Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/I2zRps74UPkwEFRA2Oel1T4EwNo.roa
File: I2zRps74UPkwEFRA2Oel1T4EwNo.roa (raw, json)
Hash identifier: VqBBUQgXNT9itxxBQYmFb0k6Jluxn2jE/IcEKJg/IMs=
Subject key identifier: 23:6C:D1:A6:CE:F8:50:F9:30:10:54:40:D8:E7:A5:D5:3E:04:C0:DA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01824179958771383864B4E98C61DB0E6D8B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/I2zRps74UPkwEFRA2Oel1T4EwNo.roa
Signing time: Wed 27 Jul 2022 21:04:23 +0000
ROA not before: Wed 27 Jul 2022 21:04:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200019
IP address blocks: 84.32.88.0/22 maxlen: 24
88.216.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:41:79:95:87:71:38:38:64:b4:e9:8c:61:db:0e:6d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jul 27 21:04:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=236cd1a6cef850f930105440d8e7a5d53e04c0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:ad:a6:f1:5f:12:df:fe:b5:91:0f:c1:b8:
a4:0d:6a:06:85:7b:17:5d:6a:2b:8d:af:d2:a5:91:
5d:03:f6:17:31:99:91:61:a3:54:4c:d7:83:a9:61:
29:05:d7:05:5e:30:18:9e:88:2a:61:35:3c:b5:c2:
8c:a0:24:3c:9a:ad:b8:3e:95:5f:8e:f9:1f:d2:e8:
8d:30:90:79:a7:50:de:f6:a2:1c:dd:de:2e:cd:86:
c8:f0:42:fb:e6:17:b7:f0:d5:4d:07:8c:d2:aa:b0:
66:34:2f:89:0c:67:b2:85:77:08:d5:93:f4:12:36:
d7:b2:c1:cb:2e:19:5e:9f:1e:4a:28:54:1c:89:f7:
2b:8a:9a:99:0f:dc:21:b1:d7:ce:41:85:80:3c:00:
c9:88:5d:f1:e2:b2:9d:b5:78:63:33:79:f0:78:e3:
0c:42:f8:eb:04:a0:ee:9b:7e:b7:25:a3:cd:b4:81:
ba:d3:32:f1:eb:bf:93:3c:0d:05:96:a1:ee:fa:ac:
2a:61:33:45:24:68:ed:30:07:67:9c:3a:de:68:ce:
7a:fe:d6:35:ec:c4:8a:00:2d:c3:c6:df:8f:84:51:
64:ac:35:c4:64:4d:93:66:50:81:fc:9b:6b:e9:ca:
c6:aa:5f:be:e8:e1:fc:09:c6:bd:4e:57:5e:f4:d2:
f3:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:6C:D1:A6:CE:F8:50:F9:30:10:54:40:D8:E7:A5:D5:3E:04:C0:DA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/I2zRps74UPkwEFRA2Oel1T4EwNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.88.0/22
88.216.196.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:2c:1b:b2:6e:58:0b:75:2b:4f:92:0f:bb:10:e6:8c:09:b2:
66:65:7b:13:87:81:ce:78:29:5f:9c:8f:ca:bc:fd:f5:0d:f4:
eb:a1:8e:af:dd:80:e9:11:f6:f6:8a:d4:1a:57:10:f6:70:e8:
df:40:91:c5:45:1c:7b:f0:c2:bd:98:b5:59:5d:18:12:ef:7f:
d7:37:e6:a0:e1:cd:96:9b:18:5b:82:57:e4:31:5b:d2:47:ef:
20:74:4f:fc:28:de:25:4a:e5:43:ad:c4:76:d8:e4:3b:e5:8b:
24:ea:b8:a5:f4:9b:de:69:34:0d:bb:f2:f0:e1:9f:bf:56:40:
59:55:91:83:81:ec:89:55:cc:96:2b:da:67:6b:20:ad:fe:b3:
06:0e:71:d1:1c:e6:40:e5:0e:bd:f1:93:28:c2:d9:eb:70:a6:
f0:30:a6:3f:be:db:c6:c9:37:56:a7:a1:d4:ce:08:c1:cd:08:
93:e8:92:ab:97:81:33:90:ab:00:9b:8a:d3:97:49:ab:74:5e:
94:47:e6:aa:0a:eb:c7:07:08:14:92:8e:56:26:3e:ed:31:ec:
78:67:ef:cd:f7:de:7f:1a:c3:a4:5e:68:ae:c5:1f:9d:fd:3f:
0f:95:62:7e:27:7e:fe:7a:08:3b:2a:d6:a0:77:bc:bc:8e:e9:
25:c8:e1:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJBeZWHcTg4ZLTpjGHbDm2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwNzI3MjEwNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzZjZDFhNmNlZjg1MGY5MzAxMDU0NDBkOGU3YTVkNTNlMDRjMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8OtpvFfEt/+tZEPwbikDWoGhXsX
XWorja/SpZFdA/YXMZmRYaNUTNeDqWEpBdcFXjAYnogqYTU8tcKMoCQ8mq24PpVf
jvkf0uiNMJB5p1De9qIc3d4uzYbI8EL75he38NVNB4zSqrBmNC+JDGeyhXcI1ZP0
EjbXssHLLhlenx5KKFQcifcripqZD9whsdfOQYWAPADJiF3x4rKdtXhjM3nweOMM
QvjrBKDum363JaPNtIG60zLx67+TPA0FlqHu+qwqYTNFJGjtMAdnnDreaM56/tY1
7MSKAC3Dxt+PhFFkrDXEZE2TZlCB/Jtr6crGql++6OH8Cca9Tlde9NLzQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCNs0abO+FD5MBBUQNjnpdU+BMDaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvSTJ6UnBzNzRVUGt3RUZSQTJPZWwxVDRFd05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVCBYAwQC
WNjEMA0GCSqGSIb3DQEBCwUAA4IBAQAqLBuyblgLdStPkg+7EOaMCbJmZXsTh4HO
eClfnI/KvP31DfTroY6v3YDpEfb2itQaVxD2cOjfQJHFRRx78MK9mLVZXRgS73/X
N+ag4c2WmxhbglfkMVvSR+8gdE/8KN4lSuVDrcR22OQ75Ysk6ril9JveaTQNu/Lw
4Z+/VkBZVZGDgeyJVcyWK9pnayCt/rMGDnHRHOZA5Q698ZMowtnrcKbwMKY/vtvG
yTdWp6HUzgjBzQiT6JKrl4EzkKsAm4rTl0mrdF6UR+aqCuvHBwgUko5WJj7tMex4
Z+/N995/GsOkXmiuxR+d/T8PlWJ+J37+egg7Ktagd7y8juklyOEA
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org