Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fIAsjCqiQkHC2rpmPEsjVdPPtwg.roa
File: fIAsjCqiQkHC2rpmPEsjVdPPtwg.roa (raw, json)
Hash identifier: 2sM8O0I9vr0Gte72R6qopu9IMtGQxbIt9frTMXM7VXE=
Subject key identifier: 7C:80:2C:8C:2A:A2:42:41:C2:DA:BA:66:3C:4B:23:55:D3:CF:B7:08
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0188C2F08CFBE35CBD4AABB5338B94F55456
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fIAsjCqiQkHC2rpmPEsjVdPPtwg.roa
Signing time: Fri 16 Jun 2023 06:42:04 +0000
ROA not before: Fri 16 Jun 2023 06:42:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.231.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.235.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.56.0/24 maxlen: 24
84.32.62.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.68.0/24 maxlen: 24
84.32.65.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.31.0/24 maxlen: 24
84.32.42.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.110.0/24 maxlen: 24
84.32.150.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.157.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
88.216.214.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.240.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
88.216.244.0/22 maxlen: 24
88.216.58.0/24 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.60.0/24 maxlen: 24
88.216.61.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.100.0/24 maxlen: 24
88.216.101.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.0.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.38.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.39.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c2:f0:8c:fb:e3:5c:bd:4a:ab:b5:33:8b:94:f5:54:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jun 16 06:42:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c802c8c2aa24241c2daba663c4b2355d3cfb708
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4d:4e:83:c9:3a:b9:94:0f:80:03:f0:66:0c:
f3:d9:16:f3:f0:6a:87:16:98:16:96:9e:fd:66:8e:
bb:3d:15:49:bf:13:87:56:d9:27:35:ba:a3:09:a6:
98:c9:c5:15:df:fa:74:ff:e9:2d:c5:8b:a5:e7:0c:
7d:22:9e:07:3b:e8:d3:3e:17:32:98:92:28:87:d6:
f1:8c:af:9b:5b:25:82:e7:d6:ac:e1:a2:3b:17:7b:
04:23:33:c3:b7:cd:e3:54:c0:80:06:05:46:fc:24:
6b:7b:77:62:1a:42:aa:30:8f:a6:f3:c0:83:81:a8:
ba:a7:95:d4:18:e7:8a:b6:21:d1:52:8d:1d:86:e2:
59:bc:6b:61:cb:44:b2:fe:72:cb:21:74:31:8f:ad:
a0:f0:aa:3d:23:91:9d:1e:33:12:d6:cf:a2:1a:b1:
85:2e:b5:79:d0:a2:8d:7c:63:af:3c:e0:95:c8:82:
b9:f8:8e:6b:95:1b:a0:7e:cf:c7:9a:09:95:79:f7:
cd:28:31:4c:91:84:cd:59:4f:25:3c:b3:99:43:af:
9e:20:10:42:0c:a7:a7:27:75:ce:fa:ff:b0:0a:55:
89:4a:69:26:ed:9c:c6:2e:31:c7:48:46:84:ee:07:
a7:84:a2:95:fe:3e:c2:e9:8e:a3:b5:6b:48:f7:b0:
ff:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:80:2C:8C:2A:A2:42:41:C2:DA:BA:66:3C:4B:23:55:D3:CF:B7:08
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/fIAsjCqiQkHC2rpmPEsjVdPPtwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.30.0/23
84.32.42.0/24
84.32.46.0/24
84.32.56.0/24
84.32.60.0/24
84.32.62.0/24
84.32.65.0/24
84.32.67.0-84.32.68.255
84.32.79.0/24
84.32.108.0-84.32.110.255
84.32.148.0/22
84.32.153.0/24
84.32.156.0/22
84.32.178.0/23
