Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MhJ546bXzcstba6LzS1mvIjJWBM.roa
File: MhJ546bXzcstba6LzS1mvIjJWBM.roa (raw, json)
Hash identifier: z9vMKOstHd+2ZzViP/41OFZj0Rewn75RfVy8xbiHtwI=
Subject key identifier: 32:12:79:E3:A6:D7:CD:CB:2D:6D:AE:8B:CD:2D:66:BC:88:C9:58:13
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01853A55BBA26C50BB84AE761C813181F908
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MhJ546bXzcstba6LzS1mvIjJWBM.roa
Signing time: Thu 22 Dec 2022 14:56:15 +0000
ROA not before: Thu 22 Dec 2022 14:56:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212219
IP address blocks: 84.32.235.0/24 maxlen: 24
88.216.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3a:55:bb:a2:6c:50:bb:84:ae:76:1c:81:31:81:f9:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 22 14:56:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=321279e3a6d7cdcb2d6dae8bcd2d66bc88c95813
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:78:c3:c2:20:77:96:64:4f:b0:ce:50:01:04:
fe:20:4d:cf:f7:3a:bb:c1:6d:8c:77:94:68:a2:cd:
fb:51:27:40:19:f5:41:eb:63:84:de:25:ea:76:cb:
79:6f:3e:ee:65:88:05:79:dc:de:e5:8d:48:53:08:
d4:43:67:cb:60:05:10:d9:cc:6a:61:79:88:c9:a8:
ef:96:2d:fe:77:85:8a:e1:4a:a0:81:e5:ab:e0:07:
f0:e0:97:a1:1d:c8:35:4e:a2:34:e0:7b:d2:cf:e2:
20:9b:9b:64:c0:e2:ac:6f:15:63:26:c2:eb:9f:65:
a5:29:e0:c9:88:b5:d6:37:3b:39:ab:ab:9f:44:53:
c4:5f:10:a3:d6:4c:c8:f9:24:23:45:6f:f3:a6:81:
cb:cc:3a:4d:a2:d7:70:82:11:30:3d:67:64:cf:e2:
8f:22:0b:c5:57:63:1b:6b:6c:9a:f9:e6:94:41:72:
03:d5:3c:c8:3b:0b:f4:e2:49:4e:8e:64:84:31:2a:
14:66:f9:56:b9:a7:06:be:d7:4e:b4:e2:8b:ec:bf:
52:2c:e4:8d:6e:e5:6c:de:ae:4f:b8:37:c5:d4:cc:
fe:09:04:37:a2:a6:46:a8:c0:14:e1:be:27:8e:3b:
34:60:c9:70:6e:f6:0b:84:0c:d7:59:4e:c0:b0:18:
5a:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:12:79:E3:A6:D7:CD:CB:2D:6D:AE:8B:CD:2D:66:BC:88:C9:58:13
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/MhJ546bXzcstba6LzS1mvIjJWBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.235.0/24
88.216.35.0/24
Signature Algorithm: sha256WithRSAEncryption
80:0a:e7:a2:cf:da:0f:52:7c:c9:70:94:ac:76:a9:d6:8e:06:
d4:a0:bb:9c:02:06:16:d2:da:21:bd:85:87:f4:da:49:f4:28:
c8:59:62:da:c6:8c:fb:ae:d8:c3:8c:cd:18:9d:14:81:c4:18:
16:0c:70:03:73:ef:ba:fa:96:8a:78:26:aa:7a:62:22:3d:f2:
e7:d5:9d:2f:d4:02:3c:60:e8:bb:33:e9:45:e3:ee:d4:5c:87:
41:8a:c9:ce:84:3d:69:72:24:da:2c:7c:91:38:9a:be:9e:86:
32:5d:59:20:d5:31:08:e9:33:88:29:d8:10:a6:e4:55:e1:c0:
5d:dc:4a:b7:19:db:19:0f:0f:a4:39:e4:e1:a3:07:df:f3:20:
22:5f:71:89:9e:cd:92:c1:98:d9:54:47:8d:d8:f1:2b:6d:fa:
36:0a:be:21:51:79:c3:db:00:af:3d:c3:97:5d:7f:96:54:98:
2b:53:6d:93:49:89:43:ec:0e:75:26:cf:98:30:9f:81:60:64:
24:b6:a6:21:5a:f5:03:a3:59:a8:99:1a:57:a5:d4:f6:01:d3:
e7:ee:87:b8:24:0a:0f:08:ef:da:85:03:60:a5:a9:57:59:e9:
65:66:34:ca:92:16:e6:d6:37:66:e6:bb:23:71:3b:33:18:01:
57:5e:48:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU6VbuibFC7hK52HIExgfkIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIyMTQ1NjE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMjEyNzllM2E2ZDdjZGNiMmQ2ZGFlOGJjZDJkNjZiYzg4Yzk1ODEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHjDwiB3lmRPsM5QAQT+IE3P9zq7
wW2Md5Roos37USdAGfVB62OE3iXqdst5bz7uZYgFedze5Y1IUwjUQ2fLYAUQ2cxq
YXmIyajvli3+d4WK4UqggeWr4Afw4JehHcg1TqI04HvSz+Igm5tkwOKsbxVjJsLr
n2WlKeDJiLXWNzs5q6ufRFPEXxCj1kzI+SQjRW/zpoHLzDpNotdwghEwPWdkz+KP
IgvFV2Mba2ya+eaUQXID1TzIOwv04klOjmSEMSoUZvlWuacGvtdOtOKL7L9SLOSN
buVs3q5PuDfF1Mz+CQQ3oqZGqMAU4b4njjs0YMlwbvYLhAzXWU7AsBhaywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDISeeOm183LLW2ui80tZryIyVgTMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvTWhKNTQ2Ylh6Y3N0YmE2THpTMW12SWpKV0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCDrAwQA
WNgjMA0GCSqGSIb3DQEBCwUAA4IBAQCACueiz9oPUnzJcJSsdqnWjgbUoLucAgYW
0tohvYWH9NpJ9CjIWWLaxoz7rtjDjM0YnRSBxBgWDHADc++6+paKeCaqemIiPfLn
1Z0v1AI8YOi7M+lF4+7UXIdBisnOhD1pciTaLHyROJq+noYyXVkg1TEI6TOIKdgQ
puRV4cBd3Eq3GdsZDw+kOeThowff8yAiX3GJns2SwZjZVEeN2PErbfo2Cr4hUXnD
2wCvPcOXXX+WVJgrU22TSYlD7A51Js+YMJ+BYGQktqYhWvUDo1momRpXpdT2AdPn
7oe4JAoPCO/ahQNgpalXWellZjTKkhbm1jdm5rsjcTszGAFXXkgZ
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:46 2023 by rpki-client on console-fra.rpki-client.org