Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/iTz7ygHc3wINjXoBqWaXXEnIAdg.roa
File: iTz7ygHc3wINjXoBqWaXXEnIAdg.roa (raw, json)
Hash identifier: kCcKKSzPVOInvrXc8tWmAVmIUpKqVJ4BM4MgyTolgFA=
Subject key identifier: 89:3C:FB:CA:01:DC:DF:02:0D:8D:7A:01:A9:66:97:5C:49:C8:01:D8
Certificate issuer: /CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Certificate serial: 01844DA8A9D2CD491F22107CA40137505E89
Authority key identifier: 93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/iTz7ygHc3wINjXoBqWaXXEnIAdg.roa
Signing time: Sun 06 Nov 2022 15:56:49 +0000
ROA not before: Sun 06 Nov 2022 15:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 217.113.16.0/20 maxlen: 20
45.133.104.0/22 maxlen: 22
5.134.84.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:4d:a8:a9:d2:cd:49:1f:22:10:7c:a4:01:37:50:5e:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93e8f4ed5dd06301c423988e786dabf51c5f5674
Validity
Not Before: Nov 6 15:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=893cfbca01dcdf020d8d7a01a966975c49c801d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:59:71:5a:37:1f:d6:ca:a1:bf:35:e5:4b:1b:
ea:46:45:19:e0:88:65:09:63:76:21:18:ad:9c:e4:
d2:2b:4b:a4:3d:25:55:cd:21:cb:fd:0e:15:24:60:
01:56:62:6d:e9:94:53:52:c1:93:1a:83:af:02:af:
5e:14:1b:2e:0d:c6:ed:99:59:85:04:27:31:4a:83:
90:05:9c:71:99:a5:e5:26:81:f2:02:a8:54:4d:1a:
a4:2c:e7:3c:6e:1d:af:a4:cd:cf:2e:c7:ad:70:55:
56:6b:85:7f:10:67:81:1f:a2:9f:2b:6e:aa:d2:bf:
01:51:25:f7:60:05:5b:bb:14:52:e0:c9:48:0b:64:
11:60:0b:f4:52:0e:08:29:0f:58:ca:a3:f5:4c:22:
c1:69:98:57:ee:28:ce:bf:5f:a9:a7:a3:7a:eb:55:
83:06:a6:e9:d7:e5:5c:a2:34:6d:85:46:6e:0f:5c:
6f:fd:bc:a3:29:e4:ca:ea:c4:13:ef:cc:95:bb:70:
9f:a1:11:6e:d1:84:29:74:ce:12:ff:f5:e8:fb:db:
05:95:fc:c1:1c:fd:eb:22:1a:97:2f:98:2a:98:8f:
2d:b7:f9:03:ed:a5:21:d5:6d:c1:01:5b:75:c1:85:
4c:69:f8:96:91:63:fd:67:03:bc:63:c6:5a:f0:58:
b7:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:3C:FB:CA:01:DC:DF:02:0D:8D:7A:01:A9:66:97:5C:49:C8:01:D8
X509v3 Authority Key Identifier:
keyid:93:E8:F4:ED:5D:D0:63:01:C4:23:98:8E:78:6D:AB:F5:1C:5F:56:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k-j07V3QYwHEI5iOeG2r9RxfVnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/iTz7ygHc3wINjXoBqWaXXEnIAdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/a78979-dd24-4be7-8194-1fc19ea73a2a/1/k-j07V3QYwHEI5iOeG2r9RxfVnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.84.0/22
45.133.104.0/22
