Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pv_5cEduFf6so1zDjED57oTw0vQ.roa
File: Pv_5cEduFf6so1zDjED57oTw0vQ.roa (raw, json)
Hash identifier: 26a0NP+cGDMDtj9JYjQ82bTWtCVhnGUh4CwcG6m/Yp8=
Subject key identifier: 3E:FF:F9:70:47:6E:15:FE:AC:A3:5C:C3:8C:40:F9:EE:84:F0:D2:F4
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0185394052FB8A162761712A80008213B0DC
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pv_5cEduFf6so1zDjED57oTw0vQ.roa
Signing time: Thu 22 Dec 2022 09:53:14 +0000
ROA not before: Thu 22 Dec 2022 09:53:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 84.32.62.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:39:40:52:fb:8a:16:27:61:71:2a:80:00:82:13:b0:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 22 09:53:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3efff970476e15feaca35cc38c40f9ee84f0d2f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b7:1a:96:a5:4b:b8:ff:b0:f6:85:c2:d2:12:
1c:13:a5:40:75:1c:b6:38:e7:eb:53:34:78:48:31:
f0:64:c0:24:1f:70:b5:6c:33:aa:af:9e:88:23:f2:
61:6a:c6:8c:bb:08:77:1f:23:2b:16:82:2e:b6:19:
aa:a6:a6:8d:a8:70:91:24:3f:fa:2f:f0:46:55:1e:
bb:5c:c1:e9:4e:b7:c6:02:5f:38:ab:f1:55:5b:8d:
ec:ef:9c:23:00:bc:6b:06:a1:86:80:5f:42:b4:78:
4e:f8:aa:fa:25:5e:5a:0a:9f:4b:33:b6:00:ed:98:
ef:ed:f6:c8:6d:69:c6:db:37:73:af:24:ae:ae:e9:
13:b9:76:59:d7:d7:1c:7c:93:10:e7:54:eb:e1:5a:
4a:ea:6e:a9:49:ee:0d:43:51:00:4c:9d:69:36:a8:
c6:41:d4:24:76:97:ae:a9:4c:1f:e9:46:02:35:9b:
05:b0:94:1e:e4:32:50:ec:1c:07:12:12:3d:a0:65:
62:4b:89:bf:70:2c:3a:53:c2:ee:95:27:91:84:a6:
80:dd:b4:3a:9f:a5:31:3c:c1:87:3e:e2:1e:91:94:
90:69:de:1a:d2:36:9f:a4:49:e5:b0:5f:55:53:48:
12:8e:66:e7:0c:11:7d:08:0c:8c:d3:66:b4:2f:f7:
c2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:FF:F9:70:47:6E:15:FE:AC:A3:5C:C3:8C:40:F9:EE:84:F0:D2:F4
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/Pv_5cEduFf6so1zDjED57oTw0vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.62.0/24
84.32.83.0/24
Signature Algorithm: sha256WithRSAEncryption
84:d4:6a:a4:c2:22:c0:15:6d:41:d9:de:e8:1f:69:5b:6f:f0:
93:70:b2:e0:99:58:2a:99:81:2f:a8:ac:33:c3:e3:79:38:ac:
7c:87:47:23:8c:f1:34:6f:63:90:71:b4:97:e8:d1:87:44:43:
7c:dc:89:53:e3:a7:cd:e9:ce:bb:b0:86:31:bd:5b:65:da:37:
b1:11:a1:06:75:da:f3:48:ef:1c:de:34:00:0b:09:c7:b3:8d:
a8:08:7a:ed:96:bb:a6:c7:e2:69:e1:50:32:cf:87:c0:39:ac:
75:db:43:a7:34:80:26:cd:3d:5f:ae:70:03:29:d6:8d:98:a6:
39:79:b3:90:ae:6c:e6:1d:b5:87:20:48:63:c9:07:3b:f7:bf:
c2:e0:ce:50:81:f4:23:98:47:05:c9:df:28:f5:46:a0:11:65:
5b:d6:97:00:d7:cd:2c:8b:0c:34:e2:d8:40:6b:fa:ec:74:0d:
e0:3c:fc:e2:ea:30:6f:f8:93:b6:ff:76:b0:32:d6:06:fa:ec:
40:a6:c0:61:02:e7:10:e1:7c:fa:77:53:80:69:4e:ec:5b:22:
c1:2f:8b:10:79:c7:e6:b9:51:c0:0d:77:87:a1:e7:de:e3:48:
56:da:51:c2:5b:29:fc:bb:a9:91:07:cc:d3:83:e1:bc:d7:7a:
3f:a7:53:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYU5QFL7ihYnYXEqgACCE7DcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjIyMDk1MzE0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWZmZjk3MDQ3NmUxNWZlYWNhMzVjYzM4YzQwZjllZTg0ZjBkMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7calqVLuP+w9oXC0hIcE6VAdRy2
OOfrUzR4SDHwZMAkH3C1bDOqr56II/JhasaMuwh3HyMrFoIuthmqpqaNqHCRJD/6
L/BGVR67XMHpTrfGAl84q/FVW43s75wjALxrBqGGgF9CtHhO+Kr6JV5aCp9LM7YA
7Zjv7fbIbWnG2zdzrySurukTuXZZ19ccfJMQ51Tr4VpK6m6pSe4NQ1EATJ1pNqjG
QdQkdpeuqUwf6UYCNZsFsJQe5DJQ7BwHEhI9oGViS4m/cCw6U8LulSeRhKaA3bQ6
n6UxPMGHPuIekZSQad4a0jafpEnlsF9VU0gSjmbnDBF9CAyM02a0L/fCkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7/+XBHbhX+rKNcw4xA+e6E8NL0MB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvUHZfNWNFZHVGZjZzbzF6RGpFRDU3b1R3MHZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCA+AwQA
VCBTMA0GCSqGSIb3DQEBCwUAA4IBAQCE1GqkwiLAFW1B2d7oH2lbb/CTcLLgmVgq
mYEvqKwzw+N5OKx8h0cjjPE0b2OQcbSX6NGHREN83IlT46fN6c67sIYxvVtl2jex
EaEGddrzSO8c3jQACwnHs42oCHrtlrumx+Jp4VAyz4fAOax120OnNIAmzT1frnAD
KdaNmKY5ebOQrmzmHbWHIEhjyQc797/C4M5QgfQjmEcFyd8o9UagEWVb1pcA180s
iww04thAa/rsdA3gPPzi6jBv+JO2/3awMtYG+uxApsBhAucQ4Xz6d1OAaU7sWyLB
L4sQecfmuVHADXeHoefe40hW2lHCWyn8u6mRB8zTg+G813o/p1Nx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:32 2024 by rpki-client on console-fra.rpki-client.org