Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UcjWHJ4kuDOCmlmtCe7eIQVMwlw.roa
File: UcjWHJ4kuDOCmlmtCe7eIQVMwlw.roa (raw, json)
Hash identifier: 3ry/V8m8O/YF98CVBNC/Ja5BN1yo+TWuWjGkjcmBFgQ=
Subject key identifier: 51:C8:D6:1C:9E:24:B8:33:82:9A:59:AD:09:EE:DE:21:05:4C:C2:5C
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01850AAAF1C940E851AA43DEE71D3E42FDC8
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UcjWHJ4kuDOCmlmtCe7eIQVMwlw.roa
Signing time: Tue 13 Dec 2022 08:47:33 +0000
ROA not before: Tue 13 Dec 2022 08:47:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211975
IP address blocks: 84.32.213.0/24 maxlen: 24
84.32.216.0/24 maxlen: 24
88.216.222.0/24 maxlen: 24
84.32.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0a:aa:f1:c9:40:e8:51:aa:43:de:e7:1d:3e:42:fd:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 13 08:47:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=51c8d61c9e24b833829a59ad09eede21054cc25c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c4:37:1e:97:17:7a:97:a8:17:11:62:bd:27:
57:45:72:bd:7a:ed:3d:0f:24:53:58:0d:1f:10:10:
57:4c:43:d6:cc:01:5c:a7:c0:18:e7:8f:2f:67:3b:
79:cd:7e:c1:e5:5b:42:ed:71:23:c5:43:0f:a3:89:
77:0d:ab:9f:37:aa:f5:d5:3b:de:f5:7c:6e:43:88:
a1:ac:67:57:be:28:19:7e:2e:ef:a1:04:73:61:96:
07:69:b4:af:f3:01:39:56:af:5b:b1:a9:3b:03:3a:
f9:f7:31:fa:e6:a5:87:97:99:6a:28:38:ba:79:d5:
85:46:1b:54:16:4c:b3:ee:83:0a:a3:e5:8c:8b:c9:
80:68:8d:91:7b:2f:69:7d:a5:af:3d:5a:37:22:30:
e1:1a:b9:68:aa:38:ad:16:ed:06:b8:0b:9f:a5:45:
84:6e:03:8f:0c:42:19:45:ba:ec:6c:31:41:8f:45:
26:af:f3:dc:19:42:aa:bc:10:03:35:c5:86:8c:f8:
44:72:8d:87:b5:a8:5d:a8:19:1d:d4:66:f8:24:80:
99:1e:8f:74:0d:a6:5b:50:ed:f3:a8:89:44:81:6b:
e2:7d:e1:f2:c0:3b:7f:bf:78:dc:02:6e:61:e4:65:
96:e6:a8:3b:49:0e:d7:87:c8:81:ea:6c:15:6f:12:
d4:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
51:C8:D6:1C:9E:24:B8:33:82:9A:59:AD:09:EE:DE:21:05:4C:C2:5C
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/UcjWHJ4kuDOCmlmtCe7eIQVMwlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.51.0/24
84.32.213.0/24
84.32.216.0/24
88.216.222.0/24
Signature Algorithm: sha256WithRSAEncryption
61:87:77:47:1c:32:f8:72:da:5b:f5:cf:fd:6a:db:9a:49:0a:
84:8e:46:26:17:a4:db:96:68:11:5e:8e:52:7a:6e:70:f8:45:
75:7c:14:63:9d:c2:eb:81:a8:72:83:99:1f:29:f4:2c:18:59:
c9:84:b0:72:b1:ec:26:cc:dd:bc:db:6a:d4:20:8c:b3:d0:a8:
02:cf:c6:00:0e:f6:1b:dd:a4:b8:80:ca:3e:33:80:d6:2d:5d:
16:5f:0d:87:70:d1:aa:1d:2b:75:01:8d:3c:2a:f2:cc:af:7e:
60:ea:c0:40:44:f3:ca:e4:bd:b2:af:ca:73:40:e2:61:57:0f:
ef:f4:04:91:bc:c7:5c:64:18:ed:99:82:da:ff:e6:b5:4d:91:
2d:37:b3:f4:a9:ba:c7:31:99:de:ba:70:85:53:b0:e8:e9:13:
ed:27:ef:40:3f:b6:75:d1:7c:41:18:5e:c3:eb:45:96:2a:f7:
dc:6c:65:7e:6b:6b:da:1b:10:ed:57:70:48:24:d1:5e:3c:c4:
1b:2d:5b:ed:62:18:8a:12:50:e9:90:bf:d9:7c:11:80:19:79:
17:c8:c1:78:ce:48:41:77:c5:64:52:31:b3:75:5b:83:6d:65:
bd:11:94:4c:8f:2f:ef:77:e6:6d:61:56:fd:65:8f:ba:8f:a6:
ec:c9:a5:34
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUKqvHJQOhRqkPe5x0+Qv3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEzMDg0NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MWM4ZDYxYzllMjRiODMzODI5YTU5YWQwOWVlZGUyMTA1NGNjMjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08Q3HpcXepeoFxFivSdXRXK9eu09
DyRTWA0fEBBXTEPWzAFcp8AY548vZzt5zX7B5VtC7XEjxUMPo4l3DaufN6r11Tve
9XxuQ4ihrGdXvigZfi7voQRzYZYHabSv8wE5Vq9bsak7Azr59zH65qWHl5lqKDi6
edWFRhtUFkyz7oMKo+WMi8mAaI2Rey9pfaWvPVo3IjDhGrloqjitFu0GuAufpUWE
bgOPDEIZRbrsbDFBj0Umr/PcGUKqvBADNcWGjPhEco2HtahdqBkd1Gb4JICZHo90
DaZbUO3zqIlEgWvifeHywDt/v3jcAm5h5GWW5qg7SQ7Xh8iB6mwVbxLUhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFHI1hyeJLgzgppZrQnu3iEFTMJcMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVWNqV0hKNGt1RE9DbWxtdENlN2VJUVZNd2x3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAzAwQA
VCDVAwQAVCDYAwQAWNjeMA0GCSqGSIb3DQEBCwUAA4IBAQBhh3dHHDL4ctpb9c/9
atuaSQqEjkYmF6TblmgRXo5Sem5w+EV1fBRjncLrgahyg5kfKfQsGFnJhLBysewm
zN2822rUIIyz0KgCz8YADvYb3aS4gMo+M4DWLV0WXw2HcNGqHSt1AY08KvLMr35g
6sBARPPK5L2yr8pzQOJhVw/v9ASRvMdcZBjtmYLa/+a1TZEtN7P0qbrHMZneunCF
U7Do6RPtJ+9AP7Z10XxBGF7D60WWKvfcbGV+a2vaGxDtV3BIJNFePMQbLVvtYhiK
ElDpkL/ZfBGAGXkXyMF4zkhBd8VkUjGzdVuDbWW9EZRMjy/vd+ZtYVb9ZY+6j6bs
yaU0
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:28 2024 by rpki-client on console-ams.rpki-client.org