Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vnO0NLkW_XAAP1g61DEb0Gor4tE.roa
File: vnO0NLkW_XAAP1g61DEb0Gor4tE.roa (raw, json)
Hash identifier: kPWzglVT0dHwIPl5hI1QTn6NdjijqGe4GPEtePKBzDs=
Subject key identifier: BE:73:B4:34:B9:16:FD:70:00:3F:58:3A:D4:31:1B:D0:6A:2B:E2:D1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01876500C76569BE347B2F3467324BC38EC4
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vnO0NLkW_XAAP1g61DEb0Gor4tE.roa
Signing time: Sun 09 Apr 2023 07:52:42 +0000
ROA not before: Sun 09 Apr 2023 07:52:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 84.32.214.0/23 maxlen: 24
84.32.218.0/24 maxlen: 24
84.32.221.0/24 maxlen: 24
84.32.223.0/24 maxlen: 24
84.32.224.0/24 maxlen: 24
84.32.232.0/24 maxlen: 24
84.32.239.0/24 maxlen: 24
84.32.240.0/24 maxlen: 24
84.32.244.0/23 maxlen: 24
84.32.242.0/24 maxlen: 24
84.32.243.0/24 maxlen: 24
84.32.252.0/23 maxlen: 24
84.32.250.0/24 maxlen: 24
84.32.251.0/24 maxlen: 24
84.32.57.0/24 maxlen: 24
84.32.60.0/24 maxlen: 24
84.32.70.0/24 maxlen: 24
84.32.67.0/24 maxlen: 24
84.32.77.0/24 maxlen: 24
84.32.79.0/24 maxlen: 24
84.32.89.0/24 maxlen: 24
84.32.88.0/24 maxlen: 24
84.32.8.0/24 maxlen: 24
84.32.24.0/22 maxlen: 24
84.32.24.0/24 maxlen: 24
84.32.30.0/24 maxlen: 24
84.32.40.0/24 maxlen: 24
84.32.46.0/24 maxlen: 24
84.32.174.0/24 maxlen: 24
84.32.175.0/24 maxlen: 24
84.32.177.0/24 maxlen: 24
84.32.179.0/24 maxlen: 24
84.32.212.0/24 maxlen: 24
84.32.108.0/23 maxlen: 24
84.32.106.0/24 maxlen: 24
84.32.148.0/23 maxlen: 24
84.32.150.0/23 maxlen: 24
84.32.157.0/24 maxlen: 24
88.216.189.0/24 maxlen: 24
88.216.212.0/22 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.111.0/24 maxlen: 24
88.216.128.0/24 maxlen: 24
88.216.132.0/24 maxlen: 24
88.216.130.0/23 maxlen: 24
88.216.215.0/24 maxlen: 24
88.216.220.0/24 maxlen: 24
88.216.232.0/22 maxlen: 24
88.216.93.0/24 maxlen: 24
88.216.3.0/24 maxlen: 24
88.216.1.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.32.0/24 maxlen: 24
88.216.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:65:00:c7:65:69:be:34:7b:2f:34:67:32:4b:c3:8e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Apr 9 07:52:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=be73b434b916fd70003f583ad4311bd06a2be2d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c6:53:c8:95:f4:f4:4b:3e:16:96:9d:74:2b:
06:00:fc:70:4e:ff:81:fd:9a:5c:d2:84:5c:4d:5f:
b1:15:b9:80:97:f4:e2:59:02:71:2e:22:f5:ca:12:
36:e3:6d:c6:d4:b1:ed:b9:52:51:a3:4e:d2:37:d4:
d2:3b:70:36:02:55:7c:2d:31:04:59:6a:51:2d:b0:
27:a1:2f:d7:22:bf:b9:48:cd:79:1f:74:af:16:a6:
36:60:b2:e7:c4:4f:79:06:04:fd:ec:bd:43:5a:31:
7a:b6:e0:19:d0:0d:79:1b:be:eb:40:39:fe:2f:77:
ed:13:f5:a0:09:e4:b1:55:a0:2e:eb:e4:49:ae:2d:
bb:31:08:ad:5d:08:d2:e2:9c:ab:a5:aa:f5:70:70:
0b:ab:2a:52:8b:42:8e:92:05:42:05:70:34:ef:f5:
1c:49:b9:b2:ce:92:e7:0e:bf:a0:ab:c5:b9:b8:22:
31:1d:1a:d5:10:63:ee:78:64:be:d6:da:d6:2c:a3:
51:f4:23:b7:c7:a3:bf:46:36:b9:88:71:4b:28:ee:
f6:99:ff:ea:96:44:b8:6e:88:11:48:09:6e:c7:3f:
c2:76:bc:e9:c2:0f:6c:f1:c7:26:8f:5a:c8:73:f9:
90:8c:83:84:ca:f4:82:b4:71:31:18:d8:f6:99:31:
d4:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:73:B4:34:B9:16:FD:70:00:3F:58:3A:D4:31:1B:D0:6A:2B:E2:D1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/vnO0NLkW_XAAP1g61DEb0Gor4tE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/24
