Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/r2mA-2tEXedC8HqCFobh3ZcFR-o.roa
File: r2mA-2tEXedC8HqCFobh3ZcFR-o.roa (raw, json)
Hash identifier: AEkwkap8CO5WMy71ym1/AbZZLxKp66BOC94bGk7jeyQ=
Subject key identifier: AF:69:80:FB:6B:44:5D:E7:42:F0:7A:82:16:86:E1:DD:97:05:47:EA
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0184E1BCAB792EBE93AAF840A378581C8917
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/r2mA-2tEXedC8HqCFobh3ZcFR-o.roa
Signing time: Mon 05 Dec 2022 10:02:28 +0000
ROA not before: Mon 05 Dec 2022 10:02:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 150303
IP address blocks: 84.32.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:bc:ab:79:2e:be:93:aa:f8:40:a3:78:58:1c:89:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 5 10:02:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=af6980fb6b445de742f07a821686e1dd970547ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a5:7b:34:c6:fe:fc:1b:ab:7c:50:f9:59:c2:
0a:ff:01:db:df:8f:da:af:eb:9d:99:ed:47:0c:b0:
1f:3e:5a:7b:6f:10:8c:f0:7d:f2:9b:10:52:d8:dc:
5e:a0:3d:78:eb:42:ea:1f:f9:a6:09:09:ac:c4:40:
4a:71:b9:6e:2f:2c:3f:d1:c5:1a:b2:66:88:49:4f:
79:9b:ae:42:c7:26:8c:b9:fe:97:54:6f:e5:e2:57:
f2:bf:90:33:68:17:5c:d6:3f:fe:62:46:82:de:8f:
fe:7c:b6:17:e8:5e:66:b9:3b:83:c5:b4:d3:c7:c8:
a1:ea:17:97:c6:e5:d3:46:c3:ac:56:de:4f:a8:7b:
78:21:ab:9c:95:96:1f:0e:1a:db:fb:c0:10:06:00:
c9:d7:18:62:77:4b:cf:3f:76:05:5a:0a:0d:20:7f:
b4:f4:b5:45:d7:68:3e:7b:de:49:29:c5:f1:61:eb:
e7:50:74:a9:44:fb:04:a4:f1:34:08:7f:28:1c:ff:
d2:15:f9:62:cf:0f:df:65:82:8f:cb:b0:31:41:ab:
68:b6:ae:0c:97:58:d5:3b:77:48:f3:d5:9d:58:6e:
ac:7e:f5:0e:d1:cb:b9:31:5c:37:bd:0a:ea:61:d9:
7c:74:7a:1d:83:ab:a4:81:26:f7:73:25:10:ee:13:
2a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:69:80:FB:6B:44:5D:E7:42:F0:7A:82:16:86:E1:DD:97:05:47:EA
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/r2mA-2tEXedC8HqCFobh3ZcFR-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.78.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:02:65:c8:35:b2:33:b8:21:ad:cd:6d:8a:2d:ae:3b:30:90:
41:2d:cf:95:74:bc:33:c8:ab:f0:93:e7:05:80:69:23:da:ab:
62:d0:53:b3:49:fa:24:f4:2f:f6:67:dd:56:44:72:4e:e4:66:
9b:62:1e:2b:c5:33:de:b2:e2:63:1a:97:8c:44:4b:26:0b:67:
83:6f:fd:10:2f:2b:19:68:2b:74:91:80:dc:7d:45:ea:64:e9:
25:7f:75:b5:66:6c:78:b4:99:be:6c:86:f5:b6:81:9b:37:4d:
ab:75:35:75:d7:a4:a8:73:b9:74:5d:1c:fc:b1:f0:02:5d:30:
c3:4a:bb:ad:25:36:de:b3:32:c9:0d:88:4d:95:99:99:bc:63:
2d:3a:7e:f4:aa:ef:5a:2f:2f:fe:91:57:12:80:7d:77:ce:0b:
d4:23:02:f8:29:9a:3b:eb:51:6d:5a:71:c7:65:75:10:1f:05:
22:33:c3:b0:e8:07:6a:7d:e1:0c:56:37:93:d6:da:17:08:d8:
87:44:7f:83:b2:e4:58:c5:58:44:01:bb:d9:f2:d0:0f:84:d3:
04:5a:f3:e7:8c:5d:8a:75:50:aa:3f:94:43:37:02:20:38:1b:
b9:7b:13:57:d4:5c:83:eb:00:0b:b8:56:a0:97:79:d1:5c:2e:
94:b9:4d:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYThvKt5Lr6TqvhAo3hYHIkXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjA1MTAwMjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjY5ODBmYjZiNDQ1ZGU3NDJmMDdhODIxNjg2ZTFkZDk3MDU0N2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqV7NMb+/BurfFD5WcIK/wHb34/a
r+udme1HDLAfPlp7bxCM8H3ymxBS2NxeoD1460LqH/mmCQmsxEBKcbluLyw/0cUa
smaISU95m65CxyaMuf6XVG/l4lfyv5AzaBdc1j/+YkaC3o/+fLYX6F5muTuDxbTT
x8ih6heXxuXTRsOsVt5PqHt4IauclZYfDhrb+8AQBgDJ1xhid0vPP3YFWgoNIH+0
9LVF12g+e95JKcXxYevnUHSpRPsEpPE0CH8oHP/SFflizw/fZYKPy7AxQatotq4M
l1jVO3dI89WdWG6sfvUO0cu5MVw3vQrqYdl8dHodg6ukgSb3cyUQ7hMqgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK9pgPtrRF3nQvB6ghaG4d2XBUfqMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvcjJtQS0ydEVYZWRDOEhxQ0ZvYmgzWmNGUi1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVCBOMA0G
CSqGSIb3DQEBCwUAA4IBAQAtAmXINbIzuCGtzW2KLa47MJBBLc+VdLwzyKvwk+cF
gGkj2qti0FOzSfok9C/2Z91WRHJO5GabYh4rxTPesuJjGpeMREsmC2eDb/0QLysZ
aCt0kYDcfUXqZOklf3W1Zmx4tJm+bIb1toGbN02rdTV116Soc7l0XRz8sfACXTDD
SrutJTbeszLJDYhNlZmZvGMtOn70qu9aLy/+kVcSgH13zgvUIwL4KZo761FtWnHH
ZXUQHwUiM8Ow6AdqfeEMVjeT1toXCNiHRH+DsuRYxVhEAbvZ8tAPhNMEWvPnjF2K
dVCqP5RDNwIgOBu5exNX1FyD6wALuFagl3nRXC6UuU3O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:50 2023 by rpki-client on console-fra.rpki-client.org