Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/S4CarveTxNBAcy-U67zylMJgqJU.roa
File: S4CarveTxNBAcy-U67zylMJgqJU.roa (raw, json)
Hash identifier: fgXamJpDviP1DfwG+FqJf3GCuc8MoM4ew946rCc/SPk=
Subject key identifier: 4B:80:9A:AE:F7:93:C4:D0:40:73:2F:94:EB:BC:F2:94:C2:60:A8:95
Certificate issuer: /CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Certificate serial: 17E1226A
Authority key identifier: A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/S4CarveTxNBAcy-U67zylMJgqJU.roa
Signing time: Sat 01 Jan 2022 12:55:52 +0000
ROA not before: Sat 01 Jan 2022 12:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34373
IP address blocks: 185.64.120.0/22 maxlen: 24
2a03:1460::/32 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 400630378 (0x17e1226a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Validity
Not Before: Jan 1 12:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b809aaef793c4d040732f94ebbcf294c260a895
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e6:e7:df:d6:80:fd:d7:49:68:07:0b:47:a6:
62:1f:da:10:78:a4:46:9e:31:ed:24:49:0a:7f:25:
7e:11:c6:1d:47:83:63:e2:07:f0:d9:f2:47:36:e3:
c7:76:53:7f:be:39:77:a9:ec:1e:5e:14:6f:19:5e:
c8:97:24:50:6b:b6:c6:27:a9:46:fd:82:f3:41:ba:
1f:d1:cf:56:8f:65:4d:67:f5:0b:86:41:27:5d:77:
fb:33:6e:31:fe:dc:dd:de:67:47:ce:f9:fe:74:7c:
f3:44:60:c8:86:76:08:06:27:49:9c:a6:28:a4:00:
8b:04:6c:56:28:ce:57:2e:eb:c1:81:dc:89:ac:57:
e0:51:83:40:75:85:7f:c7:6c:07:77:0e:36:49:98:
17:c0:50:0a:f6:91:20:0e:b3:52:29:20:b6:5d:db:
40:94:3a:b3:1e:41:8f:9b:47:bb:60:13:81:4f:10:
40:0b:2b:13:0d:30:43:5e:5c:00:78:4b:d4:fb:ce:
2a:a2:d9:f6:68:31:36:e1:1f:8d:dd:a2:25:6e:7c:
40:9d:00:db:8f:0d:7c:f2:58:02:f8:9e:d7:c6:fe:
04:0d:2a:d8:75:0f:1d:54:c5:69:82:63:3e:f1:a0:
66:bb:64:76:66:c1:62:cd:58:96:6d:39:42:a6:01:
f1:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:80:9A:AE:F7:93:C4:D0:40:73:2F:94:EB:BC:F2:94:C2:60:A8:95
X509v3 Authority Key Identifier:
keyid:A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/S4CarveTxNBAcy-U67zylMJgqJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.64.120.0/22
IPv6:
2a03:1460::/32
Signature Algorithm: sha256WithRSAEncryption
49:43:d0:ed:12:be:9a:0d:97:f7:be:fb:7a:ad:c0:d5:51:a4:
6a:c8:7f:b8:58:b6:00:d7:81:13:01:d7:62:ff:5f:39:2d:6d:
fb:83:c4:83:84:9b:6d:f5:f1:4e:8f:20:0a:a8:6b:93:8f:8f:
75:54:09:90:75:a4:7c:5b:3e:54:a9:9f:53:a8:ab:6b:0a:f2:
c1:3b:dc:21:0b:02:61:8d:25:38:b9:7f:64:da:a2:df:2d:ef:
25:78:fb:1f:39:df:ea:77:a9:60:ec:d5:34:d5:44:9e:ad:ca:
76:e0:2c:c4:ff:03:4c:eb:e5:28:43:82:ba:84:e0:c4:7e:5e:
46:a8:07:17:3b:dc:40:2f:bd:d5:45:93:88:db:17:07:54:ed:
52:63:29:ba:66:4a:56:2f:0a:11:3c:e4:96:c5:d6:07:30:af:
55:99:2d:be:06:97:eb:a7:c8:30:5e:d6:d5:53:8a:1e:a3:87:
f2:6d:8f:e8:91:06:1b:ed:aa:af:62:f8:9f:d1:ac:3d:2b:91:
04:7d:f0:a3:fd:ee:ed:c8:90:d3:02:df:d5:36:24:1c:d6:34:
8c:c6:37:f9:4e:58:20:ee:36:f1:11:c8:de:50:a5:68:ac:d4:
98:08:3a:fc:9b:5b:01:46:63:06:70:83:63:33:f8:8b:26:0b:
9e:de:c3:37
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEF+EiajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NjFhOGY2NjdhM2RkZGJkNGEzNTIzMThkOGYwNjA2YzQ2ZTlmMDYzMB4XDTIyMDEw
MTEyNTU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGI4MDlhYWVmNzkz
YzRkMDQwNzMyZjk0ZWJiY2YyOTRjMjYwYTg5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANDm59/WgP3XSWgHC0emYh/aEHikRp4x7SRJCn8lfhHGHUeD
Y+IH8NnyRzbjx3ZTf745d6nsHl4UbxleyJckUGu2xiepRv2C80G6H9HPVo9lTWf1
C4ZBJ113+zNuMf7c3d5nR875/nR880RgyIZ2CAYnSZymKKQAiwRsVijOVy7rwYHc
iaxX4FGDQHWFf8dsB3cONkmYF8BQCvaRIA6zUikgtl3bQJQ6sx5Bj5tHu2ATgU8Q
QAsrEw0wQ15cAHhL1PvOKqLZ9mgxNuEfjd2iJW58QJ0A248NfPJYAvie18b+BA0q
2HUPHVTFaYJjPvGgZrtkdmbBYs1Ylm05QqYB8WECAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRLgJqu95PE0EBzL5TrvPKUwmColTAfBgNVHSMEGDAWgBSmGo9mej3dvUo1
IxjY8GBsRunwYzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BocVBabm85M2IxS05TTVkyUEJnYkVicDhHTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvY2U4OGEyLWViODctNDJhNS05MTZkLWI1NmJiMDY0Nzg2OC8x
L1M0Q2FydmVUeE5CQWN5LVU2N3p5bE1KZ3FKVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
Y2U4OGEyLWViODctNDJhNS05MTZkLWI1NmJiMDY0Nzg2OC8xL3BocVBabm85M2Ix
S05TTVkyUEJnYkVicDhHTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArlAeDANBAIAAjAHAwUAKgMUYDAN
BgkqhkiG9w0BAQsFAAOCAQEASUPQ7RK+mg2X9777eq3A1VGkash/uFi2ANeBEwHX
Yv9fOS1t+4PEg4SbbfXxTo8gCqhrk4+PdVQJkHWkfFs+VKmfU6irawrywTvcIQsC
YY0lOLl/ZNqi3y3vJXj7Hznf6nepYOzVNNVEnq3KduAsxP8DTOvlKEOCuoTgxH5e
RqgHFzvcQC+91UWTiNsXB1TtUmMpumZKVi8KETzklsXWBzCvVZktvgaX66fIMF7W
1VOKHqOH8m2P6JEGG+2qr2L4n9GsPSuRBH3wo/3u7ciQ0wLf1TYkHNY0jMY3+U5Y
IO428RHI3lClaKzUmAg6/JtbAUZjBnCDYzP4iyYLnt7DNw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:54:42 2024 by rpki-client on console-ams.rpki-client.org