84.32.212.0/24
84.32.214.0/23
84.32.221.0/24
84.32.224.0/24
84.32.231.0-84.32.232.255
84.32.235.0/24
84.32.239.0-84.32.240.255
84.32.243.0/24
84.32.246.0/23
84.32.250.0-84.32.253.255
88.216.0.0/24
88.216.3.0/24
88.216.16.0/24
88.216.22.0/23
88.216.32.0/24
88.216.35.0/24
88.216.38.0-88.216.40.255
88.216.44.0/23
88.216.56.0-88.216.65.255
88.216.100.0/23
88.216.111.0/24
88.216.130.0/23
88.216.134.0/23
88.216.180.0/24
88.216.183.0/24
88.216.188.0/23
88.216.197.0/24
88.216.212.0/22
88.216.220.0/24
88.216.236.0-88.216.247.255
Signature Algorithm: sha256WithRSAEncryption
97:e6:60:b6:16:4a:50:94:e4:fe:f3:80:72:5d:38:23:4c:5a:
fc:85:62:27:e6:11:e5:61:1c:33:95:a2:95:61:f2:be:2f:0f:
fa:cf:89:9b:c2:29:81:31:bb:52:7e:bb:20:3a:fd:fb:c5:0d:
46:da:19:d8:8b:16:15:14:f4:a3:29:9c:fc:11:08:63:0c:c4:
ee:19:74:05:53:56:c7:8e:c2:93:f8:50:e2:19:75:e7:d8:e2:
d1:80:83:01:78:64:f7:37:b4:4d:9d:19:78:e2:a1:88:26:e0:
aa:44:aa:01:d3:67:ab:1e:b0:d8:0f:71:f4:b5:2b:6a:0e:68:
02:c8:af:b9:95:7a:45:5b:b3:88:1e:79:c0:6c:35:4c:dd:09:
98:ab:0f:b0:d0:b4:ee:4a:46:a3:c7:ca:66:07:38:cd:00:6a:
91:be:2a:d2:b7:72:9f:ae:16:28:f3:c1:ee:d4:2e:1b:58:d5:
21:f2:6e:d8:ff:f5:87:94:b0:cf:e6:6d:d2:55:61:dc:0c:35:
08:87:f2:53:52:dc:7f:9b:32:c3:40:df:00:e7:e8:96:ed:c6:
53:16:d4:30:24:bc:45:1b:85:f5:05:85:c7:7c:d3:5d:69:49:
9c:e5:9e:45:9b:28:7b:a9:25:ee:82:9f:4e:3a:77:59:be:83:
16:4f:3e:12
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAYjC8Iz741y9Squ1M4uU9VRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNjE2MDY0MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzgwMmM4YzJhYTI0MjQxYzJkYWJhNjYzYzRiMjM1NWQzY2ZiNzA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh01Og8k6uZQPgAPwZgzz2Rbz8GqH
FpgWlp79Zo67PRVJvxOHVtknNbqjCaaYycUV3/p0/+ktxYul5wx9Ip4HO+jTPhcy
mJIoh9bxjK+bWyWC59as4aI7F3sEIzPDt83jVMCABgVG/CRre3diGkKqMI+m88CD
gai6p5XUGOeKtiHRUo0dhuJZvGthy0Sy/nLLIXQxj62g8Ko9I5GdHjMS1s+iGrGF
LrV50KKNfGOvPOCVyIK5+I5rlRugfs/HmgmVeffNKDFMkYTNWU8lPLOZQ6+eIBBC
DKenJ3XO+v+wClWJSmkm7ZzGLjHHSEaE7genhKKV/j7C6Y6jtWtI97D/eQIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFHyALIwqokJBwtq6ZjxLI1XTz7cIMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZklBc2pDcWlRa0hDMnJwbVBFc2pWZFBQdHdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCCAWQEAgABMIIB
XAMEAFQgCDAMAwQCVCAUAwQCVCAYAwQBVCAeAwQAVCAqAwQAVCAuAwQAVCA4AwQA
VCA8AwQAVCA+AwQAVCBBMAwDBABUIEMDBABUIEQDBABUIE8wDAMEAlQgbAMEAFQg
bgMEAlQglAMEAFQgmQMEAlQgnAMEAVQgsgMEAFQg1AMEAVQg1gMEAFQg3QMEAFQg
4DAMAwQAVCDnAwQAVCDoAwQAVCDrMAwDBABUIO8DBABUIPADBABUIPMDBAFUIPYw
DAMEAVQg+gMEAVQg/AMEAFjYAAMEAFjYAwMEAFjYEAMEAVjYFgMEAFjYIAMEAFjY
IzAMAwQBWNgmAwQAWNgoAwQBWNgsMAwDBANY2DgDBAFY2EADBAFY2GQDBABY2G8D
BAFY2IIDBAFY2IYDBABY2LQDBABY2LcDBAFY2LwDBABY2MUDBAJY2NQDBABY2Nww
DAMEAljY7AMEA1jY8DANBgkqhkiG9w0BAQsFAAOCAQEAl+ZgthZKUJTk/vOAcl04
I0xa/IViJ+YR5WEcM5WilWHyvi8P+s+Jm8IpgTG7Un67IDr9+8UNRtoZ2IsWFRT0
oymc/BEIYwzE7hl0BVNWx47Ck/hQ4hl159ji0YCDAXhk9ze0TZ0ZeOKhiCbgqkSq
AdNnqx6w2A9x9LUrag5oAsivuZV6RVuziB55wGw1TN0JmKsPsNC07kpGo8fKZgc4
zQBqkb4q0rdyn64WKPPB7tQuG1jVIfJu2P/1h5Swz+Zt0lVh3Aw1CIfyU1Lcf5sy
w0DfAOfolu3GUxbUMCS8RRuF9QWFx3zTXWlJnOWeRZsoe6kl7oKfTjp3Wb6DFk8+
Eg==
-----END CERTIFICATE-----
Generated at Tue May 13 08:00:49 2025 by rpki-client