Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/8LzeJkDE7P7AtNS5KLDbhHjNOvE.roa
File: 8LzeJkDE7P7AtNS5KLDbhHjNOvE.roa (raw, json)
Hash identifier: Qq7F7YYbcCgxhnENIcwBSOUe0Ta7EM+7nf9W0pv9/1U=
Subject key identifier: F0:BC:DE:26:40:C4:EC:FE:C0:B4:D4:B9:28:B0:DB:84:78:CD:3A:F1
Certificate issuer: /CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Certificate serial: 01847BA8635A255492BC44D6C3A569C3BDFD
Authority key identifier: 3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/8LzeJkDE7P7AtNS5KLDbhHjNOvE.roa
Signing time: Tue 15 Nov 2022 14:19:03 +0000
ROA not before: Tue 15 Nov 2022 14:19:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201470
IP address blocks: 155.133.24.0/23 maxlen: 23
2a02:28e9::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7b:a8:63:5a:25:54:92:bc:44:d6:c3:a5:69:c3:bd:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ef325ef4cbaa66cc71ffcc6880877e76e149afd
Validity
Not Before: Nov 15 14:19:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f0bcde2640c4ecfec0b4d4b928b0db8478cd3af1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:8b:2c:1a:c0:b5:14:c3:2d:a0:38:0b:25:
3a:ce:c3:81:f0:4a:74:c4:a6:01:85:e7:1a:1a:6c:
95:d6:ad:e5:4d:75:c4:f2:e4:3a:25:a7:cf:4f:87:
c7:e0:eb:86:b9:2a:5e:a5:51:ee:cc:b8:0d:3a:c2:
24:0a:2f:e7:26:0a:2c:e0:86:9b:ea:d0:2f:6e:b5:
4c:6c:ec:60:2c:03:63:7c:b5:2a:3d:f4:d5:77:41:
be:db:aa:28:a5:5b:ec:82:65:9d:f5:a0:08:5e:e9:
99:19:9d:9a:3d:b8:05:84:26:9a:f1:2c:ba:55:5e:
1a:79:54:8e:12:d6:c8:91:5f:d0:7c:b1:8b:35:84:
a2:62:80:72:c5:08:63:c6:ab:54:88:76:95:86:d9:
96:62:f4:ef:1e:9f:54:da:92:59:c3:37:a7:81:f8:
cb:9a:8b:09:67:8e:fe:35:51:67:a9:77:70:e1:db:
7e:9d:e9:d2:6e:0d:96:eb:b3:86:76:50:49:bf:e5:
36:b4:22:0b:f7:dd:74:3f:d8:94:33:99:d1:a1:9e:
10:83:15:d7:4b:39:99:b8:17:a2:1f:a8:c1:35:51:
92:da:c9:48:89:25:e0:ae:b0:fc:c1:25:15:b0:07:
1f:9e:81:3b:67:7a:a7:a8:27:f5:b0:5a:50:68:2b:
1f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:BC:DE:26:40:C4:EC:FE:C0:B4:D4:B9:28:B0:DB:84:78:CD:3A:F1
X509v3 Authority Key Identifier:
keyid:3E:F3:25:EF:4C:BA:A6:6C:C7:1F:FC:C6:88:08:77:E7:6E:14:9A:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PvMl70y6pmzHH_zGiAh3524Umv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/8LzeJkDE7P7AtNS5KLDbhHjNOvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/4fd090-6fae-4a6a-8f9e-34d71485c547/1/PvMl70y6pmzHH_zGiAh3524Umv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.24.0/23
IPv6:
2a02:28e9::/32
