Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0c-x3l6A-6DO6quacIy6okO-vAc.roa
File: 0c-x3l6A-6DO6quacIy6okO-vAc.roa (raw, json)
Hash identifier: QKB4GixxzCJUJF7tVwwdvuheELrAWpT2MAq5yqpE/fw=
Subject key identifier: D1:CF:B1:DE:5E:80:FB:A0:CE:EA:AB:9A:70:8C:BA:A2:43:BE:BC:07
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018B9BB24F2995BE8740D598E85803D43009
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0c-x3l6A-6DO6quacIy6okO-vAc.roa
Signing time: Sat 04 Nov 2023 18:57:16 +0000
ROA not before: Sat 04 Nov 2023 18:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 88.216.183.0/24 maxlen: 24
88.216.180.0/24 maxlen: 24
88.216.182.0/24 maxlen: 24
88.216.190.0/24 maxlen: 24
88.216.191.0/24 maxlen: 24
88.216.187.0/24 maxlen: 24
88.216.188.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
88.216.198.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.208.0/24 maxlen: 24
84.32.214.0/23 maxlen: 24
88.216.129.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
84.32.236.0/24 maxlen: 24
84.32.246.0/23 maxlen: 24
84.32.244.0/23 maxlen: 24
88.216.134.0/23 maxlen: 24
84.32.249.0/24 maxlen: 24
88.216.223.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.228.0/22 maxlen: 24
88.216.236.0/22 maxlen: 24
84.32.66.0/24 maxlen: 24
84.32.95.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.20.0/22 maxlen: 24
84.32.47.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/23 maxlen: 24
88.216.66.0/24 maxlen: 24
88.216.67.0/24 maxlen: 24
84.32.178.0/23 maxlen: 24
88.216.93.0/24 maxlen: 24
84.32.210.0/24 maxlen: 24
88.216.22.0/23 maxlen: 24
88.216.44.0/24 maxlen: 24
88.216.43.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
88.216.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:9b:b2:4f:29:95:be:87:40:d5:98:e8:58:03:d4:30:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 4 18:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d1cfb1de5e80fba0ceeaab9a708cbaa243bebc07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d4:d0:42:6c:15:44:03:ae:6b:e4:91:c3:1b:
10:9f:06:33:13:71:5c:61:73:86:ea:e7:32:ec:70:
8b:be:0a:e3:b3:1b:75:af:59:46:bd:63:10:44:90:
83:89:a7:35:23:27:58:e4:e4:f7:19:85:85:20:fb:
7a:a7:4e:f4:96:49:ff:dc:e3:91:77:5e:50:39:85:
d6:1a:2f:6a:8b:37:1b:ea:4d:0f:25:3c:61:dc:0d:
70:5a:41:aa:4b:73:f5:bd:a7:4f:29:59:14:ca:50:
4c:6b:37:b4:6c:fe:72:c1:f9:bc:8e:67:cc:37:a0:
5e:32:4f:2a:a5:42:cf:02:ff:04:7f:ec:71:e5:fd:
3d:69:7a:eb:81:65:29:0a:91:4e:a1:45:77:64:39:
27:20:d1:b8:3b:9d:8a:31:a1:e8:bf:eb:70:8f:e6:
12:b7:6d:09:4e:73:cf:91:ba:2f:01:56:0e:80:dc:
3d:45:9f:2c:7c:a3:4b:80:cc:6d:f5:6c:b1:03:8f:
99:92:a2:9f:57:e8:84:3f:b4:16:13:bb:9d:02:12:
0a:f3:aa:aa:73:cd:d5:38:06:27:de:28:a3:08:30:
26:0f:23:44:28:21:31:ec:86:d4:ab:f0:6a:e2:c4:
e5:3c:f2:d7:8a:26:ed:39:d1:0f:e5:55:02:9c:ac:
4c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:CF:B1:DE:5E:80:FB:A0:CE:EA:AB:9A:70:8C:BA:A2:43:BE:BC:07
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/0c-x3l6A-6DO6quacIy6okO-vAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.20.0-84.32.27.255
