Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa
File: 4RCsguf2wL_vdJruu1rNtIbIIfo.roa (raw, json)
Hash identifier: 8yEz+OztQxP1LuyLKvLC+mT9mBTNPEbTqhSp71XzeKA=
Subject key identifier: E1:10:AC:82:E7:F6:C0:BF:EF:74:9A:EE:BB:5A:CD:B4:86:C8:21:FA
Certificate issuer: /CN=d4bbed63091439823ed391a472536c0fcafe8957
Certificate serial: 40D877BB
Authority key identifier: D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa
Signing time: Sat 01 Jan 2022 13:56:29 +0000
ROA not before: Sat 01 Jan 2022 13:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29266
IP address blocks: 159.20.0.0/21 maxlen: 21
195.85.253.0/24 maxlen: 24
195.137.194.0/23 maxlen: 23
2a03:2180::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1087928251 (0x40d877bb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4bbed63091439823ed391a472536c0fcafe8957
Validity
Not Before: Jan 1 13:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e110ac82e7f6c0bfef749aeebb5acdb486c821fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:5b:53:5a:0b:e3:5c:bf:b7:60:2d:c4:2b:01:
29:c0:8e:61:90:80:91:d1:91:c2:a9:2e:56:c8:73:
25:b3:c1:79:55:d1:bc:02:20:2c:89:86:4b:1d:00:
0e:ff:6a:11:76:e2:54:3a:44:da:cc:25:72:94:27:
43:ce:22:f4:a5:f3:67:d7:2d:82:b4:9c:ea:15:fa:
4d:20:ef:b4:85:1a:8c:db:86:d2:85:f1:8d:39:01:
c5:da:06:88:0b:47:f8:b8:71:af:58:c3:1d:58:a6:
e5:a2:c3:05:d5:07:0b:87:5b:7a:d9:39:4f:ad:66:
78:08:36:4a:ab:2d:1e:f3:25:62:d2:60:b5:46:1c:
3c:ba:5f:22:36:af:f4:e4:88:50:6e:d9:bc:67:19:
ea:e3:34:e6:aa:2e:5b:54:af:b8:0d:33:55:4c:74:
b4:8f:a0:ff:16:44:8c:e9:8d:e9:6e:6f:84:83:62:
fd:2e:a4:87:68:bc:26:df:13:da:36:66:08:3d:7a:
6a:7c:c6:22:48:25:63:49:23:56:93:87:af:f4:1b:
18:da:e0:2f:7d:f7:64:02:98:e7:a5:a3:51:f9:03:
44:eb:5a:3a:55:08:4b:5f:b9:db:ef:73:42:ba:00:
fd:17:45:8b:c1:ac:9a:6a:6f:6a:8f:44:5d:8c:30:
35:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:10:AC:82:E7:F6:C0:BF:EF:74:9A:EE:BB:5A:CD:B4:86:C8:21:FA
X509v3 Authority Key Identifier:
keyid:D4:BB:ED:63:09:14:39:82:3E:D3:91:A4:72:53:6C:0F:CA:FE:89:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1LvtYwkUOYI-05GkclNsD8r-iVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/4RCsguf2wL_vdJruu1rNtIbIIfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/7757ed-d020-471f-bbc5-17bf202e5eee/1/1LvtYwkUOYI-05GkclNsD8r-iVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.20.0.0/21
195.85.253.0/24
195.137.194.0/23
IPv6:
2a03:2180::/32
Signature Algorithm: sha256WithRSAEncryption
68:4e:02:65:23:73:e7:ee:3b:cd:ff:11:49:79:77:dc:9a:58:
