R8DgtvOCpHMnRCsDw1m+II1L+W/OVTUXlfB8fH22Pv4EVj2iVdhiHx
aIsiIKLTdsjtNc3aDon7i/K09Zt91LNJ30nYpfjWzdu+2qZjL1k8l4IvfvvkjNfQ
h+9CjQY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:36 2024 by rpki-client on console-fra.rpki-client.org