Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/L4dzwSZtsZamuDGYtigT71U6LJM.roa
File: L4dzwSZtsZamuDGYtigT71U6LJM.roa (raw, json)
Hash identifier: yT8Zf5kq2xlGtzY50rwMakc1OkZfx6HR1H/r7enlGA4=
Subject key identifier: 2F:87:73:C1:26:6D:B1:96:A6:B8:31:98:B6:28:13:EF:55:3A:2C:93
Certificate issuer: /CN=1ea0a9eb47d824b51f154442481a257168394551
Certificate serial: 0183FB536B803CE327034DB62E3CB1026545
Authority key identifier: 1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/L4dzwSZtsZamuDGYtigT71U6LJM.roa
Signing time: Fri 21 Oct 2022 16:14:51 +0000
ROA not before: Fri 21 Oct 2022 16:14:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204887
IP address blocks: 217.113.192.0/23 maxlen: 23
217.113.192.0/24 maxlen: 24
217.113.195.0/24 maxlen: 24
217.113.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:53:6b:80:3c:e3:27:03:4d:b6:2e:3c:b1:02:65:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ea0a9eb47d824b51f154442481a257168394551
Validity
Not Before: Oct 21 16:14:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f8773c1266db196a6b83198b62813ef553a2c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:38:73:2c:1e:6f:17:7e:b9:4e:81:5f:75:94:
cb:42:4e:94:bc:ea:a3:56:f0:18:7f:cb:e0:45:3b:
6a:dd:9c:49:b6:4d:2e:db:d9:90:81:35:3e:bc:0e:
02:fd:da:90:c0:88:da:2e:5e:71:ef:38:10:ef:d7:
a2:06:da:53:33:4d:38:02:96:ee:ae:14:95:e2:84:
d0:0c:08:92:40:3a:83:2f:e3:2d:44:2f:ec:a7:37:
08:4d:5c:89:ed:ba:a0:2c:17:68:31:b5:a6:5f:a0:
94:4d:87:f6:57:ba:94:f4:89:8a:9b:59:98:06:1d:
0a:8c:26:3c:f1:a8:6a:76:99:91:8a:bb:d5:10:3b:
ce:f1:17:5c:da:19:6c:64:a9:f7:dd:ff:92:01:89:
55:af:dd:fe:77:78:d2:3b:cf:d5:da:5c:21:ad:ec:
56:5f:e8:9e:55:c0:2e:0b:00:56:ce:68:dc:ca:8a:
d5:1a:ea:27:98:01:a4:8a:32:3c:37:ba:f1:74:a9:
58:64:fb:52:94:b1:96:9c:39:a2:07:0c:22:04:10:
c0:38:20:11:25:77:14:62:7f:c0:04:0d:09:45:9e:
06:ab:5b:63:57:89:ac:bf:c5:56:94:78:30:c1:82:
a1:51:2f:82:dc:a6:a8:31:b4:2c:83:ca:ea:9c:5e:
78:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:87:73:C1:26:6D:B1:96:A6:B8:31:98:B6:28:13:EF:55:3A:2C:93
X509v3 Authority Key Identifier:
keyid:1E:A0:A9:EB:47:D8:24:B5:1F:15:44:42:48:1A:25:71:68:39:45:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HqCp60fYJLUfFURCSBolcWg5RVE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/L4dzwSZtsZamuDGYtigT71U6LJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/3033c6-cce8-450d-a0c9-8418a96f6795/1/HqCp60fYJLUfFURCSBolcWg5RVE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.113.192.0/23
