Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CiAExpT7lhvG3aAmvggVz6Ja2mY.roa
File: CiAExpT7lhvG3aAmvggVz6Ja2mY.roa (raw, json)
Hash identifier: 3cvlrem/kbfMByaVKKaUPqHwQfGnoXUKcP3dLAR7X5w=
Subject key identifier: 0A:20:04:C6:94:FB:96:1B:C6:DD:A0:26:BE:08:15:CF:A2:5A:DA:66
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01841FA587E399EEFF16831502E04B73C777
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CiAExpT7lhvG3aAmvggVz6Ja2mY.roa
Signing time: Fri 28 Oct 2022 17:30:52 +0000
ROA not before: Fri 28 Oct 2022 17:30:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 84.32.59.0/24 maxlen: 24
88.216.33.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1f:a5:87:e3:99:ee:ff:16:83:15:02:e0:4b:73:c7:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Oct 28 17:30:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a2004c694fb961bc6dda026be0815cfa25ada66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:69:8e:c5:84:64:95:e0:b7:27:89:7a:cd:e6:
ea:ff:f7:93:a6:33:1f:2f:d0:ee:05:40:66:ba:19:
b1:39:53:ef:9c:af:1b:d0:2e:9c:e5:91:35:c1:aa:
00:03:8b:26:b5:35:27:c8:c2:a2:7f:d3:9c:53:29:
b2:83:32:ae:a4:1c:ff:f6:95:6e:d7:19:35:f5:19:
ae:c4:1d:eb:8e:36:c4:16:a3:ba:d5:7a:b3:90:9d:
20:38:b5:a7:0c:bb:4f:89:95:da:b6:bb:d5:15:ca:
c6:e7:9b:31:d5:13:8d:93:fe:1c:b2:fd:37:66:28:
fb:fc:e1:b4:3e:eb:79:c1:80:d7:28:82:91:7d:9f:
50:eb:61:c1:68:7b:89:d4:b1:f1:92:19:a7:1a:cb:
0b:11:e5:5d:d1:aa:3f:24:f7:bc:d4:b5:2b:3d:05:
72:06:e3:64:f4:4c:b2:20:e6:2c:0a:9c:67:33:39:
b9:b3:f3:2f:0b:9d:d7:ba:83:80:69:3e:dc:5c:10:
23:5a:dd:08:54:63:90:81:4b:04:ce:8e:a5:f4:ff:
de:93:8f:fe:f0:95:b9:3e:b5:fd:d7:4a:c7:b2:15:
31:05:c8:04:d5:5e:ae:7c:c2:44:6d:3e:12:f0:e7:
4f:4e:fb:af:ee:43:5d:aa:7f:0e:54:d9:76:66:1c:
c5:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:20:04:C6:94:FB:96:1B:C6:DD:A0:26:BE:08:15:CF:A2:5A:DA:66
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/CiAExpT7lhvG3aAmvggVz6Ja2mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.45.0/24
84.32.59.0/24
88.216.33.0/24
Signature Algorithm: sha256WithRSAEncryption
70:40:d9:69:83:8c:19:7c:fd:80:1c:bd:7d:c1:f3:9f:3c:44:
1d:fd:d4:d4:08:6d:77:5f:9b:54:a0:4c:f6:6f:f4:a7:ea:98:
29:8c:ef:ae:d8:7b:ca:d0:df:6f:fc:f5:49:42:b9:39:dc:bf:
f3:ce:50:44:d0:7c:d9:24:93:10:41:80:2d:40:1a:5c:59:b4:
ed:27:4e:ad:75:1a:55:f8:64:63:be:43:18:32:7a:d8:2d:91:
68:91:61:d3:be:d2:07:fd:1e:b4:69:ab:e5:86:f6:e7:ec:e2:
7d:d5:7c:bb:fc:0f:17:17:2d:2b:0b:f0:96:f4:c4:f6:7c:c4:
8b:6d:cd:e1:f1:7a:a4:8b:7b:2b:35:1d:f7:97:39:77:f7:4f:
7b:3c:d7:9d:0a:98:f1:bc:8f:a1:77:b3:63:fa:0c:2e:54:d6:
3f:63:88:29:a5:e5:f3:84:bf:c6:29:e6:f2:79:75:8a:4e:29:
8b:e1:a7:9c:e6:47:4d:1a:0f:d4:2c:c4:32:18:a2:52:ee:f6:
6f:ab:15:d1:bb:e5:dd:42:9f:44:7a:32:aa:9b:d7:f6:cf:17:
72:96:4c:76:74:c1:e5:ac:9f:87:3e:1e:fa:d3:ae:91:96:d6:
dd:2e:b9:20:2e:ab:7a:78:89:33:98:7d:ca:77:08:91:e2:66:
c7:38:52:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQfpYfjme7/FoMVAuBLc8d3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMDI4MTczMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTIwMDRjNjk0ZmI5NjFiYzZkZGEwMjZiZTA4MTVjZmEyNWFkYTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2mOxYRkleC3J4l6zebq//eTpjMf
L9DuBUBmuhmxOVPvnK8b0C6c5ZE1waoAA4smtTUnyMKif9OcUymygzKupBz/9pVu
1xk19RmuxB3rjjbEFqO61XqzkJ0gOLWnDLtPiZXatrvVFcrG55sx1RONk/4csv03
Zij7/OG0Put5wYDXKIKRfZ9Q62HBaHuJ1LHxkhmnGssLEeVd0ao/JPe81LUrPQVy
BuNk9EyyIOYsCpxnMzm5s/MvC53XuoOAaT7cXBAjWt0IVGOQgUsEzo6l9P/ek4/+
8JW5PrX910rHshUxBcgE1V6ufMJEbT4S8OdPTvuv7kNdqn8OVNl2ZhzFOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAogBMaU+5Ybxt2gJr4IFc+iWtpmMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvQ2lBRXhwVDdsaHZHM2FBbXZnZ1Z6NkphMm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAtAwQA
VCA7AwQAWNghMA0GCSqGSIb3DQEBCwUAA4IBAQBwQNlpg4wZfP2AHL19wfOfPEQd
/dTUCG13X5tUoEz2b/Sn6pgpjO+u2HvK0N9v/PVJQrk53L/zzlBE0HzZJJMQQYAt
QBpcWbTtJ06tdRpV+GRjvkMYMnrYLZFokWHTvtIH/R60aavlhvbn7OJ91Xy7/A8X
Fy0rC/CW9MT2fMSLbc3h8Xqki3srNR33lzl39097PNedCpjxvI+hd7Nj+gwuVNY/
Y4gppeXzhL/GKebyeXWKTimL4aec5kdNGg/ULMQyGKJS7vZvqxXRu+XdQp9EejKq
m9f2zxdylkx2dMHlrJ+HPh76066RltbdLrkgLqt6eIkzmH3KdwiR4mbHOFKZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:25 2024 by rpki-client on console-ams.rpki-client.org