Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2lOHNDxDAPDiGp_yxOqrCHrvYiY.roa
File: 2lOHNDxDAPDiGp_yxOqrCHrvYiY.roa (raw, json)
Hash identifier: j0atfwN2Ana2TDWMpCCjSwcLneH4d1er/8AsK4Oxoa0=
Subject key identifier: DA:53:87:34:3C:43:00:F0:E2:1A:9F:F2:C4:EA:AB:08:7A:EF:62:26
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018387EFE9F9F61A517BBA654A121A6044C8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2lOHNDxDAPDiGp_yxOqrCHrvYiY.roa
Signing time: Thu 29 Sep 2022 06:29:50 +0000
ROA not before: Thu 29 Sep 2022 06:29:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 84.32.68.0/22 maxlen: 24
88.216.0.0/22 maxlen: 24
84.32.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:87:ef:e9:f9:f6:1a:51:7b:ba:65:4a:12:1a:60:44:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 29 06:29:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=da5387343c4300f0e21a9ff2c4eaab087aef6226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:80:64:a4:13:3c:c0:eb:55:ca:02:ab:23:16:
3f:cf:67:b4:93:41:9b:7b:32:83:44:11:29:41:4a:
70:f0:1e:96:43:c0:23:6e:c6:01:56:c9:d3:c1:b1:
f4:af:4c:fe:ed:dc:c1:98:b1:e0:cc:4c:cd:a0:1d:
ef:f1:f0:6f:91:dc:45:df:24:11:40:33:51:d4:1c:
87:87:14:76:90:19:e0:c3:b8:eb:ea:72:48:6c:4c:
3a:77:da:9f:38:41:00:fa:55:cb:4f:9f:30:76:d4:
0f:5d:bb:51:5f:bb:63:ce:d3:06:0d:8a:55:6a:39:
f0:ee:1f:65:8b:b3:d1:75:a2:42:ea:17:a3:b8:8d:
75:50:11:e3:a5:36:e5:bc:8d:a2:4f:0f:b4:1e:75:
8d:f5:6b:25:df:98:02:a9:a0:be:d3:b2:ef:bf:24:
3a:24:cf:7b:88:da:cf:40:68:d2:7c:b0:42:9a:a7:
e5:f2:14:a7:41:3b:16:5c:73:1c:14:dd:f9:44:d6:
f6:a2:20:76:2e:73:61:f8:33:44:c6:10:79:11:13:
78:92:ba:db:24:77:c9:ec:35:34:36:6f:29:18:4d:
21:04:47:63:b9:a1:31:1a:87:94:ae:5d:53:bf:04:
94:f5:e3:8b:a4:d2:f4:06:20:2c:70:60:cd:d1:b2:
1c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:53:87:34:3C:43:00:F0:E2:1A:9F:F2:C4:EA:AB:08:7A:EF:62:26
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2lOHNDxDAPDiGp_yxOqrCHrvYiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/22
84.32.68.0/22
88.216.0.0/22
Signature Algorithm: sha256WithRSAEncryption
60:a7:29:1d:98:b2:9f:e9:e2:cf:e8:f9:48:25:b2:98:28:f4:
b2:8c:d1:b9:bf:f9:28:01:56:6b:4b:5f:a9:09:d5:12:59:5d:
3d:dc:b5:8f:e9:55:df:13:7c:77:84:81:3c:af:f6:ae:dc:3d:
b8:45:ec:5a:0d:46:66:e5:26:3f:a6:fd:8c:4c:45:a7:22:73:
77:c9:71:16:47:e5:53:e4:83:ae:5a:b6:8c:62:da:16:fd:a8:
d3:cd:96:5b:62:c3:91:d9:0b:cc:25:5b:41:89:75:5a:f9:d6:
9e:9d:86:44:88:a9:7c:54:a5:b2:01:2b:77:3c:37:81:b5:1d:
3a:85:9d:60:35:7c:49:4b:56:66:c6:0c:d2:48:d0:43:ec:16:
e5:2d:3f:4e:1a:7c:1f:95:93:a6:9e:13:a8:9b:82:d4:13:31:
7b:b6:a1:e5:44:0a:a1:75:ca:71:2d:f8:4c:71:d7:0e:10:10:
31:6f:55:39:da:4d:a0:41:91:28:b1:5c:c0:95:ff:7d:d7:40:
7d:26:55:3f:a0:f9:ec:85:96:e9:c3:00:17:11:1b:92:0f:66:
41:8d:94:68:04:6a:a5:8b:9d:f1:f2:41:5f:4d:45:6b:da:21:
96:1e:c0:8c:be:cc:ea:9e:ef:a7:80:1f:0c:5f:27:34:e1:4d:
cb:e6:12:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOH7+n59hpRe7plShIaYETIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTI5MDYyOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTUzODczNDNjNDMwMGYwZTIxYTlmZjJjNGVhYWIwODdhZWY2MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooBkpBM8wOtVygKrIxY/z2e0k0Gb
ezKDRBEpQUpw8B6WQ8AjbsYBVsnTwbH0r0z+7dzBmLHgzEzNoB3v8fBvkdxF3yQR
QDNR1ByHhxR2kBngw7jr6nJIbEw6d9qfOEEA+lXLT58wdtQPXbtRX7tjztMGDYpV
ajnw7h9li7PRdaJC6hejuI11UBHjpTblvI2iTw+0HnWN9Wsl35gCqaC+07LvvyQ6
JM97iNrPQGjSfLBCmqfl8hSnQTsWXHMcFN35RNb2oiB2LnNh+DNExhB5ERN4krrb
JHfJ7DU0Nm8pGE0hBEdjuaExGoeUrl1TvwSU9eOLpNL0BiAscGDN0bIc8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNpThzQ8QwDw4hqf8sTqqwh672ImMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMmxPSE5EeERBUERpR3BfeXhPcXJDSHJ2WWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCVCAIAwQC
VCBEAwQCWNgAMA0GCSqGSIb3DQEBCwUAA4IBAQBgpykdmLKf6eLP6PlIJbKYKPSy
jNG5v/koAVZrS1+pCdUSWV093LWP6VXfE3x3hIE8r/au3D24RexaDUZm5SY/pv2M
TEWnInN3yXEWR+VT5IOuWraMYtoW/ajTzZZbYsOR2QvMJVtBiXVa+daenYZEiKl8
VKWyASt3PDeBtR06hZ1gNXxJS1ZmxgzSSNBD7BblLT9OGnwflZOmnhOom4LUEzF7
tqHlRAqhdcpxLfhMcdcOEBAxb1U52k2gQZEosVzAlf9910B9JlU/oPnshZbpwwAX
ERuSD2ZBjZRoBGqli53x8kFfTUVr2iGWHsCMvszqnu+ngB8MXyc04U3L5hIv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:26 2023 by rpki-client on console-ams.rpki-client.org