Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gB-DSg3gOUFKaEubRXqWbv8JVvA.roa
File: gB-DSg3gOUFKaEubRXqWbv8JVvA.roa (raw, json)
Hash identifier: Glt60K0Hvh8wbCSwVbhWWW7PPdlPskSVRzJb+F0lCjA=
Subject key identifier: 80:1F:83:4A:0D:E0:39:41:4A:68:4B:9B:45:7A:96:6E:FF:09:56:F0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01877A447E3F82FA6FEA6F19EC012278C9DA
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gB-DSg3gOUFKaEubRXqWbv8JVvA.roa
Signing time: Thu 13 Apr 2023 10:58:41 +0000
ROA not before: Thu 13 Apr 2023 10:58:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.152.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.153.0/24 maxlen: 24
84.32.154.0/24 maxlen: 24
84.32.159.0/24 maxlen: 24
84.32.156.0/24 maxlen: 24
84.32.158.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.56.0/24 maxlen: 24
88.216.57.0/24 maxlen: 24
88.216.59.0/24 maxlen: 24
88.216.62.0/24 maxlen: 24
88.216.63.0/24 maxlen: 24
88.216.64.0/24 maxlen: 24
88.216.65.0/24 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.16.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:44:7e:3f:82:fa:6f:ea:6f:19:ec:01:22:78:c9:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 13 10:58:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=801f834a0de039414a684b9b457a966eff0956f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1e:90:69:00:2f:82:36:67:00:61:6c:8c:a3:
ab:a3:db:aa:04:dd:81:fe:f9:76:5d:76:99:e2:a9:
b5:d4:43:7f:23:34:d5:36:9f:ca:32:6a:06:9a:e5:
92:1a:53:2d:fe:f3:83:40:ad:4b:0a:87:ba:01:03:
78:39:ed:63:ec:a9:b2:41:93:fc:ed:6d:47:90:47:
97:6e:5a:1b:a7:0e:7a:09:fa:a5:b4:28:cb:eb:75:
71:dd:8a:a8:6f:fd:5a:96:e2:c3:af:35:77:64:24:
31:89:cd:50:31:bc:da:9e:9c:3a:93:dc:81:e6:32:
17:60:ca:97:7b:65:47:b6:1b:7a:58:97:58:59:98:
9d:6e:d4:ae:39:57:98:6a:a1:71:09:d5:bb:3c:b7:
ab:30:6b:44:dd:34:ef:46:3b:e2:77:37:b5:33:5c:
a8:16:e6:8a:73:63:67:a5:a0:31:3e:4b:02:b8:9b:
b8:b2:8c:b5:0b:fe:2c:f7:3f:44:28:72:25:37:0e:
1f:0d:09:b1:06:c4:c2:ec:71:f3:bc:f7:93:a0:da:
ed:33:ac:d8:99:4c:58:f3:d8:11:7f:0c:25:bd:92:
67:76:54:f5:c2:ae:1d:4b:0a:91:1c:41:0d:ff:fb:
8b:b8:95:d8:07:06:a6:3e:e2:25:e4:ab:4d:8d:40:
1f:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1F:83:4A:0D:E0:39:41:4A:68:4B:9B:45:7A:96:6E:FF:09:56:F0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/gB-DSg3gOUFKaEubRXqWbv8JVvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/24
84.32.108.0/23
84.32.148.0-84.32.154.255
84.32.156.0/24
84.32.158.0/23
84.32.174.0/23
84.32.177.0-84.32.179.255
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.16.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/23
88.216.56.0/23
88.216.59.0/24
88.216.62.0-88.216.65.255
