Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VzSZqTgwvocSkMSr0dn9ePzRBSE.roa
File: VzSZqTgwvocSkMSr0dn9ePzRBSE.roa (raw, json)
Hash identifier: x+wrQWvOxeJjhBITcth9ovt0gaKncK3Qsq1mbSn5EgA=
Subject key identifier: 57:34:99:A9:38:30:BE:87:12:90:C4:AB:D1:D9:FD:78:FC:D1:05:21
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E84227FE4DCAF028767E65DCAF11610A
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VzSZqTgwvocSkMSr0dn9ePzRBSE.roa
Signing time: Tue 06 Dec 2022 16:26:00 +0000
ROA not before: Tue 06 Dec 2022 16:26:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 84.32.29.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e8:42:27:fe:4d:ca:f0:28:76:7e:65:dc:af:11:61:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 6 16:26:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=573499a93830be871290c4abd1d9fd78fcd10521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6f:2e:9e:33:fc:c5:99:86:bc:0a:d0:18:83:
60:3c:63:6e:04:48:1d:03:9d:fc:a5:52:fc:aa:e4:
da:12:40:7a:15:41:82:6a:00:fb:d1:e0:2c:b8:18:
35:2a:5c:1f:bd:65:a1:46:7d:e4:c8:35:00:cb:f9:
d3:f4:14:f2:50:2d:5c:8d:69:7b:0a:a9:6b:06:a9:
d4:7e:a2:99:7e:e4:a1:50:b5:b8:c8:f9:b1:1f:ab:
03:65:4c:54:87:32:b8:c5:4e:c7:b9:cf:0f:9e:5c:
8f:d1:1b:c8:ed:e3:79:4b:cc:9b:d2:25:95:ce:8a:
96:b4:1d:c5:b5:e2:17:79:75:25:6d:25:34:ec:70:
85:01:9a:54:77:d6:68:99:93:a3:ff:b3:b1:16:fa:
92:f0:ff:7a:bc:a9:4a:0e:8f:bf:89:e1:b3:4f:f0:
ed:ed:ee:39:7d:5f:08:1c:d3:3a:5e:10:15:63:97:
b3:fe:84:cf:fa:27:e9:85:3a:aa:d1:8b:86:03:83:
93:51:ed:96:4f:af:49:16:f3:2a:81:9e:e2:97:c0:
a8:93:6e:65:8b:75:a2:f7:5f:e1:dc:1f:b1:8d:4a:
08:69:29:6e:75:76:e0:67:2c:df:be:4b:25:57:53:
4c:c3:a0:a8:5e:fb:f2:23:8e:8a:c4:84:4f:a5:97:
38:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:34:99:A9:38:30:BE:87:12:90:C4:AB:D1:D9:FD:78:FC:D1:05:21
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/VzSZqTgwvocSkMSr0dn9ePzRBSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0/24
84.32.45.0/24
84.32.241.0/24
Signature Algorithm: sha256WithRSAEncryption
83:a1:92:88:aa:49:4a:54:67:69:3b:5e:97:a1:b5:af:ce:ea:
45:99:81:e3:57:e1:37:d4:0b:94:40:a3:30:e0:9f:72:f8:2c:
61:f9:06:44:83:1d:92:84:e8:59:f4:5a:21:89:9a:1d:0b:dc:
46:7f:4a:43:80:ac:8e:6b:63:5d:67:8e:20:fd:94:fc:a5:4b:
38:26:30:b3:4d:da:5f:de:aa:91:fe:54:3d:be:e7:7b:3e:75:
ad:c5:1a:25:df:9b:be:15:d0:f3:f7:5c:c8:70:be:08:d4:8f:
49:0f:55:53:ea:6f:74:3d:84:db:ca:1a:c1:a2:b6:7d:77:fe:
df:8c:03:26:5d:cb:72:78:40:df:32:0c:ff:85:f8:5e:95:33:
e0:9f:b5:3e:40:2b:b3:1a:a1:d9:e1:9c:37:e6:8f:03:38:00:
7c:4b:fb:3b:42:29:43:0d:12:fa:93:12:21:f7:c4:d4:34:78:
83:4b:d2:18:3d:86:7f:63:b3:68:dd:b1:4c:ff:97:ee:43:c4:
1d:45:71:f7:3c:01:d7:e5:66:60:7b:b2:fc:b1:d0:f0:10:c7:
b9:34:99:48:12:56:d9:bd:e2:2f:de:ca:88:1d:9a:e3:aa:4c:
52:5c:4c:3b:ad:29:6a:31:ae:99:40:67:a0:d2:ae:2a:86:a9:
f2:4c:37:42
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYToQif+TcrwKHZ+ZdyvEWEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA2MTYyNjAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM0OTlhOTM4MzBiZTg3MTI5MGM0YWJkMWQ5ZmQ3OGZjZDEwNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlG8unjP8xZmGvArQGINgPGNuBEgd
A538pVL8quTaEkB6FUGCagD70eAsuBg1KlwfvWWhRn3kyDUAy/nT9BTyUC1cjWl7
CqlrBqnUfqKZfuShULW4yPmxH6sDZUxUhzK4xU7Huc8PnlyP0RvI7eN5S8yb0iWV
zoqWtB3FteIXeXUlbSU07HCFAZpUd9ZomZOj/7OxFvqS8P96vKlKDo+/ieGzT/Dt
7e45fV8IHNM6XhAVY5ez/oTP+ifphTqq0YuGA4OTUe2WT69JFvMqgZ7il8Cok25l
i3Wi91/h3B+xjUoIaSludXbgZyzfvkslV1NMw6CoXvvyI46KxIRPpZc4mwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFc0mak4ML6HEpDEq9HZ/Xj80QUhMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvVnpTWnFUZ3d2b2NTa01TcjBkbjllUHpSQlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAdAwQA
VCAtAwQAVCDxMA0GCSqGSIb3DQEBCwUAA4IBAQCDoZKIqklKVGdpO16XobWvzupF
mYHjV+E31AuUQKMw4J9y+Cxh+QZEgx2ShOhZ9FohiZodC9xGf0pDgKyOa2NdZ44g
/ZT8pUs4JjCzTdpf3qqR/lQ9vud7PnWtxRol35u+FdDz91zIcL4I1I9JD1VT6m90
PYTbyhrBorZ9d/7fjAMmXctyeEDfMgz/hfhelTPgn7U+QCuzGqHZ4Zw35o8DOAB8
S/s7QilDDRL6kxIh98TUNHiDS9IYPYZ/Y7No3bFM/5fuQ8QdRXH3PAHX5WZge7L8
sdDwEMe5NJlIElbZveIv3sqIHZrjqkxSXEw7rSlqMa6ZQGeg0q4qhqnyTDdC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:48 2023 by rpki-client on console-fra.rpki-client.org