Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yPSELGn1RLwJQQ1NvT2T85OhdVg.roa
File: yPSELGn1RLwJQQ1NvT2T85OhdVg.roa (raw, json)
Hash identifier: rEB3MgW67W95YRmJ7czG5StHbPB3WNOud2ObiLhXrYE=
Subject key identifier: C8:F4:84:2C:69:F5:44:BC:09:41:0D:4D:BD:3D:93:F3:93:A1:75:58
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018264D56CACA674223A29BAE87E7EF9D421
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yPSELGn1RLwJQQ1NvT2T85OhdVg.roa
Signing time: Wed 03 Aug 2022 17:51:24 +0000
ROA not before: Wed 03 Aug 2022 17:51:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 84.32.56.0/24 maxlen: 24
84.32.76.0/22 maxlen: 24
88.216.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:64:d5:6c:ac:a6:74:22:3a:29:ba:e8:7e:7e:f9:d4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Aug 3 17:51:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c8f4842c69f544bc09410d4dbd3d93f393a17558
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:da:4d:52:ff:2a:af:aa:83:ed:27:58:07:bb:
33:b0:ba:b1:65:e4:31:84:66:93:38:7e:d0:c4:45:
79:b0:07:d4:65:ea:32:fe:e0:4c:b5:e6:09:d7:1b:
85:4f:2a:35:b5:0a:c6:88:34:f2:46:77:46:16:ea:
75:d1:75:ec:82:5f:16:97:2d:10:5c:21:f4:38:0d:
6f:74:fa:d9:2a:f1:73:e6:fd:39:f1:b6:ca:f0:17:
3c:bd:26:3e:12:0f:b9:ab:72:bf:11:4f:ec:eb:43:
41:6f:24:6a:24:1c:d6:4d:69:5f:e3:76:da:bb:30:
5b:1c:d8:e5:58:1b:b6:85:60:ce:77:1f:24:b2:87:
b9:d6:66:37:48:70:8b:1e:4c:a3:87:2c:e0:00:e4:
31:5c:1b:a3:a8:81:ce:48:e8:3b:c7:da:a9:f9:9a:
dd:c1:a1:36:02:2c:0c:7d:b6:72:59:28:c2:48:c5:
d2:5e:3f:fc:f6:99:c3:14:f7:cb:48:f3:51:2c:d3:
fb:41:80:6e:18:af:bd:2d:90:fc:70:f1:13:f6:ae:
df:3f:cd:38:23:cc:48:39:d3:3b:b2:c8:a1:6f:da:
9e:65:f6:e1:a7:4a:5d:4f:54:75:5e:6d:24:e7:bb:
11:8b:d5:76:ff:cc:52:1e:39:b4:26:4e:8d:c1:42:
d6:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:F4:84:2C:69:F5:44:BC:09:41:0D:4D:BD:3D:93:F3:93:A1:75:58
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/yPSELGn1RLwJQQ1NvT2T85OhdVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
84.32.76.0/22
88.216.97.0/24
Signature Algorithm: sha256WithRSAEncryption
98:99:ae:25:a5:8a:19:fb:c5:ad:5b:2e:4f:62:6f:98:c9:6b:
53:c1:c7:77:ae:4c:6f:52:6a:f3:e5:ee:6a:e0:3c:5f:05:da:
e7:97:52:4b:a8:76:91:63:9b:d0:df:6d:d9:53:45:66:3b:15:
13:a8:d0:f7:1a:c9:c9:0f:ad:72:22:24:f4:60:d2:b7:08:fc:
e3:c8:29:51:4a:6f:c3:40:dc:68:6a:f1:d1:2d:c4:a6:43:52:
70:a3:37:0c:50:12:51:3a:94:fa:c1:7f:d5:90:7b:27:a9:62:
d0:6b:c3:53:ed:3b:f2:b4:a0:50:51:4a:26:16:d4:3b:dd:e6:
bf:92:80:08:e5:e4:46:2a:d1:d9:54:a4:ef:b3:77:80:d8:27:
47:9e:ec:91:cb:cc:31:6e:0a:2f:bb:0e:51:95:a4:e6:5b:d6:
b7:1a:4a:b9:3d:c0:c2:ba:37:e0:78:0c:05:2e:35:07:cd:27:
75:36:49:96:ca:38:d7:85:1b:34:74:e0:ba:b4:41:1f:69:7b:
23:fc:6a:fb:4a:28:b4:c0:2b:8c:d7:9c:2f:fe:0d:96:a3:4d:
e3:00:bf:85:e8:aa:47:80:c1:e1:d2:61:2c:4f:03:f3:7d:11:
76:b8:18:03:60:71:4e:1a:42:dd:0d:f4:6b:85:df:5b:36:da:
8f:a9:3e:6c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJk1WyspnQiOim66H5++dQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIwODAzMTc1MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGY0ODQyYzY5ZjU0NGJjMDk0MTBkNGRiZDNkOTNmMzkzYTE3NTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNpNUv8qr6qD7SdYB7szsLqxZeQx
hGaTOH7QxEV5sAfUZeoy/uBMteYJ1xuFTyo1tQrGiDTyRndGFup10XXsgl8Wly0Q
XCH0OA1vdPrZKvFz5v058bbK8Bc8vSY+Eg+5q3K/EU/s60NBbyRqJBzWTWlf43ba
uzBbHNjlWBu2hWDOdx8ksoe51mY3SHCLHkyjhyzgAOQxXBujqIHOSOg7x9qp+Zrd
waE2AiwMfbZyWSjCSMXSXj/89pnDFPfLSPNRLNP7QYBuGK+9LZD8cPET9q7fP804
I8xIOdM7ssihb9qeZfbhp0pdT1R1Xm0k57sRi9V2/8xSHjm0Jk6NwULWOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMj0hCxp9US8CUENTb09k/OToXVYMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveVBTRUxHbjFSTHdKUVExTnZUMlQ4NU9oZFZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVCA4AwQC
VCBMAwQAWNhhMA0GCSqGSIb3DQEBCwUAA4IBAQCYma4lpYoZ+8WtWy5PYm+YyWtT
wcd3rkxvUmrz5e5q4DxfBdrnl1JLqHaRY5vQ323ZU0VmOxUTqND3GsnJD61yIiT0
YNK3CPzjyClRSm/DQNxoavHRLcSmQ1JwozcMUBJROpT6wX/VkHsnqWLQa8NT7Tvy
tKBQUUomFtQ73ea/koAI5eRGKtHZVKTvs3eA2CdHnuyRy8wxbgovuw5RlaTmW9a3
Gkq5PcDCujfgeAwFLjUHzSd1NkmWyjjXhRs0dOC6tEEfaXsj/Gr7Sii0wCuM15wv
/g2Wo03jAL+F6KpHgMHh0mEsTwPzfRF2uBgDYHFOGkLdDfRrhd9bNtqPqT5s
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:51 2023 by rpki-client on console-fra.rpki-client.org