Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zB3_bRFosGw43jaPZZFoVYtwzaY.roa
File: zB3_bRFosGw43jaPZZFoVYtwzaY.roa (raw, json)
Hash identifier: 8HWxu4DNhLAaW1CTOdiyDub2zYNsx3FSkjfm5h40kXQ=
Subject key identifier: CC:1D:FF:6D:11:68:B0:6C:38:DE:36:8F:65:91:68:55:8B:70:CD:A6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018498E8B106449E2C7CC5830FA8016AFC36
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zB3_bRFosGw43jaPZZFoVYtwzaY.roa
Signing time: Mon 21 Nov 2022 06:38:17 +0000
ROA not before: Mon 21 Nov 2022 06:38:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 84.32.79.0/24 maxlen: 24
84.32.90.0/23 maxlen: 24
84.32.88.0/23 maxlen: 24
88.216.131.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
84.32.24.0/22 maxlen: 22
88.216.132.0/23 maxlen: 24
88.216.134.0/24 maxlen: 24
88.216.135.0/24 maxlen: 24
84.32.28.0/22 maxlen: 22
88.216.94.0/23 maxlen: 24
88.216.92.0/23 maxlen: 24
84.32.212.0/24 maxlen: 24
88.216.224.0/22 maxlen: 24
88.216.232.0/21 maxlen: 24
88.216.16.0/23 maxlen: 24
88.216.248.0/22 maxlen: 24
88.216.41.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
88.216.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:98:e8:b1:06:44:9e:2c:7c:c5:83:0f:a8:01:6a:fc:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 21 06:38:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc1dff6d1168b06c38de368f659168558b70cda6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b5:1f:0c:17:bf:4c:fd:86:35:32:fb:40:0b:
14:89:47:56:99:65:a8:77:9d:d2:8b:18:60:e3:f0:
17:a9:0e:ef:46:94:b9:b5:9a:d1:43:25:4a:ab:37:
bb:89:4a:5d:dc:2e:44:76:1b:92:b9:d9:9d:f5:e5:
4b:be:eb:bb:a9:59:9a:81:8a:18:ec:b6:f1:17:b4:
2b:72:d8:4c:5a:9e:6e:d7:14:44:8c:f9:24:36:13:
9c:a9:6d:1e:a0:e5:3f:20:d4:95:c1:a4:2b:5e:77:
af:7c:50:92:99:a8:e7:11:50:86:21:5e:e5:7e:34:
6b:60:4e:50:51:73:a3:a1:c6:17:fb:b8:d6:97:37:
28:4b:c9:42:ff:a0:16:ba:46:e3:2e:cf:9a:db:a6:
85:8a:2e:63:9a:37:21:8a:86:ed:61:9d:cb:57:83:
43:32:3f:f2:b9:4d:77:3b:03:90:33:8f:5c:bd:c6:
6f:b6:cf:7d:22:89:7b:85:4d:1e:6e:c4:7a:ac:05:
2c:0a:34:b1:75:24:5c:da:89:a9:7d:8a:36:42:90:
24:ff:fc:6d:18:86:79:16:85:ed:0a:db:85:b5:f3:
b2:6d:99:f5:7a:d6:de:31:d7:b6:b3:1f:26:c4:a1:
54:52:ec:b1:68:d6:15:f5:24:12:fa:1b:06:31:51:
ca:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:1D:FF:6D:11:68:B0:6C:38:DE:36:8F:65:91:68:55:8B:70:CD:A6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zB3_bRFosGw43jaPZZFoVYtwzaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.24.0/21
84.32.79.0/24
84.32.88.0/22
