Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BZ-z1KsWQmKsCqvnDJ2xgr3WjdY.roa
File: BZ-z1KsWQmKsCqvnDJ2xgr3WjdY.roa (raw, json)
Hash identifier: gO9hyY5sAKcO/5F5aO8rZjQoYGamZ0UN6Dip3MsEEGc=
Subject key identifier: 05:9F:B3:D4:AB:16:42:62:AC:0A:AB:E7:0C:9D:B1:82:BD:D6:8D:D6
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185148F4DE10A1A58EC6F3D4C4F3E9DCF43
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BZ-z1KsWQmKsCqvnDJ2xgr3WjdY.roa
Signing time: Thu 15 Dec 2022 06:53:33 +0000
ROA not before: Thu 15 Dec 2022 06:53:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212384
IP address blocks: 84.32.82.0/24 maxlen: 24
88.216.196.0/24 maxlen: 24
88.216.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:14:8f:4d:e1:0a:1a:58:ec:6f:3d:4c:4f:3e:9d:cf:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 15 06:53:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=059fb3d4ab164262ac0aabe70c9db182bdd68dd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:16:88:51:b5:a8:03:f3:9d:80:97:20:c3:3a:
2c:74:99:a8:86:33:7f:17:f9:af:72:25:c6:ea:db:
4a:5e:29:b9:48:51:45:af:f8:64:66:00:a5:08:af:
48:ab:63:6a:4c:a1:32:f3:c5:dc:cf:2f:82:e6:05:
d7:94:3f:c1:0a:4b:8d:48:9e:64:cf:aa:06:8c:51:
10:dd:e1:34:89:9b:29:a6:53:4f:aa:f8:55:59:72:
94:67:ca:01:a1:18:b9:3d:2b:7d:cc:ee:b2:ba:cd:
9a:49:9f:cc:6a:8c:56:92:ec:f3:d7:e0:60:f5:fa:
10:c2:f9:7e:70:d1:19:aa:ee:d3:df:18:f0:71:71:
22:b4:fc:73:79:c0:54:e1:c6:eb:a7:bc:a1:e2:13:
cb:51:f1:71:77:4e:5c:09:62:41:60:51:27:d9:86:
63:c4:17:3a:cc:5c:67:af:b3:a4:1a:b0:96:d9:9f:
6e:44:a7:0b:0c:05:c3:df:85:97:19:62:a7:dd:4e:
93:00:bb:a6:15:85:0b:2c:e8:ae:ed:8e:8f:79:b0:
bd:8e:3c:05:3c:d5:ee:ce:b6:b9:22:d0:f7:62:32:
f2:ca:f9:10:e4:f0:74:9d:b0:28:d6:97:34:42:8d:
67:07:89:ea:c3:9d:3d:bb:f3:4d:57:c9:1e:0f:95:
30:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9F:B3:D4:AB:16:42:62:AC:0A:AB:E7:0C:9D:B1:82:BD:D6:8D:D6
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/BZ-z1KsWQmKsCqvnDJ2xgr3WjdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.82.0/24
88.216.37.0/24
88.216.196.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:9f:ae:31:af:5d:c0:41:40:9f:38:eb:49:e1:93:99:f7:54:
70:e6:2a:4e:48:83:70:6f:b0:b2:25:0e:ec:d4:27:f0:6a:80:
45:c0:9d:0a:2a:c4:16:9d:91:63:d6:dc:3b:0a:4c:ed:84:60:
91:a7:be:f2:5d:e5:f2:bf:5f:ff:40:95:89:9a:b2:69:c5:eb:
d4:cb:cd:92:31:8f:74:fd:44:de:a7:30:af:7b:98:2e:39:6b:
be:ea:38:a0:c4:49:80:96:f9:4d:a2:56:4b:42:52:cd:98:3c:
cd:82:a0:b7:8a:9d:9f:57:56:5e:5c:1c:20:11:5b:ba:63:04:
6a:c7:d9:bf:62:10:0a:22:02:24:c1:34:78:33:01:8c:c7:86:
54:99:0b:3b:45:86:ed:ab:bb:0d:fe:ae:bc:ac:d7:ff:ef:a6:
51:6f:e2:e7:3d:e1:e8:ae:c1:34:ee:10:7f:f1:55:7a:9a:d5:
79:1c:23:d7:31:da:42:b9:bc:80:ca:ec:b8:a4:2a:5c:74:41:
09:41:83:88:da:cf:1a:d3:fb:14:f5:20:fb:0d:43:39:fc:4c:
1c:80:eb:8a:9d:5e:1e:17:11:ad:e4:36:21:1e:78:b9:c9:7e:
07:f9:a5:42:60:00:2d:89:51:c0:ad:0f:f9:b1:f0:66:32:83:
b8:94:95:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUUj03hChpY7G89TE8+nc9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjE1MDY1MzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTlmYjNkNGFiMTY0MjYyYWMwYWFiZTcwYzlkYjE4MmJkZDY4ZGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxaIUbWoA/OdgJcgwzosdJmohjN/
F/mvciXG6ttKXim5SFFFr/hkZgClCK9Iq2NqTKEy88Xczy+C5gXXlD/BCkuNSJ5k
z6oGjFEQ3eE0iZspplNPqvhVWXKUZ8oBoRi5PSt9zO6yus2aSZ/MaoxWkuzz1+Bg
9foQwvl+cNEZqu7T3xjwcXEitPxzecBU4cbrp7yh4hPLUfFxd05cCWJBYFEn2YZj
xBc6zFxnr7OkGrCW2Z9uRKcLDAXD34WXGWKn3U6TALumFYULLOiu7Y6PebC9jjwF
PNXuzra5ItD3YjLyyvkQ5PB0nbAo1pc0Qo1nB4nqw509u/NNV8keD5UwRwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAWfs9SrFkJirAqr5wydsYK91o3WMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQlotejFLc1dRbUtzQ3F2bkRKMnhncjNXamRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCBSAwQA
WNglAwQAWNjEMA0GCSqGSIb3DQEBCwUAA4IBAQCPn64xr13AQUCfOOtJ4ZOZ91Rw
5ipOSINwb7CyJQ7s1CfwaoBFwJ0KKsQWnZFj1tw7CkzthGCRp77yXeXyv1//QJWJ
mrJpxevUy82SMY90/UTepzCve5guOWu+6jigxEmAlvlNolZLQlLNmDzNgqC3ip2f
V1ZeXBwgEVu6YwRqx9m/YhAKIgIkwTR4MwGMx4ZUmQs7RYbtq7sN/q68rNf/76ZR
b+LnPeHorsE07hB/8VV6mtV5HCPXMdpCubyAyuy4pCpcdEEJQYOI2s8a0/sU9SD7
DUM5/EwcgOuKnV4eFxGt5DYhHni5yX4H+aVCYAAtiVHArQ/5sfBmMoO4lJVr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:28 2023 by rpki-client on console-ams.rpki-client.org