88.216.93.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.185.0/24
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
90:d8:35:54:73:ec:b8:cd:be:46:3a:0b:e5:76:e2:6f:e2:42:
8e:3a:d0:cc:e9:e0:b7:8a:bb:0c:ee:4e:c3:53:6b:d0:d2:21:
df:21:d4:54:fd:e7:71:80:5a:9a:06:30:84:07:b4:bb:e7:c9:
b5:4c:57:bf:18:3b:a6:e4:13:8f:59:71:13:d7:05:34:a3:4a:
cd:2f:c6:ca:c7:46:24:5e:d4:dc:49:b6:ff:12:1f:ab:da:3d:
cd:61:d7:bd:5a:c6:fb:73:97:ab:20:0d:dd:20:a0:e1:c3:8b:
63:e7:b6:64:5d:fd:a4:48:13:27:4f:c6:9c:36:65:56:da:5b:
47:a6:69:9b:01:8f:e5:c4:04:ab:c5:71:d4:18:61:09:ab:40:
29:5a:39:79:a9:2e:b4:07:4a:46:84:4a:0b:d8:2f:20:4a:d3:
5f:8b:ec:a0:bb:1f:2e:5f:95:0e:f5:70:79:7a:25:ed:51:aa:
b9:67:78:ea:6d:3d:51:a3:c0:04:d0:5a:eb:ce:d0:07:37:bb:
e0:94:d7:f7:fc:0d:08:64:1a:da:39:90:d7:6d:d3:f0:08:d6:
a0:7b:62:19:66:c9:76:87:db:fe:f4:5c:fc:a0:42:f0:d5:ce:
c3:83:e8:df:25:dd:db:c1:2e:cc:65:78:95:b5:14:b1:d2:e5:
27:6a:89:9b
-----BEGIN CERTIFICATE-----
MIIGQzCCBSugAwIBAgISAYd6RH4/gvpv6m8Z7AEieMnaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDEzMTA1ODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDFmODM0YTBkZTAzOTQxNGE2ODRiOWI0NTdhOTY2ZWZmMDk1NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h6QaQAvgjZnAGFsjKOro9uqBN2B
/vl2XXaZ4qm11EN/IzTVNp/KMmoGmuWSGlMt/vODQK1LCoe6AQN4Oe1j7KmyQZP8
7W1HkEeXblobpw56CfqltCjL63Vx3Yqob/1aluLDrzV3ZCQxic1QMbzanpw6k9yB
5jIXYMqXe2VHtht6WJdYWZidbtSuOVeYaqFxCdW7PLerMGtE3TTvRjvidze1M1yo
FuaKc2NnpaAxPksCuJu4soy1C/4s9z9EKHIlNw4fDQmxBsTC7HHzvPeToNrtM6zY
mUxY89gRfwwlvZJndlT1wq4dSwqRHEEN//uLuJXYBwamPuIl5KtNjUAfOwIDAQAB
o4IDTzCCA0swHQYDVR0OBBYEFIAfg0oN4DlBSmhLm0V6lm7/CVbwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvZ0ItRFNnM2dPVUZLYUV1YlJYcVdidjhKVnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYwYIKwYBBQUHAQcBAf8EggFSMIIBTjCCAUoEAgABMIIB
QgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgTQMEAFQgTwMEAFQgWAMEAVQgbDAMAwQCVCCUAwQAVCCaAwQAVCCcAwQB
VCCeAwQBVCCuMAwDBABUILEDBAJUILADBABUINQDBAFUINYDBABUINoDBABUIN0w
DAMEAFQg3wMEAFQg4AMEAFQg6DAMAwQAVCDvAwQAVCDwMAwDBAFUIPIDBAFUIPQw
DAMEAVQg+gMEAVQg/AMEAFjYAQMEAFjYAwMEAFjYEAMEAFjYFQMEAFjYIAMEAVjY
LAMEAVjYOAMEAFjYOzAMAwQBWNg+AwQBWNhAAwQAWNhdAwQAWNiAMAwDBAFY2IID
BABY2IQDBABY2LkDBABY2L0DBAJY2NQDBABY2NwDBAJY2OgwDQYJKoZIhvcNAQEL
BQADggEBAJDYNVRz7LjNvkY6C+V24m/iQo460Mzp4LeKuwzuTsNTa9DSId8h1FT9
53GAWpoGMIQHtLvnybVMV78YO6bkE49ZcRPXBTSjSs0vxsrHRiRe1NxJtv8SH6va
Pc1h171axvtzl6sgDd0goOHDi2PntmRd/aRIEydPxpw2ZVbaW0emaZsBj+XEBKvF
cdQYYQmrQClaOXmpLrQHSkaESgvYLyBK01+L7KC7Hy5flQ71cHl6Je1RqrlneOpt
PVGjwATQWuvO0Ac3u+CU1/f8DQhkGto5kNdt0/AI1qB7YhlmyXaH2/70XPygQvDV
zsOD6N8l3dvBLsxleJW1FLHS5SdqiZs=
-----END CERTIFICATE-----
Generated at Sat May 10 21:14:13 2025 by rpki-client