84.32.212.0/24
88.216.16.0/23
88.216.41.0/24
88.216.43.0-88.216.45.255
88.216.92.0/22
88.216.128.0/24
88.216.131.0-88.216.135.255
88.216.224.0/22
88.216.232.0/21
88.216.248.0/22
Signature Algorithm: sha256WithRSAEncryption
19:43:12:a8:40:70:ad:53:41:d0:8b:3f:b8:16:03:b4:19:3d:
9b:54:dc:6e:2e:0f:a4:42:76:50:0a:12:57:01:5f:d4:98:a6:
84:2e:40:94:65:1d:4e:f4:22:3c:27:77:b0:e2:d0:5c:ff:53:
1a:62:cd:04:6f:37:da:37:d1:57:00:e2:00:66:3d:51:cb:2b:
31:ff:0d:3d:8e:c1:9c:d2:aa:2a:8a:35:5f:c6:5c:32:8f:d1:
64:a2:55:76:b6:61:c7:07:f8:b1:92:41:26:5a:4d:56:aa:60:
24:72:a8:8b:ca:6e:c0:a4:0e:a1:e3:3a:55:b1:6a:82:cb:c5:
fe:07:74:37:c8:3c:b4:93:fe:2f:e9:93:25:1a:23:9d:e1:86:
7e:a2:d8:29:47:4e:52:bc:da:dc:9d:2d:2e:28:0a:4e:ec:f7:
e1:eb:56:f2:6f:50:27:1d:67:2b:96:d0:1f:dc:3b:20:c5:ae:
fb:46:88:66:ee:08:f8:6a:35:d1:49:12:ca:ac:67:77:8a:0f:
5f:85:c5:50:d7:bb:30:f6:a4:49:b7:26:01:d6:c8:86:0e:01:
e8:04:74:80:47:45:ae:4b:b8:28:71:4c:ea:4c:c0:3c:64:81:
d1:67:0f:df:6e:0a:af:ec:14:8a:06:f2:e4:a9:c9:3c:d7:90:
ff:20:aa:27
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYSY6LEGRJ4sfMWDD6gBavw2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTIxMDYzODE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzFkZmY2ZDExNjhiMDZjMzhkZTM2OGY2NTkxNjg1NThiNzBjZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrUfDBe/TP2GNTL7QAsUiUdWmWWo
d53Sixhg4/AXqQ7vRpS5tZrRQyVKqze7iUpd3C5EdhuSudmd9eVLvuu7qVmagYoY
7LbxF7QrcthMWp5u1xREjPkkNhOcqW0eoOU/INSVwaQrXnevfFCSmajnEVCGIV7l
fjRrYE5QUXOjocYX+7jWlzcoS8lC/6AWukbjLs+a26aFii5jmjchiobtYZ3LV4ND
Mj/yuU13OwOQM49cvcZvts99Iol7hU0ebsR6rAUsCjSxdSRc2ompfYo2QpAk//xt
GIZ5FoXtCtuFtfOybZn1etbeMde2sx8mxKFUUuyxaNYV9SQS+hsGMVHKFQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFMwd/20RaLBsON42j2WRaFWLcM2mMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvekIzX2JSRm9zR3c0M2phUFpaRm9WWXR3emFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDVCAYAwQA
VCBPAwQCVCBYAwQAVCDUAwQBWNgQAwQAWNgpMAwDBABY2CsDBAFY2CwDBAJY2FwD
BABY2IAwDAMEAFjYgwMEA1jYgAMEAljY4AMEA1jY6AMEAljY+DANBgkqhkiG9w0B
AQsFAAOCAQEAGUMSqEBwrVNB0Is/uBYDtBk9m1Tcbi4PpEJ2UAoSVwFf1JimhC5A
lGUdTvQiPCd3sOLQXP9TGmLNBG832jfRVwDiAGY9UcsrMf8NPY7BnNKqKoo1X8Zc
Mo/RZKJVdrZhxwf4sZJBJlpNVqpgJHKoi8puwKQOoeM6VbFqgsvF/gd0N8g8tJP+
L+mTJRojneGGfqLYKUdOUrza3J0tLigKTuz34etW8m9QJx1nK5bQH9w7IMWu+0aI
Zu4I+Go10UkSyqxnd4oPX4XFUNe7MPakSbcmAdbIhg4B6AR0gEdFrku4KHFM6kzA
PGSB0WcP324Kr+wUigby5KnJPNeQ/yCqJw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:34 2023 by rpki-client on console-ams.rpki-client.org