Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VZHsiNjtHfj7HeTfq_YSrK2J2_A.roa
File: VZHsiNjtHfj7HeTfq_YSrK2J2_A.roa (raw, json)
Hash identifier: HRKn5oeU0LTJsh2sBieI3IAic3MgjmfyV613Zn88ktY=
Subject key identifier: 55:91:EC:88:D8:ED:1D:F8:FB:1D:E4:DF:AB:F6:12:AC:AD:89:DB:F0
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018335B35E7B17605A4B882792AD1A176AC9
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VZHsiNjtHfj7HeTfq_YSrK2J2_A.roa
Signing time: Tue 13 Sep 2022 07:14:50 +0000
ROA not before: Tue 13 Sep 2022 07:14:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 84.32.77.0/24 maxlen: 24
84.32.92.0/24 maxlen: 24
84.32.7.0/24 maxlen: 24
88.216.40.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:b3:5e:7b:17:60:5a:4b:88:27:92:ad:1a:17:6a:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Sep 13 07:14:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5591ec88d8ed1df8fb1de4dfabf612acad89dbf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0c:9a:59:e1:6d:7a:af:09:88:ee:6e:df:3f:
a4:4e:0b:93:a5:0a:2a:13:27:e2:dc:b0:af:2a:59:
1f:73:fe:38:a9:4d:22:24:17:46:0e:0a:77:d7:e1:
38:65:9a:ec:82:08:f9:64:45:08:8e:60:a6:1a:aa:
a4:98:dd:3e:89:89:22:d7:df:f1:ca:84:c3:8c:15:
e2:3e:3b:c4:10:94:0e:73:47:b0:8d:ad:50:fa:76:
c3:84:d2:15:42:5e:b0:b6:94:85:ab:d8:00:01:12:
80:c0:79:92:8b:11:ea:81:c7:27:02:26:66:0e:a0:
bc:b9:02:d4:d0:7e:a4:8f:51:d4:06:ae:e9:b2:c4:
53:14:89:d8:85:7f:5e:8a:dd:68:f3:fb:68:25:f4:
79:4b:63:3a:cf:56:3b:12:96:13:6a:9c:11:9b:4b:
2e:64:41:dd:54:7a:b7:e5:56:cc:b0:2d:28:59:57:
33:56:ec:3e:32:52:6a:95:0c:05:5f:e7:04:b0:a2:
84:1f:fd:e8:ed:b4:f8:01:c3:a7:e4:90:f0:80:c6:
a0:80:7a:71:24:41:d9:5a:04:ed:99:45:a8:da:75:
42:a7:87:3b:6d:44:41:52:59:9e:f3:69:63:4c:44:
67:d6:10:9d:22:5d:a0:81:37:16:58:95:3b:ac:d6:
82:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:91:EC:88:D8:ED:1D:F8:FB:1D:E4:DF:AB:F6:12:AC:AD:89:DB:F0
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VZHsiNjtHfj7HeTfq_YSrK2J2_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.7.0/24
84.32.77.0/24
84.32.92.0/24
88.216.40.0/24
Signature Algorithm: sha256WithRSAEncryption
52:2f:63:7a:52:09:b0:aa:d1:ab:4c:b7:eb:e0:bd:ff:97:80:
c8:3b:4b:34:ab:58:85:23:c0:84:b3:63:a3:49:24:1c:1d:9e:
1b:09:34:72:8b:64:6d:17:27:e2:7a:1a:6b:56:3d:fc:f4:34:
e7:72:59:c3:27:eb:e4:61:f0:09:d2:3d:3e:52:15:a5:7a:42:
44:e2:ab:74:fe:08:aa:32:2e:27:7e:8e:fa:37:a6:5c:38:ba:
2d:24:bf:04:8b:b5:53:e5:b1:b3:aa:8f:c9:6f:29:93:47:00:
4d:1e:d0:b1:24:21:63:4b:5d:a0:7d:3c:34:ed:36:c4:01:ef:
0f:19:75:22:ce:2e:c7:a2:04:3c:f8:35:3a:2b:25:5f:9a:62:
72:ac:0e:51:bc:2d:95:03:05:7a:34:9d:dd:29:8f:1c:d4:ee:
d9:d5:d9:f7:ac:58:dd:4a:5f:c4:1e:87:55:ff:ff:1c:ac:6f:
c7:55:8e:c7:7e:60:af:de:49:3a:65:14:ee:dd:a8:a7:33:bd:
65:02:05:a9:30:4e:c1:16:7e:d5:ec:b2:19:6f:b2:39:db:01:
fb:f9:cf:91:71:cd:61:13:83:aa:ce:17:58:1b:c8:e1:62:f1:
fa:71:65:fa:5b:67:79:f0:16:17:c5:fe:15:5a:5f:c2:0c:d6:
4f:a5:07:1c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYM1s157F2BaS4gnkq0aF2rJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwOTEzMDcxNDUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTkxZWM4OGQ4ZWQxZGY4ZmIxZGU0ZGZhYmY2MTJhY2FkODlkYmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwyaWeFteq8JiO5u3z+kTguTpQoq
Eyfi3LCvKlkfc/44qU0iJBdGDgp31+E4ZZrsggj5ZEUIjmCmGqqkmN0+iYki19/x
yoTDjBXiPjvEEJQOc0ewja1Q+nbDhNIVQl6wtpSFq9gAARKAwHmSixHqgccnAiZm
DqC8uQLU0H6kj1HUBq7pssRTFInYhX9eit1o8/toJfR5S2M6z1Y7EpYTapwRm0su
ZEHdVHq35VbMsC0oWVczVuw+MlJqlQwFX+cEsKKEH/3o7bT4AcOn5JDwgMaggHpx
JEHZWgTtmUWo2nVCp4c7bURBUlme82ljTERn1hCdIl2ggTcWWJU7rNaCvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFWR7IjY7R34+x3k36v2EqytidvwMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVlpIc2lOanRIZmo3SGVUZnFfWVNySzJKMl9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAHAwQA
VCBNAwQAVCBcAwQAWNgoMA0GCSqGSIb3DQEBCwUAA4IBAQBSL2N6UgmwqtGrTLfr
4L3/l4DIO0s0q1iFI8CEs2OjSSQcHZ4bCTRyi2RtFyfiehprVj389DTnclnDJ+vk
YfAJ0j0+UhWlekJE4qt0/giqMi4nfo76N6ZcOLotJL8Ei7VT5bGzqo/JbymTRwBN
HtCxJCFjS12gfTw07TbEAe8PGXUizi7HogQ8+DU6KyVfmmJyrA5RvC2VAwV6NJ3d
KY8c1O7Z1dn3rFjdSl/EHodV//8crG/HVY7HfmCv3kk6ZRTu3ainM71lAgWpME7B
Fn7V7LIZb7I52wH7+c+Rcc1hE4OqzhdYG8jhYvH6cWX6W2d58BYXxf4VWl/CDNZP
pQcc
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:30 2023 by rpki-client on console-ams.rpki-client.org