11:87:2f:11:7a:ea:f7:5c:15:0f:b9:21:77:df:0e:69:9e:3a:
0d:9a:a3:57:9a:1d:99:7a:83:a3:61:d2:bc:43:5a:5f:87:bb:
fd:18:ff:f4:2f:47:9a:b4:b7:e2:ea:fc:4e:be:90:9d:3a:37:
7b:c1:84:93:db:20:0a:68:50:00:ab:d2:12:96:d0:1e:c8:3b:
b0:e3:f2:d3:b3:e8:8d:db:77:64:5d:2a:32:6e:07:d1:42:26:
67:6b:fe:6c:7f:ee:06:c1:4c:7e:cd:52:38:04:26:87:22:0e:
a2:1e:32:81:e4:3c:14:07:61:13:e0:07:45:d5:29:45:89:f6:
4d:5f:91:82:8b:ae:47:3e:d3:2b:ab:4e:55:0f:67:a3:72:64:
3d:f9:7a:4f:83:c7:39:4c:ac:3d:3c:17:07:1f:c2:cc:c6:f6:
6c:d6:0c:2f:7f:88:a2:66:7b:d8:4c:6b:79:b9:52:29:fa:d6:
69:9e:22:64:0b:3a:fa:f0:28:a6:dc:38:b4:ed:10:1e:d4:40:
4e:b3:c7:f3:c6:25:87:c4:54:aa:1b:10:43:ac:fa:ea:05:a4:
56:03:fb:85:3e:22:91:81:cd:50:7f:a6:ea:39:39:1b:78:71:
06:8e:87:44
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEQNh3uzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGJiZWQ2MzA5MTQzOTgyM2VkMzkxYTQ3MjUzNmMwZmNhZmU4OTU3MB4XDTIyMDEw
MTEzNTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTExMGFjODJlN2Y2
YzBiZmVmNzQ5YWVlYmI1YWNkYjQ4NmM4MjFmYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdbU1oL41y/t2AtxCsBKcCOYZCAkdGRwqkuVshzJbPBeVXR
vAIgLImGSx0ADv9qEXbiVDpE2swlcpQnQ84i9KXzZ9ctgrSc6hX6TSDvtIUajNuG
0oXxjTkBxdoGiAtH+Lhxr1jDHVim5aLDBdUHC4dbetk5T61meAg2SqstHvMlYtJg
tUYcPLpfIjav9OSIUG7ZvGcZ6uM05qouW1SvuA0zVUx0tI+g/xZEjOmN6W5vhINi
/S6kh2i8Jt8T2jZmCD16anzGIkglY0kjVpOHr/QbGNrgL333ZAKY56WjUfkDROta
OlUIS1+52+9zQroA/RdFi8Gsmmpvao9EXYwwNbECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBThEKyC5/bAv+90mu67Ws20hsgh+jAfBgNVHSMEGDAWgBTUu+1jCRQ5gj7T
kaRyU2wPyv6JVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFMdnRZd2tVT1lJLTA1R2tjbE5zRDhyLWlWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWIvNzc1N2VkLWQwMjAtNDcxZi1iYmM1LTE3YmYyMDJlNWVlZS8x
LzRSQ3NndWYyd0xfdmRKcnV1MXJOdEliSUlmby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWIv
Nzc1N2VkLWQwMjAtNDcxZi1iYmM1LTE3YmYyMDJlNWVlZS8xLzFMdnRZd2tVT1lJ
LTA1R2tjbE5zRDhyLWlWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA58UAAMEAMNV/QMEAcOJwjANBAIA
AjAHAwUAKgMhgDANBgkqhkiG9w0BAQsFAAOCAQEAaE4CZSNz5+47zf8RSXl33JpY
EYcvEXrq91wVD7khd98OaZ46DZqjV5odmXqDo2HSvENaX4e7/Rj/9C9HmrS34ur8
Tr6QnTo3e8GEk9sgCmhQAKvSEpbQHsg7sOPy07Pojdt3ZF0qMm4H0UImZ2v+bH/u
BsFMfs1SOAQmhyIOoh4ygeQ8FAdhE+AHRdUpRYn2TV+RgouuRz7TK6tOVQ9no3Jk
Pfl6T4PHOUysPTwXBx/CzMb2bNYML3+IomZ72ExreblSKfrWaZ4iZAs6+vAoptw4
tO0QHtRATrPH88Ylh8RUqhsQQ6z66gWkVgP7hT4ikYHNUH+m6jk5G3hxBo6HRA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:54 2023 by rpki-client on console-fra.rpki-client.org