84.32.24.0/22
84.32.30.0/24
84.32.40.0/24
84.32.46.0/24
84.32.57.0/24
84.32.60.0/24
84.32.67.0/24
84.32.70.0/24
84.32.77.0/24
84.32.79.0/24
84.32.88.0/23
84.32.106.0/24
84.32.108.0/23
84.32.148.0/22
84.32.157.0/24
84.32.174.0/23
84.32.177.0/24
84.32.179.0/24
84.32.212.0/24
84.32.214.0/23
84.32.218.0/24
84.32.221.0/24
84.32.223.0-84.32.224.255
84.32.232.0/24
84.32.239.0-84.32.240.255
84.32.242.0-84.32.245.255
84.32.250.0-84.32.253.255
88.216.1.0/24
88.216.3.0/24
88.216.21.0/24
88.216.32.0/24
88.216.44.0/24
88.216.93.0/24
88.216.111.0/24
88.216.128.0/24
88.216.130.0-88.216.132.255
88.216.189.0/24
88.216.212.0/22
88.216.220.0/24
88.216.232.0/22
Signature Algorithm: sha256WithRSAEncryption
71:5e:c3:b8:ed:22:98:72:ad:cc:28:f9:d4:8d:15:dc:f2:c4:
2a:1f:d6:da:ca:53:ea:57:8a:85:88:5d:14:28:ff:f3:af:90:
c8:36:3d:c6:f5:b4:38:d7:bf:b2:94:75:f0:e3:fd:7c:4e:cf:
21:a7:dc:33:50:49:ca:5d:06:bc:f5:14:63:08:c3:2a:2b:f8:
80:db:7a:35:59:58:ff:07:fd:77:8b:ea:cf:d3:9c:bb:52:78:
e8:b1:26:cc:5a:4d:c0:2e:76:c4:67:ad:8d:78:f6:3b:59:b9:
50:a5:55:15:21:2a:d5:be:8b:d7:a3:ba:40:29:21:69:d2:6e:
d6:2b:14:25:da:b7:97:47:cf:13:8d:a2:d9:b5:b8:90:1e:7e:
b6:ad:b1:6e:ee:68:3d:a8:d1:15:f1:8b:90:ad:6f:fb:88:b0:
a3:98:8f:ec:ea:ec:fa:4c:20:2e:f9:ff:ef:7c:56:e9:20:e5:
f3:4c:ec:58:02:45:56:90:8b:78:e8:13:ac:45:6e:ae:65:9b:
69:19:b2:19:87:9d:bf:09:43:af:83:02:40:1e:aa:31:19:07:
b9:36:b4:c8:08:fa:68:64:df:70:4f:e2:fb:7a:68:f8:29:b6:
68:24:f2:8c:1b:b5:8b:b3:96:3a:9d:08:ab:6f:3f:e7:f2:8b:
f8:23:b3:34
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYdlAMdlab40ey80ZzJLw47EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjMwNDA5MDc1MjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTczYjQzNGI5MTZmZDcwMDAzZjU4M2FkNDMxMWJkMDZhMmJlMmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMZTyJX09Es+FpaddCsGAPxwTv+B
/Zpc0oRcTV+xFbmAl/TiWQJxLiL1yhI2423G1LHtuVJRo07SN9TSO3A2AlV8LTEE
WWpRLbAnoS/XIr+5SM15H3SvFqY2YLLnxE95BgT97L1DWjF6tuAZ0A15G77rQDn+
L3ftE/WgCeSxVaAu6+RJri27MQitXQjS4pyrpar1cHALqypSi0KOkgVCBXA07/Uc
SbmyzpLnDr+gq8W5uCIxHRrVEGPueGS+1trWLKNR9CO3x6O/Rja5iHFLKO72mf/q
lkS4bogRSAluxz/Cdrzpwg9s8ccmj1rIc/mQjIOEyvSCtHExGNj2mTHUqQIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFL5ztDS5Fv1wAD9YOtQxG9BqK+LRMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdm5PME5Ma1dfWEFBUDFnNjFERWIwR29yNHRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCASYEAgABMIIB
HgMEAFQgCAMEAlQgGAMEAFQgHgMEAFQgKAMEAFQgLgMEAFQgOQMEAFQgPAMEAFQg
QwMEAFQgRgMEAFQgTQMEAFQgTwMEAVQgWAMEAFQgagMEAVQgbAMEAlQglAMEAFQg
nQMEAVQgrgMEAFQgsQMEAFQgswMEAFQg1AMEAVQg1gMEAFQg2gMEAFQg3TAMAwQA
VCDfAwQAVCDgAwQAVCDoMAwDBABUIO8DBABUIPAwDAMEAVQg8gMEAVQg9DAMAwQB
VCD6AwQBVCD8AwQAWNgBAwQAWNgDAwQAWNgVAwQAWNggAwQAWNgsAwQAWNhdAwQA
WNhvAwQAWNiAMAwDBAFY2IIDBABY2IQDBABY2L0DBAJY2NQDBABY2NwDBAJY2Ogw
DQYJKoZIhvcNAQELBQADggEBAHFew7jtIphyrcwo+dSNFdzyxCof1trKU+pXioWI
XRQo//OvkMg2Pcb1tDjXv7KUdfDj/XxOzyGn3DNQScpdBrz1FGMIwyor+IDbejVZ
WP8H/XeL6s/TnLtSeOixJsxaTcAudsRnrY149jtZuVClVRUhKtW+i9ejukApIWnS
btYrFCXat5dHzxONotm1uJAefratsW7uaD2o0RXxi5Ctb/uIsKOYj+zq7PpMIC75
/+98Vukg5fNM7FgCRVaQi3joE6xFbq5lm2kZshmHnb8JQ6+DAkAeqjEZB7k2tMgI
+mhk33BP4vt6aPgptmgk8owbtYuzljqdCKtvP+fyi/gjszQ=
-----END CERTIFICATE-----
Generated at Sat Jun 14 13:20:04 2025 by rpki-client