Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SO1pp5cKfCebfG9c7_A857o3v4U.roa
File: SO1pp5cKfCebfG9c7_A857o3v4U.roa (raw, json)
Hash identifier: 4uHDE+HfhfQ+ppv893x/hsYlRQyqi5o7zqDoGUDnuMA=
Subject key identifier: 48:ED:69:A7:97:0A:7C:27:9B:7C:6F:5C:EF:F0:3C:E7:BA:37:BF:85
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018502593CB9E7CBABD90159E593DC990F79
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SO1pp5cKfCebfG9c7_A857o3v4U.roa
Signing time: Sun 11 Dec 2022 18:01:20 +0000
ROA not before: Sun 11 Dec 2022 18:01:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 84.32.224.0/24 maxlen: 24
84.32.14.0/24 maxlen: 24
84.32.34.0/24 maxlen: 24
84.32.254.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:02:59:3c:b9:e7:cb:ab:d9:01:59:e5:93:dc:99:0f:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 11 18:01:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=48ed69a7970a7c279b7c6f5ceff03ce7ba37bf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4b:9f:b6:57:48:58:3f:fa:2f:4d:81:41:fc:
2a:47:51:d5:b4:ba:aa:b1:57:76:ea:f2:8e:61:17:
31:f5:fc:2a:4b:70:b2:af:8a:d5:8f:86:da:9b:28:
6a:9c:44:c2:9a:71:5d:4d:e4:e5:2d:a6:21:52:f6:
8e:16:fe:80:68:8e:a2:18:2d:b9:43:24:df:40:9f:
a3:10:4b:ce:66:d1:e9:9d:fc:b2:a6:83:07:42:10:
94:e5:0f:28:a8:a4:98:ee:e0:a0:23:80:3f:3e:68:
1f:e6:01:04:78:d7:b8:a4:79:c0:40:91:58:b4:97:
0d:0d:29:af:6e:95:88:f1:dd:f6:6c:df:c8:ce:59:
1f:6e:91:59:df:a4:70:e3:dc:9a:b0:b2:aa:79:6a:
41:89:09:50:55:cc:97:1f:d8:a7:a6:09:06:c9:3a:
ac:b7:88:0d:b2:23:15:4c:df:33:89:b4:fe:45:8c:
39:05:da:c1:5e:44:ad:8d:0c:5f:19:1b:c8:a5:a6:
66:3f:f9:60:55:20:f8:d7:b1:9e:45:d3:e2:7f:1f:
3d:d3:a4:5b:c4:a9:12:9c:1e:9f:0f:50:3a:56:c3:
8a:a0:aa:d0:2f:ad:74:53:fb:66:fb:f0:f0:59:ae:
b2:b0:65:7e:66:56:9e:4a:51:ec:bc:86:9e:06:9a:
d7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:ED:69:A7:97:0A:7C:27:9B:7C:6F:5C:EF:F0:3C:E7:BA:37:BF:85
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/SO1pp5cKfCebfG9c7_A857o3v4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.14.0/24
84.32.34.0/24
84.32.224.0/24
84.32.254.0/24
Signature Algorithm: sha256WithRSAEncryption
10:31:5f:c7:d0:32:8a:b5:45:ab:17:d4:1f:c2:9f:46:10:e0:
f7:6e:71:4e:05:0d:83:b5:9d:12:b2:d9:d0:7a:14:ae:59:f8:
5b:ba:e1:8f:4a:65:d8:47:28:12:ed:a7:cf:6c:db:d6:2f:25:
04:e8:c3:6b:6f:79:1c:af:8b:0e:6d:e2:20:ac:6c:ac:ca:36:
08:8e:75:1c:57:4b:af:3b:70:9a:88:b5:97:96:99:11:33:54:
2c:34:be:c8:f1:d5:69:05:dc:10:be:fc:dd:f4:71:d3:60:7c:
f1:6c:02:6e:ad:5f:69:f4:99:d3:71:ec:3f:1b:3f:6a:7a:94:
1e:26:af:fa:5c:c2:44:a3:9a:03:ef:3b:98:54:f0:36:0b:63:
d7:f5:79:3c:71:2c:d5:0d:86:e5:cd:99:47:d3:00:78:21:ff:
7f:e1:ef:35:ae:f0:5c:ba:c3:e9:4c:2a:50:e8:96:aa:09:cc:
a9:c8:be:35:eb:7d:e7:04:1f:81:26:c3:ee:54:9c:1c:a5:1f:
46:3f:1a:b3:ca:e6:7e:58:e4:8b:95:fd:3c:3f:54:2c:b7:a6:
f4:5c:60:36:c6:2c:fc:62:40:db:e4:60:e9:ce:d6:05:37:ab:
81:c8:e8:1c:d0:dc:97:03:c2:0a:2d:72:c3:5d:9e:5f:96:61:
25:08:92:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUCWTy558ur2QFZ5ZPcmQ95MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjExMTgwMTIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGVkNjlhNzk3MGE3YzI3OWI3YzZmNWNlZmYwM2NlN2JhMzdiZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhEuftldIWD/6L02BQfwqR1HVtLqq
sVd26vKOYRcx9fwqS3Cyr4rVj4bamyhqnETCmnFdTeTlLaYhUvaOFv6AaI6iGC25
QyTfQJ+jEEvOZtHpnfyypoMHQhCU5Q8oqKSY7uCgI4A/Pmgf5gEEeNe4pHnAQJFY
tJcNDSmvbpWI8d32bN/IzlkfbpFZ36Rw49yasLKqeWpBiQlQVcyXH9inpgkGyTqs
t4gNsiMVTN8zibT+RYw5BdrBXkStjQxfGRvIpaZmP/lgVSD417GeRdPifx8906Rb
xKkSnB6fD1A6VsOKoKrQL610U/tm+/DwWa6ysGV+ZlaeSlHsvIaeBprX/QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEjtaaeXCnwnm3xvXO/wPOe6N7+FMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvU08xcHA1Y0tmQ2ViZkc5YzdfQTg1N28zdjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAOAwQA
VCAiAwQAVCDgAwQAVCD+MA0GCSqGSIb3DQEBCwUAA4IBAQAQMV/H0DKKtUWrF9Qf
wp9GEOD3bnFOBQ2DtZ0SstnQehSuWfhbuuGPSmXYRygS7afPbNvWLyUE6MNrb3kc
r4sObeIgrGysyjYIjnUcV0uvO3CaiLWXlpkRM1QsNL7I8dVpBdwQvvzd9HHTYHzx
bAJurV9p9JnTcew/Gz9qepQeJq/6XMJEo5oD7zuYVPA2C2PX9Xk8cSzVDYblzZlH
0wB4If9/4e81rvBcusPpTCpQ6JaqCcypyL41633nBB+BJsPuVJwcpR9GPxqzyuZ+
WOSLlf08P1Qst6b0XGA2xiz8YkDb5GDpztYFN6uByOgc0NyXA8IKLXLDXZ5flmEl
CJLq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org