Signature Algorithm: sha256WithRSAEncryption
2f:ac:b8:d6:45:24:19:5c:34:c8:44:2d:74:f2:7c:4d:9f:6a:
63:24:af:42:e9:12:8e:3e:8c:75:f2:ef:61:39:3a:bc:5c:cc:
e0:13:dd:fe:a6:74:9a:7c:aa:e7:cb:b3:8f:f0:dc:aa:24:d4:
70:0e:0c:64:eb:1f:7b:de:0e:cd:71:d5:b2:68:12:15:b2:5d:
03:ab:e7:af:05:f5:d4:37:9b:ad:90:96:ac:0b:ac:1f:d2:7c:
7a:45:22:59:0c:0e:6b:b4:38:4f:3f:a4:03:23:64:f0:59:32:
d4:fb:59:7d:f6:ad:24:55:52:70:b2:cf:50:62:71:a4:ff:3d:
4e:cc:4a:db:bd:15:ae:3d:28:a5:6e:35:e1:d3:b0:64:ac:d7:
c4:3d:42:1d:f4:1d:13:f8:19:96:4e:15:e4:88:c9:6a:5b:ee:
41:20:38:86:89:65:ba:4f:13:c9:27:bc:83:14:f9:ab:5d:e4:
8d:b4:f5:c1:bc:ca:60:a9:58:76:55:7b:7a:da:b7:9d:1d:4f:
8d:6c:6c:dc:73:c4:80:88:4e:93:51:bb:1c:e7:93:2d:96:82:
5f:1f:44:3e:87:fa:bf:ab:a3:55:54:80:ab:00:93:05:5e:97:
5f:96:ae:c7:8d:09:59:1b:56:f8:59:6b:ed:fd:6f:27:05:b5:
9d:bd:7f:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYR7qGNaJVSSvETWw6Vpw739MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlZjMyNWVmNGNiYWE2NmNjNzFmZmNjNjg4MDg3N2U3NmUx
NDlhZmQwHhcNMjIxMTE1MTQxOTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMGJjZGUyNjQwYzRlY2ZlYzBiNGQ0YjkyOGIwZGI4NDc4Y2QzYWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU6LLBrAtRTDLaA4CyU6zsOB8Ep0
xKYBhecaGmyV1q3lTXXE8uQ6JafPT4fH4OuGuSpepVHuzLgNOsIkCi/nJgos4Iab
6tAvbrVMbOxgLANjfLUqPfTVd0G+26oopVvsgmWd9aAIXumZGZ2aPbgFhCaa8Sy6
VV4aeVSOEtbIkV/QfLGLNYSiYoByxQhjxqtUiHaVhtmWYvTvHp9U2pJZwzengfjL
mosJZ47+NVFnqXdw4dt+nenSbg2W67OGdlBJv+U2tCIL9910P9iUM5nRoZ4QgxXX
SzmZuBeiH6jBNVGS2slIiSXgrrD8wSUVsAcfnoE7Z3qnqCf1sFpQaCsf5wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPC83iZAxOz+wLTUuSiw24R4zTrxMB8GA1UdIwQY
MBaAFD7zJe9MuqZsxx/8xogId+duFJr9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUt
MzRkNzE0ODVjNTQ3LzEvOEx6ZUprREU3UDdBdE5TNUtMRGJoSGpOT3ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS80ZmQwOTAtNmZhZS00YTZhLThmOWUtMzRkNzE0ODVjNTQ3
LzEvUHZNbDcweTZwbXpISF96R2lBaDM1MjRVbXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBm4UYMA0E
AgACMAcDBQAqAijpMA0GCSqGSIb3DQEBCwUAA4IBAQAvrLjWRSQZXDTIRC108nxN
n2pjJK9C6RKOPox18u9hOTq8XMzgE93+pnSafKrny7OP8NyqJNRwDgxk6x973g7N
cdWyaBIVsl0Dq+evBfXUN5utkJasC6wf0nx6RSJZDA5rtDhPP6QDI2TwWTLU+1l9
9q0kVVJwss9QYnGk/z1OzErbvRWuPSilbjXh07BkrNfEPUId9B0T+BmWThXkiMlq
W+5BIDiGiWW6TxPJJ7yDFPmrXeSNtPXBvMpgqVh2VXt62redHU+NbGzcc8SAiE6T
Ubsc55MtloJfH0Q+h/q/q6NVVICrAJMFXpdflq7HjQlZG1b4WWvt/W8nBbWdvX+I
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:13 2024 by rpki-client on console-fra.rpki-client.org