Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/uhDqvw5tH35nufQbEQ77u83I-B8.roa
File: uhDqvw5tH35nufQbEQ77u83I-B8.roa (raw, json)
Hash identifier: n57CUhA+5zCxO5SP38OfqRj/V/slyu/xHn7nSVOGgv0=
Subject key identifier: BA:10:EA:BF:0E:6D:1F:7E:67:B9:F4:1B:11:0E:FB:BB:CD:C8:F8:1F
Certificate issuer: /CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Certificate serial: 03CF1601
Authority key identifier: D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/uhDqvw5tH35nufQbEQ77u83I-B8.roa
Signing time: Sat 01 Jan 2022 09:55:38 +0000
ROA not before: Sat 01 Jan 2022 09:55:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 33987
IP address blocks: 84.21.224.0/21 maxlen: 21
84.21.232.0/23 maxlen: 23
84.21.240.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 63903233 (0x3cf1601)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7eaba53d6dfbab4e976120c1e20268bbfe8a0e0
Validity
Not Before: Jan 1 09:55:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ba10eabf0e6d1f7e67b9f41b110efbbbcdc8f81f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:df:1b:a4:cf:74:e3:1d:a1:bc:74:80:06:
b0:14:ae:b9:06:95:cd:a1:cb:9e:d3:6e:03:05:c3:
9e:e2:df:c8:29:0f:57:68:f2:c8:24:ad:08:1a:99:
4a:00:23:76:d5:4b:41:60:c2:08:d5:4c:db:54:a9:
c0:97:36:19:91:a0:1e:be:06:47:e8:22:0a:a2:3f:
fb:b5:db:6d:d0:26:56:66:47:ac:f0:48:12:6d:9f:
07:75:13:19:d4:33:09:61:b8:6c:b0:10:9d:1b:ba:
c4:34:48:c1:1c:35:6e:01:76:77:f5:79:a1:8c:69:
4d:9d:e5:84:95:35:30:8a:bc:62:ae:62:df:24:7b:
cb:fe:92:7e:11:ca:9b:41:3e:18:32:2b:59:42:8b:
22:39:01:a1:c2:91:50:f0:2e:2f:0c:eb:c9:06:86:
f3:5d:4c:fc:a2:77:9b:1d:7c:fc:6e:b1:aa:31:09:
49:18:81:2c:6a:38:c7:51:26:26:c4:66:20:5a:cc:
1a:cf:6b:2e:e5:8b:39:e5:b2:8a:d3:53:d5:7e:50:
6f:f3:26:03:64:2a:8c:05:0c:b2:74:be:f2:15:eb:
33:9c:1c:99:d0:4e:cc:7e:f2:e2:b1:8e:27:e8:38:
88:c0:d6:73:24:c8:fe:03:4d:e2:78:e0:36:b3:7a:
dd:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:10:EA:BF:0E:6D:1F:7E:67:B9:F4:1B:11:0E:FB:BB:CD:C8:F8:1F
X509v3 Authority Key Identifier:
keyid:D7:EA:BA:53:D6:DF:BA:B4:E9:76:12:0C:1E:20:26:8B:BF:E8:A0:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-q6U9bfurTpdhIMHiAmi7_ooOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/uhDqvw5tH35nufQbEQ77u83I-B8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/9afe35-0e3f-4d70-b1a4-2ae793da4770/1/1-q6U9bfurTpdhIMHiAmi7_ooOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.224.0-84.21.233.255
84.21.240.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:33:70:dd:c3:7d:39:4f:90:51:b5:6e:b1:5e:41:17:6b:d8:
25:91:47:1e:e1:70:ea:96:b3:74:91:fc:9f:1f:e4:43:7e:ed:
6c:88:4f:36:43:51:56:d0:17:34:30:49:d2:42:a1:ff:e3:3d:
06:8b:2f:2f:96:57:97:66:49:bf:6c:5e:63:80:51:81:58:76:
44:48:a9:b5:ae:02:3b:92:dc:b6:18:73:5e:15:4b:70:61:6f:
d6:60:0b:36:33:56:1c:f3:02:6a:f1:93:31:7f:f9:14:ef:9b:
f6:95:50:ba:88:1c:78:77:8f:51:da:30:8e:70:9b:68:9d:ea:
1a:27:5a:1e:ca:e8:2a:b2:b0:03:83:81:b7:a4:80:d2:b3:f7:
da:fb:cc:b6:4e:5c:55:4d:3a:fc:2a:b2:b8:dc:0b:d8:00:2c:
55:ee:e5:d0:75:1a:89:29:f0:a3:3b:67:42:c1:a2:9d:5d:50:
44:6b:b2:9b:4d:17:c7:aa:a0:0a:7f:e7:c8:46:cd:31:db:f5:
48:5c:3e:cb:1e:46:ab:7f:b7:f2:d4:f3:0f:91:60:5f:bc:23:
c2:2b:ad:b7:15:c4:e5:88:96:08:07:a3:75:8b:0d:56:e8:2d:
e9:b2:8f:4e:21:40:79:a6:3e:ee:26:c2:5a:42:d6:55:8d:9e:
6f:e7:6a:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEA88WATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
N2VhYmE1M2Q2ZGZiYWI0ZTk3NjEyMGMxZTIwMjY4YmJmZThhMGUwMB4XDTIyMDEw
MTA5NTUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmExMGVhYmYwZTZk
MWY3ZTY3YjlmNDFiMTEwZWZiYmJjZGM4ZjgxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL323xukz3TjHaG8dIAGsBSuuQaVzaHLntNuAwXDnuLfyCkP
V2jyyCStCBqZSgAjdtVLQWDCCNVM21SpwJc2GZGgHr4GR+giCqI/+7XbbdAmVmZH
rPBIEm2fB3UTGdQzCWG4bLAQnRu6xDRIwRw1bgF2d/V5oYxpTZ3lhJU1MIq8Yq5i
3yR7y/6SfhHKm0E+GDIrWUKLIjkBocKRUPAuLwzryQaG811M/KJ3mx18/G6xqjEJ
SRiBLGo4x1EmJsRmIFrMGs9rLuWLOeWyitNT1X5Qb/MmA2QqjAUMsnS+8hXrM5wc
mdBOzH7y4rGOJ+g4iMDWcyTI/gNN4njgNrN63d8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBS6EOq/Dm0ffme59BsRDvu7zcj4HzAfBgNVHSMEGDAWgBTX6rpT1t+6tOl2
EgweICaLv+ig4DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtcTZVOWJmdXJUcGRoSU1IaUFtaTdfb29PQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTAvOWFmZTM1LTBlM2YtNGQ3MC1iMWE0LTJhZTc5M2RhNDc3MC8x
L3VoRHF2dzV0SDM1bnVmUWJFUTc3dTgzSS1COC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTAv
OWFmZTM1LTBlM2YtNGQ3MC1iMWE0LTJhZTc5M2RhNDc3MC8xLzEtcTZVOWJmdXJU
cGRoSU1IaUFtaTdfb29PQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQFVBXgAwQBVBXoAwQEVBXwMA0G
CSqGSIb3DQEBCwUAA4IBAQCmM3Ddw305T5BRtW6xXkEXa9glkUce4XDqlrN0kfyf
H+RDfu1siE82Q1FW0Bc0MEnSQqH/4z0Giy8vlleXZkm/bF5jgFGBWHZESKm1rgI7
kty2GHNeFUtwYW/WYAs2M1Yc8wJq8ZMxf/kU75v2lVC6iBx4d49R2jCOcJtoneoa
J1oeyugqsrADg4G3pIDSs/fa+8y2TlxVTTr8KrK43AvYACxV7uXQdRqJKfCjO2dC
waKdXVBEa7KbTRfHqqAKf+fIRs0x2/VIXD7LHkarf7fy1PMPkWBfvCPCK623FcTl
iJYIB6N1iw1W6C3pso9OIUB5pj7uJsJaQtZVjZ5v52qe
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:55 2024 by rpki-client on console-ams.rpki-client.org