Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9LpcYDNP31ne6rrg7atMHl_0kqE.roa
File: 9LpcYDNP31ne6rrg7atMHl_0kqE.roa (raw, json)
Hash identifier: Kxgyepf0+WUDJBrT1fBb0RjTAWemwgYgIoB68lkryq8=
Subject key identifier: F4:BA:5C:60:33:4F:DF:59:DE:EA:BA:E0:ED:AB:4C:1E:5F:F4:92:A1
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0183B10D556BA8779604B1F414C337445D7F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9LpcYDNP31ne6rrg7atMHl_0kqE.roa
Signing time: Fri 07 Oct 2022 06:06:24 +0000
ROA not before: Fri 07 Oct 2022 06:06:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 84.32.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:0d:55:6b:a8:77:96:04:b1:f4:14:c3:37:44:5d:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 7 06:06:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4ba5c60334fdf59deeabae0edab4c1e5ff492a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:66:07:6c:b3:9c:a1:da:17:88:9e:0a:72:7b:
0a:fc:ec:ff:14:54:30:06:0f:51:ad:03:1f:6c:9e:
96:31:d4:d7:4b:f5:3a:dd:57:21:bc:d0:a7:a7:36:
04:4f:70:0e:64:93:10:97:a3:cd:a8:c2:1c:92:ee:
8f:d3:4d:14:45:c1:9c:12:1b:c6:c9:bf:f4:44:3c:
36:84:52:c0:e1:53:1c:02:35:30:83:43:3b:1e:89:
57:22:55:41:8c:82:e1:a9:97:dc:23:63:6b:8b:62:
96:34:c9:a2:19:bb:b8:2d:13:95:37:a7:e3:48:02:
fd:27:39:30:02:06:39:4e:bd:22:d4:ef:01:1f:be:
ec:8e:65:e8:ce:05:ac:86:2c:cc:8a:79:60:03:99:
6f:1a:dc:81:93:8a:80:58:f9:d6:2c:8d:4c:5f:96:
74:ee:a0:d1:64:4d:03:66:69:5d:e1:76:a0:e2:f8:
ca:13:4f:ad:cf:3a:d5:72:9e:ca:20:22:24:7a:6e:
99:2f:e9:75:31:b3:0f:ab:08:0f:f3:75:76:72:11:
c0:aa:af:38:24:29:c1:41:8f:9e:d0:37:39:91:e3:
e6:8a:ab:d4:78:44:24:a5:8d:a7:26:79:02:48:09:
43:b1:6b:f6:1d:ca:5f:28:29:56:1c:b3:f5:59:c0:
f7:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:BA:5C:60:33:4F:DF:59:DE:EA:BA:E0:ED:AB:4C:1E:5F:F4:92:A1
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/9LpcYDNP31ne6rrg7atMHl_0kqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.8.0/22
Signature Algorithm: sha256WithRSAEncryption
76:43:97:58:2f:82:79:5f:f5:27:b3:db:d4:13:22:a7:f6:85:
d5:67:08:ce:04:d4:98:df:03:62:b0:b1:a9:69:b8:32:b4:6b:
73:ad:e3:51:b9:5e:e9:1b:28:57:3f:76:f2:2f:6c:7e:43:4f:
68:b4:49:ba:38:92:b3:7a:ba:e5:72:28:ac:eb:90:d8:ae:1c:
05:5e:d8:2d:49:ef:3d:6b:83:de:c6:db:3f:a1:f4:c6:16:56:
36:ce:b0:7b:48:3b:18:9c:f4:d9:f0:17:68:ba:47:63:4d:a7:
21:43:18:c1:4a:cd:3f:c1:1b:a5:4d:12:c8:e8:58:b1:ea:a3:
83:9d:6f:36:ad:52:ef:0b:1a:cd:72:56:da:5d:53:aa:6e:20:
29:59:e6:99:47:dc:61:25:5f:97:ad:17:1c:5f:ca:bf:7d:a2:
db:c4:e8:a5:ed:20:56:97:be:45:33:0d:66:5e:7d:68:60:14:
6b:a0:1a:ae:d8:46:81:05:0b:84:c7:9a:95:37:d3:6e:ec:d5:
b1:90:f8:f4:ee:51:52:b5:f2:a5:c4:74:d2:da:b2:b6:95:b8:
d2:c0:20:7a:7c:ce:57:79:09:52:49:95:d7:20:bf:d3:19:7f:
f4:4e:b7:fd:09:57:cc:cc:f7:f6:ba:6d:af:d9:1a:73:e0:58:
df:68:13:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOxDVVrqHeWBLH0FMM3RF1/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDA3MDYwNjI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGJhNWM2MDMzNGZkZjU5ZGVlYWJhZTBlZGFiNGMxZTVmZjQ5MmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzGYHbLOcodoXiJ4KcnsK/Oz/FFQw
Bg9RrQMfbJ6WMdTXS/U63VchvNCnpzYET3AOZJMQl6PNqMIcku6P000URcGcEhvG
yb/0RDw2hFLA4VMcAjUwg0M7HolXIlVBjILhqZfcI2Nri2KWNMmiGbu4LROVN6fj
SAL9JzkwAgY5Tr0i1O8BH77sjmXozgWshizMinlgA5lvGtyBk4qAWPnWLI1MX5Z0
7qDRZE0DZmld4Xag4vjKE0+tzzrVcp7KICIkem6ZL+l1MbMPqwgP83V2chHAqq84
JCnBQY+e0Dc5kePmiqvUeEQkpY2nJnkCSAlDsWv2HcpfKClWHLP1WcD3GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPS6XGAzT99Z3uq64O2rTB5f9JKhMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvOUxwY1lETlAzMW5lNnJyZzdhdE1IbF8wa3FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVCAIMA0G
CSqGSIb3DQEBCwUAA4IBAQB2Q5dYL4J5X/Uns9vUEyKn9oXVZwjOBNSY3wNisLGp
abgytGtzreNRuV7pGyhXP3byL2x+Q09otEm6OJKzerrlciis65DYrhwFXtgtSe89
a4Pexts/ofTGFlY2zrB7SDsYnPTZ8BdoukdjTachQxjBSs0/wRulTRLI6Fix6qOD
nW82rVLvCxrNclbaXVOqbiApWeaZR9xhJV+XrRccX8q/faLbxOil7SBWl75FMw1m
Xn1oYBRroBqu2EaBBQuEx5qVN9Nu7NWxkPj07lFStfKlxHTS2rK2lbjSwCB6fM5X
eQlSSZXXIL/TGX/0Trf9CVfMzPf2um2v2Rpz4FjfaBOC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:28 2023 by rpki-client on console-ams.rpki-client.org