217.113.16.0/20
Signature Algorithm: sha256WithRSAEncryption
1c:77:96:04:f5:ed:d6:21:64:02:5e:95:e0:fb:65:0f:f5:78:
b1:f8:59:2d:30:a8:bb:bb:29:d0:a1:33:b5:8c:5b:bf:24:bb:
50:2b:ce:c1:f8:30:df:6f:f4:87:ca:60:93:59:ce:41:65:22:
22:5a:24:9d:31:34:4d:b5:13:9b:e6:39:69:31:da:f0:03:9b:
08:9a:d6:5f:ce:52:b1:85:8d:88:c4:09:0a:b5:c3:51:7e:ed:
31:c1:03:41:dd:ca:51:0f:ff:1d:10:92:40:50:bc:1a:ad:8e:
fe:4c:5a:b5:19:3f:df:79:d2:5e:d4:b6:26:f5:30:98:b1:fb:
34:43:a1:c4:e1:1c:8c:b9:a1:15:be:65:44:5a:c5:2f:ba:8d:
8d:2a:e8:d6:5c:d0:67:e3:09:5d:5a:7b:19:30:45:1c:e4:a0:
d8:a1:89:f8:26:79:8a:b4:6f:6e:ab:d5:38:17:e0:71:dd:cf:
00:db:0f:0e:f0:ba:97:3f:47:e3:26:8f:17:37:f5:8a:73:1d:
2a:56:b1:d9:a5:ed:cd:7c:86:6c:fa:70:81:2e:2c:d3:16:d0:
c4:51:96:45:d0:67:36:57:c9:ea:84:62:ed:d8:44:6e:b1:fd:
ab:7e:2c:43:f6:6b:ca:f2:46:bc:22:d0:ff:c2:b1:35:de:22:
9b:a1:eb:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYRNqKnSzUkfIhB8pAE3UF6JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZThmNGVkNWRkMDYzMDFjNDIzOTg4ZTc4NmRhYmY1MWM1
ZjU2NzQwHhcNMjIxMTA2MTU1NjQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTNjZmJjYTAxZGNkZjAyMGQ4ZDdhMDFhOTY2OTc1YzQ5YzgwMWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnllxWjcf1sqhvzXlSxvqRkUZ4Ihl
CWN2IRitnOTSK0ukPSVVzSHL/Q4VJGABVmJt6ZRTUsGTGoOvAq9eFBsuDcbtmVmF
BCcxSoOQBZxxmaXlJoHyAqhUTRqkLOc8bh2vpM3PLsetcFVWa4V/EGeBH6KfK26q
0r8BUSX3YAVbuxRS4MlIC2QRYAv0Ug4IKQ9YyqP1TCLBaZhX7ijOv1+pp6N661WD
Bqbp1+VcojRthUZuD1xv/byjKeTK6sQT78yVu3CfoRFu0YQpdM4S//Xo+9sFlfzB
HP3rIhqXL5gqmI8tt/kD7aUh1W3BAVt1wYVMafiWkWP9ZwO8Y8Za8Fi34wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIk8+8oB3N8CDY16Aalml1xJyAHYMB8GA1UdIwQY
MBaAFJPo9O1d0GMBxCOYjnhtq/UcX1Z0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQt
MWZjMTllYTczYTJhLzEvaVR6N3lnSGMzd0lOalhvQnFXYVhYRW5JQWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9hNzg5NzktZGQyNC00YmU3LTgxOTQtMWZjMTllYTczYTJh
LzEvay1qMDdWM1FZd0hFSTVpT2VHMnI5UnhmVm5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBYZUAwQC
LYVoAwQE2XEQMA0GCSqGSIb3DQEBCwUAA4IBAQAcd5YE9e3WIWQCXpXg+2UP9Xix
+FktMKi7uynQoTO1jFu/JLtQK87B+DDfb/SHymCTWc5BZSIiWiSdMTRNtROb5jlp
MdrwA5sImtZfzlKxhY2IxAkKtcNRfu0xwQNB3cpRD/8dEJJAULwarY7+TFq1GT/f
edJe1LYm9TCYsfs0Q6HE4RyMuaEVvmVEWsUvuo2NKujWXNBn4wldWnsZMEUc5KDY
oYn4JnmKtG9uq9U4F+Bx3c8A2w8O8LqXP0fjJo8XN/WKcx0qVrHZpe3NfIZs+nCB
LizTFtDEUZZF0Gc2V8nqhGLt2ERusf2rfixD9mvK8ka8ItD/wrE13iKboesL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org