Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ig9cYc9MmZi_91_FMq9cEPuOK8c.roa
File: ig9cYc9MmZi_91_FMq9cEPuOK8c.roa (raw, json)
Hash identifier: ehYc4BY6OBwwpD8pKBhqBRRGeiiqhyycTzTCXh2LnpU=
Subject key identifier: 8A:0F:5C:61:CF:4C:99:98:BF:F7:5F:C5:32:AF:5C:10:FB:8E:2B:C7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184F2C3FA8BE36E87E289A93BBC423D9CA6
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ig9cYc9MmZi_91_FMq9cEPuOK8c.roa
Signing time: Thu 08 Dec 2022 17:24:00 +0000
ROA not before: Thu 08 Dec 2022 17:24:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 140947
IP address blocks: 84.32.61.0/24 maxlen: 24
84.32.9.0/24 maxlen: 24
84.32.11.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:c3:fa:8b:e3:6e:87:e2:89:a9:3b:bc:42:3d:9c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 8 17:24:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a0f5c61cf4c9998bff75fc532af5c10fb8e2bc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:a8:16:c0:48:fb:32:87:81:29:c9:f8:bf:68:
5f:ce:dc:fe:f7:23:5d:f5:58:cf:4a:a2:7b:45:f4:
72:33:69:5d:c3:01:aa:d4:ce:dd:07:8d:78:f9:af:
c1:cc:cd:e5:30:a8:7d:af:27:36:66:33:13:24:21:
c5:c7:6b:de:ff:8b:42:2f:47:62:0f:3c:1a:aa:10:
e6:1e:ed:27:b7:de:a1:3b:21:6a:dd:ff:c8:66:b2:
ac:6d:e9:a2:69:c9:41:42:73:5d:eb:68:64:56:4f:
e8:a4:71:06:94:e8:d0:ed:e4:6d:23:37:2c:66:32:
85:ea:8b:49:7b:6c:68:27:7b:d3:a5:22:6c:d0:05:
0f:1f:46:ce:07:1c:65:dc:8d:61:74:86:5f:d1:1c:
bd:39:89:9a:eb:58:b0:f5:bb:20:a4:2f:09:9a:54:
06:2f:90:15:4a:f2:e1:e5:e0:a5:9a:fa:60:69:54:
f2:58:cb:ae:28:c3:8b:39:f0:a6:7b:c0:c7:4e:19:
db:c0:5b:76:3e:14:6d:1e:35:b7:78:fd:49:7e:62:
27:c2:37:bd:b1:5b:e9:7d:c2:4e:bc:17:e8:1e:dd:
2c:eb:2f:eb:75:ed:5e:8a:12:aa:d8:0a:76:38:ed:
b7:c2:64:18:34:63:91:18:9f:b4:65:7a:2a:bc:33:
5e:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:0F:5C:61:CF:4C:99:98:BF:F7:5F:C5:32:AF:5C:10:FB:8E:2B:C7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/ig9cYc9MmZi_91_FMq9cEPuOK8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.9.0/24
84.32.11.0/24
84.32.61.0/24
Signature Algorithm: sha256WithRSAEncryption
26:11:0b:d5:7d:a4:1c:96:5a:54:09:84:ea:45:f2:ef:d8:6f:
8b:6f:4e:85:d9:55:8b:36:fd:75:51:f6:00:51:cd:35:7d:1a:
ab:2a:f5:0d:5c:d8:f9:45:c9:88:47:d0:c3:3c:00:68:46:84:
5a:9d:a1:55:5d:0f:7b:e0:74:78:ec:20:3f:e0:68:a5:18:f2:
fd:2e:f4:53:94:0e:83:ee:82:d9:99:ac:5c:43:87:27:45:f3:
98:ea:27:3f:d1:96:25:3d:8d:04:30:92:39:5c:8c:c1:8d:ef:
c4:08:f4:d0:c4:cb:c9:57:89:ab:94:2d:3e:81:51:8d:a3:f1:
15:96:fb:4e:fd:4a:55:d2:50:87:c0:a3:76:87:b6:91:d7:ab:
4a:af:4e:12:35:73:d9:cb:01:3d:b1:7a:dd:e6:d4:28:30:f4:
8c:f9:cb:59:e0:c4:f1:2d:48:92:e0:bd:1b:62:60:4e:b0:a8:
6a:5a:1a:33:cd:c7:05:9f:6b:3d:6d:b5:12:28:39:cb:1f:06:
c7:43:4a:f9:ac:4a:f4:4d:09:a6:6a:13:3c:1c:bb:a9:b8:92:
ff:2e:3f:5c:0e:84:ee:1e:ba:c9:54:53:5a:1f:74:ed:16:19:
16:30:ab:7e:4c:c8:32:f1:25:7e:be:44:df:f2:aa:fd:a7:04:
37:3d:a6:38
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTyw/qL426H4ompO7xCPZymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA4MTcyNDAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTBmNWM2MWNmNGM5OTk4YmZmNzVmYzUzMmFmNWMxMGZiOGUyYmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhagWwEj7MoeBKcn4v2hfztz+9yNd
9VjPSqJ7RfRyM2ldwwGq1M7dB414+a/BzM3lMKh9ryc2ZjMTJCHFx2ve/4tCL0di
DzwaqhDmHu0nt96hOyFq3f/IZrKsbemiaclBQnNd62hkVk/opHEGlOjQ7eRtIzcs
ZjKF6otJe2xoJ3vTpSJs0AUPH0bOBxxl3I1hdIZf0Ry9OYma61iw9bsgpC8JmlQG
L5AVSvLh5eClmvpgaVTyWMuuKMOLOfCme8DHThnbwFt2PhRtHjW3eP1JfmInwje9
sVvpfcJOvBfoHt0s6y/rde1eihKq2Ap2OO23wmQYNGORGJ+0ZXoqvDNegQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIoPXGHPTJmYv/dfxTKvXBD7jivHMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvaWc5Y1ljOU1tWmlfOTFfRk1xOWNFUHVPSzhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCAJAwQA
VCALAwQAVCA9MA0GCSqGSIb3DQEBCwUAA4IBAQAmEQvVfaQcllpUCYTqRfLv2G+L
b06F2VWLNv11UfYAUc01fRqrKvUNXNj5RcmIR9DDPABoRoRanaFVXQ974HR47CA/
4GilGPL9LvRTlA6D7oLZmaxcQ4cnRfOY6ic/0ZYlPY0EMJI5XIzBje/ECPTQxMvJ
V4mrlC0+gVGNo/EVlvtO/UpV0lCHwKN2h7aR16tKr04SNXPZywE9sXrd5tQoMPSM
+ctZ4MTxLUiS4L0bYmBOsKhqWhozzccFn2s9bbUSKDnLHwbHQ0r5rEr0TQmmahM8
HLupuJL/Lj9cDoTuHrrJVFNaH3TtFhkWMKt+TMgy8SV+vkTf8qr9pwQ3PaY4
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:49 2023 by rpki-client on console-fra.rpki-client.org