84.32.46.0/23
84.32.66.0/24
84.32.95.0/24
84.32.148.0/22
84.32.174.0/23
84.32.178.0/23
84.32.210.0/24
84.32.214.0/23
84.32.236.0/24
84.32.244.0/22
84.32.249.0/24
88.216.22.0/23
88.216.43.0-88.216.45.255
88.216.66.0/23
88.216.93.0/24
88.216.129.0-88.216.132.255
88.216.134.0/23
88.216.180.0/24
88.216.182.0/23
88.216.187.0-88.216.191.255
88.216.197.0-88.216.198.255
88.216.208.0/24
88.216.211.0-88.216.215.255
88.216.220.0/24
88.216.223.0/24
88.216.228.0/22
88.216.236.0/22
Signature Algorithm: sha256WithRSAEncryption
58:e3:1a:b6:33:8a:41:56:0e:47:08:5a:c1:68:15:1a:81:3f:
77:4c:27:a6:bd:9d:e1:f5:8a:45:25:93:eb:b9:d8:7d:2e:86:
38:6c:ea:88:bc:9f:9e:80:0e:c5:cc:2a:dd:42:ea:15:4e:4b:
24:30:ac:b5:df:ce:cf:ef:b2:9b:3b:21:3c:89:cc:b4:d2:fc:
c6:63:0d:4c:83:b0:08:0c:41:80:78:6c:29:dc:a5:df:a7:51:
52:bb:79:41:81:d1:90:48:12:a8:15:37:16:da:eb:7c:db:eb:
26:6b:58:51:35:f9:db:30:3e:e4:96:35:b2:6f:e5:0b:d8:a0:
ae:e8:55:27:a5:66:15:a4:e2:b2:d2:82:e0:77:49:05:89:44:
e3:13:57:f9:17:b2:6e:67:eb:a8:6c:2b:84:f7:08:d0:e5:65:
e4:92:c2:4a:6c:b6:16:12:89:c6:f1:fc:5b:f2:69:c8:16:4d:
0c:76:3c:df:48:d2:9f:66:bd:c2:ec:3e:73:ee:72:0d:42:f9:
a5:dd:de:eb:70:da:6d:86:c7:b8:13:eb:bb:61:5e:a8:55:86:
21:32:e6:71:4f:95:5f:2c:b1:a1:d4:02:9f:3a:3b:ca:2e:7d:
57:4a:f5:c2:0a:ce:82:d8:37:82:87:fb:8e:56:f7:78:45:a4:
6a:f0:c6:32
-----BEGIN CERTIFICATE-----
MIIF2jCCBMKgAwIBAgISAYubsk8plb6HQNWY6FgD1DAJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMxMTA0MTg1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWNmYjFkZTVlODBmYmEwY2VlYWFiOWE3MDhjYmFhMjQzYmViYzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktTQQmwVRAOua+SRwxsQnwYzE3Fc
YXOG6ucy7HCLvgrjsxt1r1lGvWMQRJCDiac1IydY5OT3GYWFIPt6p070lkn/3OOR
d15QOYXWGi9qizcb6k0PJTxh3A1wWkGqS3P1vadPKVkUylBMaze0bP5ywfm8jmfM
N6BeMk8qpULPAv8Ef+xx5f09aXrrgWUpCpFOoUV3ZDknING4O52KMaHov+twj+YS
t20JTnPPkbovAVYOgNw9RZ8sfKNLgMxt9WyxA4+ZkqKfV+iEP7QWE7udAhIK86qq
c83VOAYn3iijCDAmDyNEKCEx7IbUq/Bq4sTlPPLXiibtOdEP5VUCnKxMlQIDAQAB
o4IC5jCCAuIwHQYDVR0OBBYEFNHPsd5egPugzuqrmnCMuqJDvrwHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMGMteDNsNkEtNkRPNnF1YWNJeTZva08tdkFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH7BggrBgEFBQcBBwEB/wSB6zCB6DCB5QQCAAEwgd4DBABU
IAgwDAMEAlQgFAMEAlQgGAMEAVQgLgMEAFQgQgMEAFQgXwMEAlQglAMEAVQgrgME
AVQgsgMEAFQg0gMEAVQg1gMEAFQg7AMEAlQg9AMEAFQg+QMEAVjYFjAMAwQAWNgr
AwQBWNgsAwQBWNhCAwQAWNhdMAwDBABY2IEDBABY2IQDBAFY2IYDBABY2LQDBAFY
2LYwDAMEAFjYuwMEBljYgDAMAwQAWNjFAwQAWNjGAwQAWNjQMAwDBABY2NMDBANY
2NADBABY2NwDBABY2N8DBAJY2OQDBAJY2OwwDQYJKoZIhvcNAQELBQADggEBAFjj
GrYzikFWDkcIWsFoFRqBP3dMJ6a9neH1ikUlk+u52H0uhjhs6oi8n56ADsXMKt1C
6hVOSyQwrLXfzs/vsps7ITyJzLTS/MZjDUyDsAgMQYB4bCncpd+nUVK7eUGB0ZBI
EqgVNxba63zb6yZrWFE1+dswPuSWNbJv5QvYoK7oVSelZhWk4rLSguB3SQWJROMT
V/kXsm5n66hsK4T3CNDlZeSSwkpsthYSicbx/FvyacgWTQx2PN9I0p9mvcLsPnPu
cg1C+aXd3utw2m2Gx7gT67thXqhVhiEy5nFPlV8ssaHUAp86O8oufVdK9cIKzoLY
N4KH+45W93hFpGrwxjI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:23:00 2025 by rpki-client