Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uES847SvmXbgc5b-OqaQyohYY1o.roa
File: uES847SvmXbgc5b-OqaQyohYY1o.roa (raw, json)
Hash identifier: zVyiKPjm+qljsBaNoOTXm82LHgpRvo8lghGGn3AnoiQ=
Subject key identifier: B8:44:BC:E3:B4:AF:99:76:E0:73:96:FE:3A:A6:90:CA:88:58:63:5A
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 01843EDB4C5B288AB0C675B9908ADD2EF081
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uES847SvmXbgc5b-OqaQyohYY1o.roa
Signing time: Thu 03 Nov 2022 18:57:50 +0000
ROA not before: Thu 03 Nov 2022 18:57:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 142430
IP address blocks: 84.32.62.0/24 maxlen: 24
84.32.83.0/24 maxlen: 24
88.216.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:db:4c:5b:28:8a:b0:c6:75:b9:90:8a:dd:2e:f0:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 18:57:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b844bce3b4af9976e07396fe3aa690ca8858635a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:8b:61:1b:35:88:5e:dd:0b:77:16:60:20:bf:
48:0e:bf:3f:d6:ae:6f:53:dc:65:70:f4:aa:fc:b9:
42:b7:74:9a:82:95:31:94:75:4e:58:82:3d:3b:3a:
fd:aa:99:e1:c8:b7:1e:4b:9c:11:2b:70:11:44:85:
c3:60:41:47:e6:6a:da:3f:72:f4:97:90:63:fe:42:
36:9e:33:bc:47:21:e4:97:41:9e:2c:43:89:5a:24:
e3:10:b0:17:54:76:e0:99:af:f3:6b:60:0c:b6:41:
eb:37:31:58:de:5c:47:a1:16:f0:be:38:ca:f2:d8:
a4:8e:14:1a:bb:c2:fd:aa:4e:91:ec:dd:53:49:73:
75:32:5d:11:68:03:1c:b0:87:a1:7d:14:dd:e4:eb:
0f:6c:a2:18:e3:7e:78:d6:b7:3a:a5:4c:3c:0f:9a:
c1:ce:95:1a:9f:f5:fe:a6:4a:43:4c:dd:91:01:d4:
57:a9:99:cd:9d:49:b1:96:a8:bf:43:b8:11:76:ef:
7f:dd:23:36:8b:61:6a:34:fd:88:3c:a7:d9:64:d9:
90:ff:c9:12:ec:84:d6:6a:c7:5e:2c:e2:42:23:81:
4a:0a:8e:71:06:15:93:28:08:78:75:9c:01:41:ef:
c7:10:15:f2:b8:57:d9:78:0e:76:c8:95:d1:cf:43:
e8:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:44:BC:E3:B4:AF:99:76:E0:73:96:FE:3A:A6:90:CA:88:58:63:5A
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/uES847SvmXbgc5b-OqaQyohYY1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.62.0/24
84.32.83.0/24
88.216.197.0/24
Signature Algorithm: sha256WithRSAEncryption
56:5d:b8:40:3b:03:88:30:62:a0:6e:1f:a0:43:1f:dd:09:eb:
61:4b:e8:1b:bb:b4:bc:2f:f8:25:8b:f2:a6:53:60:3d:02:48:
33:f6:3a:a3:ae:f2:68:2c:3b:f9:5a:e5:aa:e0:b6:29:be:a9:
6d:d2:93:a9:9d:03:5b:ec:93:05:b3:28:c5:10:04:ba:5f:06:
1d:0a:13:88:7d:80:56:23:6a:f9:4d:a1:85:00:6f:be:fa:e4:
7c:92:96:66:1b:41:35:ef:c3:b1:a9:8d:9a:c0:09:42:e8:96:
43:5e:45:03:48:23:4b:81:fa:14:94:b5:2d:8c:8f:1b:02:08:
1f:3d:7c:cb:a2:e6:1e:38:5c:29:e3:00:ff:70:0d:2b:fa:ba:
c7:78:7d:bd:61:a2:90:f2:9e:b4:0a:3d:aa:a1:7e:c6:6e:85:
b7:e5:0d:53:a1:90:fd:f0:9c:f1:3b:15:49:79:9e:79:54:4c:
a9:8c:4b:db:d3:4e:17:1f:ae:e2:69:b2:ea:f5:74:9e:2d:e4:
94:8f:1a:9b:ef:7c:6a:64:69:ae:7f:07:4b:68:31:32:c2:c6:
5c:b6:68:23:82:70:3a:ca:b2:f3:25:15:39:e3:8c:7d:ab:e7:
47:3a:f0:91:aa:87:62:d5:7d:73:01:4f:2f:e5:a2:b5:dd:4b:
04:61:b5:5f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYQ+20xbKIqwxnW5kIrdLvCBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMTAzMTg1NzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODQ0YmNlM2I0YWY5OTc2ZTA3Mzk2ZmUzYWE2OTBjYTg4NTg2MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy4thGzWIXt0LdxZgIL9IDr8/1q5v
U9xlcPSq/LlCt3SagpUxlHVOWII9Ozr9qpnhyLceS5wRK3ARRIXDYEFH5mraP3L0
l5Bj/kI2njO8RyHkl0GeLEOJWiTjELAXVHbgma/za2AMtkHrNzFY3lxHoRbwvjjK
8tikjhQau8L9qk6R7N1TSXN1Ml0RaAMcsIehfRTd5OsPbKIY43541rc6pUw8D5rB
zpUan/X+pkpDTN2RAdRXqZnNnUmxlqi/Q7gRdu9/3SM2i2FqNP2IPKfZZNmQ/8kS
7ITWasdeLOJCI4FKCo5xBhWTKAh4dZwBQe/HEBXyuFfZeA52yJXRz0PohwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhEvOO0r5l24HOW/jqmkMqIWGNaMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvdUVTODQ3U3ZtWGJnYzViLU9xYVF5b2hZWTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCA+AwQA
VCBTAwQAWNjFMA0GCSqGSIb3DQEBCwUAA4IBAQBWXbhAOwOIMGKgbh+gQx/dCeth
S+gbu7S8L/gli/KmU2A9Akgz9jqjrvJoLDv5WuWq4LYpvqlt0pOpnQNb7JMFsyjF
EAS6XwYdChOIfYBWI2r5TaGFAG+++uR8kpZmG0E178OxqY2awAlC6JZDXkUDSCNL
gfoUlLUtjI8bAggfPXzLouYeOFwp4wD/cA0r+rrHeH29YaKQ8p60Cj2qoX7GboW3
5Q1ToZD98JzxOxVJeZ55VEypjEvb004XH67iabLq9XSeLeSUjxqb73xqZGmufwdL
aDEywsZctmgjgnA6yrLzJRU544x9q+dHOvCRqodi1X1zAU8v5aK13UsEYbVf
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:34 2023 by rpki-client on console-ams.rpki-client.org