217.113.195.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:58:2a:6e:9c:91:0f:f2:73:0d:62:25:29:80:05:2b:f0:27:
02:fd:0e:00:8d:8c:f5:74:e6:97:98:fb:00:39:e7:a0:5e:ba:
7f:c7:97:f0:d4:6e:82:27:f9:1a:33:ab:d4:38:6a:b1:5a:51:
06:68:77:2a:21:41:d7:a0:c2:59:4f:50:89:a6:7e:9e:b4:03:
1a:dc:67:cc:2f:5a:73:1f:84:ed:1d:dd:9e:42:2b:f9:01:18:
84:6e:2e:12:65:07:8f:aa:29:be:33:cd:03:30:79:e9:dd:11:
9d:51:97:58:0e:39:a7:37:f0:ed:a4:b5:6b:1c:a6:26:4f:3e:
df:83:89:e1:c0:03:52:72:79:79:5b:4a:ff:09:55:ff:24:5c:
04:e4:59:ec:11:55:41:ae:9e:58:09:9b:c1:fc:42:d1:fe:96:
bf:0a:22:37:2a:24:a8:6a:23:ec:44:58:a7:4a:84:c5:58:d8:
f9:ea:a2:41:e6:84:82:2b:80:4b:d3:d2:e8:5b:e9:a0:f4:ab:
3f:c7:c4:32:d1:45:06:0f:77:aa:bb:fd:4a:cb:8d:11:d3:3a:
36:28:af:3d:31:87:2d:fb:1e:03:a4:ab:b1:dc:2b:e4:52:38:
6d:33:0a:10:3b:c2:09:bb:35:66:bc:74:c4:82:88:50:fe:7d:
0a:99:21:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYP7U2uAPOMnA022LjyxAmVFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlYTBhOWViNDdkODI0YjUxZjE1NDQ0MjQ4MWEyNTcxNjgz
OTQ1NTEwHhcNMjIxMDIxMTYxNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjg3NzNjMTI2NmRiMTk2YTZiODMxOThiNjI4MTNlZjU1M2EyYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zhzLB5vF365ToFfdZTLQk6UvOqj
VvAYf8vgRTtq3ZxJtk0u29mQgTU+vA4C/dqQwIjaLl5x7zgQ79eiBtpTM004Apbu
rhSV4oTQDAiSQDqDL+MtRC/spzcITVyJ7bqgLBdoMbWmX6CUTYf2V7qU9ImKm1mY
Bh0KjCY88ahqdpmRirvVEDvO8Rdc2hlsZKn33f+SAYlVr93+d3jSO8/V2lwhrexW
X+ieVcAuCwBWzmjcyorVGuonmAGkijI8N7rxdKlYZPtSlLGWnDmiBwwiBBDAOCAR
JXcUYn/ABA0JRZ4Gq1tjV4msv8VWlHgwwYKhUS+C3KaoMbQsg8rqnF54bQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC+Hc8EmbbGWprgxmLYoE+9VOiyTMB8GA1UdIwQY
MBaAFB6gqetH2CS1HxVEQkgaJXFoOUVRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzkt
ODQxOGE5NmY2Nzk1LzEvTDRkendTWnRzWmFtdURHWXRpZ1Q3MVU2TEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi8zMDMzYzYtY2NlOC00NTBkLWEwYzktODQxOGE5NmY2Nzk1
LzEvSHFDcDYwZllKTFVmRlVSQ1NCb2xjV2c1UlZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQB2XHAAwQA
2XHDMA0GCSqGSIb3DQEBCwUAA4IBAQCcWCpunJEP8nMNYiUpgAUr8CcC/Q4AjYz1
dOaXmPsAOeegXrp/x5fw1G6CJ/kaM6vUOGqxWlEGaHcqIUHXoMJZT1CJpn6etAMa
3GfML1pzH4TtHd2eQiv5ARiEbi4SZQePqim+M80DMHnp3RGdUZdYDjmnN/DtpLVr
HKYmTz7fg4nhwANScnl5W0r/CVX/JFwE5FnsEVVBrp5YCZvB/ELR/pa/CiI3KiSo
aiPsRFinSoTFWNj56qJB5oSCK4BL09LoW+mg9Ks/x8Qy0UUGD3equ/1Ky40R0zo2
KK89MYct+x4DpKux3CvkUjhtMwoQO8IJuzVmvHTEgohQ/n0KmSGy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:08 2024 by rpki-client on console-fra.rpki-client.org