Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zGZw9xGdzJBQzvmdDEOEyCjc0EY.roa
File: zGZw9xGdzJBQzvmdDEOEyCjc0EY.roa (raw, json)
Hash identifier: zxqhk9bB7vXW/Jr9QxxYJOgYYdgoWPDH45pVC6oXfOc=
Subject key identifier: CC:66:70:F7:11:9D:CC:90:50:CE:F9:9D:0C:43:84:C8:28:DC:D0:46
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018507A1AA274D07FA07F0EA483C050D986C
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zGZw9xGdzJBQzvmdDEOEyCjc0EY.roa
Signing time: Mon 12 Dec 2022 18:38:33 +0000
ROA not before: Mon 12 Dec 2022 18:38:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206119
IP address blocks: 84.32.179.0/24 maxlen: 24
84.32.178.0/24 maxlen: 24
84.32.222.0/24 maxlen: 24
84.32.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:a1:aa:27:4d:07:fa:07:f0:ea:48:3c:05:0d:98:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 12 18:38:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cc6670f7119dcc9050cef99d0c4384c828dcd046
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e0:6a:7a:49:8a:39:30:f8:3c:98:dd:ee:43:
a0:4e:ab:34:0b:31:58:78:ff:e9:e7:46:06:53:5e:
cd:1e:5e:68:bb:78:fa:89:df:ea:5e:60:0f:ad:bf:
36:6c:60:14:45:5f:91:5e:20:86:80:5b:4e:32:e3:
09:4c:44:27:37:b7:31:7a:58:7e:f9:82:d1:82:50:
68:94:cb:29:8e:10:2a:99:8e:c7:a2:0f:54:85:22:
79:6a:69:b2:db:fa:40:a8:29:58:32:19:bc:96:a2:
fa:96:04:0e:b3:aa:5b:ea:bd:88:aa:30:40:63:25:
f5:a9:48:4f:c1:38:3a:ed:45:c8:9c:0d:2d:9c:28:
28:6b:1a:e4:0c:58:e6:ff:10:c9:a5:74:54:26:96:
12:41:08:21:46:15:70:c2:70:59:32:97:5e:2c:01:
a4:cf:bb:ab:91:dd:7f:93:38:7e:f0:c5:2d:dc:aa:
43:ec:d8:14:2a:bb:b0:24:7c:29:14:c7:80:ba:20:
00:af:ec:50:a5:3c:62:31:9b:25:a1:d2:4c:4d:01:
ec:99:1e:95:65:a9:45:ba:7d:84:23:09:12:f7:27:
1e:8a:8d:8b:d4:75:5a:d9:36:d3:d1:07:0c:27:7a:
0a:f1:f8:57:32:12:7a:ba:31:78:63:a9:7c:52:10:
36:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:66:70:F7:11:9D:CC:90:50:CE:F9:9D:0C:43:84:C8:28:DC:D0:46
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/zGZw9xGdzJBQzvmdDEOEyCjc0EY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.178.0/23
84.32.220.0/24
84.32.222.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:38:61:b8:7b:f8:6c:29:7d:af:76:b1:18:1f:33:f2:bb:e0:
ee:0f:13:79:e3:a3:9f:7a:04:f7:ba:a5:fe:00:5d:97:cc:dd:
b2:3d:2c:f4:63:76:cb:11:67:3f:38:1e:8d:2a:6a:07:76:34:
09:50:63:8e:d3:5e:24:11:fa:10:3a:9c:6c:8a:29:ab:25:00:
3f:24:e7:6a:69:2e:fd:1c:7e:e1:4f:94:f3:8c:ae:b3:af:80:
02:bd:e3:cb:4e:e7:c3:75:89:ba:41:03:13:5f:c8:69:66:17:
8d:c1:7c:ce:14:f1:5d:7f:a4:25:72:84:cf:6b:20:25:8e:87:
77:4c:2a:7f:52:91:26:24:f2:09:0f:de:9d:2a:9f:87:1d:4c:
a2:32:70:49:c6:b6:60:2e:67:62:79:a6:cf:3a:d6:1a:83:5e:
d9:6e:1b:22:91:4c:de:a4:8a:a0:66:de:af:e2:8c:1d:9c:03:
27:6b:33:bd:17:24:d2:63:3a:d7:f4:fe:99:48:0a:97:72:0b:
a5:e7:1e:92:fd:88:6c:f8:db:87:fb:9f:7b:ec:b8:37:79:1c:
fa:4e:e6:37:59:11:0f:54:43:7b:36:a7:8f:eb:29:7d:14:95:
be:d8:81:b1:a2:d9:1c:42:ee:1a:a7:47:22:07:ed:af:4b:ba:
27:a9:92:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUHoaonTQf6B/DqSDwFDZhsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEyMTgzODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY2NzBmNzExOWRjYzkwNTBjZWY5OWQwYzQzODRjODI4ZGNkMDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruBqekmKOTD4PJjd7kOgTqs0CzFY
eP/p50YGU17NHl5ou3j6id/qXmAPrb82bGAURV+RXiCGgFtOMuMJTEQnN7cxelh+
+YLRglBolMspjhAqmY7Hog9UhSJ5ammy2/pAqClYMhm8lqL6lgQOs6pb6r2IqjBA
YyX1qUhPwTg67UXInA0tnCgoaxrkDFjm/xDJpXRUJpYSQQghRhVwwnBZMpdeLAGk
z7urkd1/kzh+8MUt3KpD7NgUKruwJHwpFMeAuiAAr+xQpTxiMZslodJMTQHsmR6V
ZalFun2EIwkS9yceio2L1HVa2TbT0QcMJ3oK8fhXMhJ6ujF4Y6l8UhA2vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMxmcPcRncyQUM75nQxDhMgo3NBGMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvekdadzl4R2R6SkJRenZtZERFT0V5Q2pjMEVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBVCCyAwQA
VCDcAwQAVCDeMA0GCSqGSIb3DQEBCwUAA4IBAQA+OGG4e/hsKX2vdrEYHzPyu+Du
DxN546OfegT3uqX+AF2XzN2yPSz0Y3bLEWc/OB6NKmoHdjQJUGOO014kEfoQOpxs
iimrJQA/JOdqaS79HH7hT5TzjK6zr4ACvePLTufDdYm6QQMTX8hpZheNwXzOFPFd
f6QlcoTPayAljod3TCp/UpEmJPIJD96dKp+HHUyiMnBJxrZgLmdieabPOtYag17Z
bhsikUzepIqgZt6v4owdnAMnazO9FyTSYzrX9P6ZSAqXcgul5x6S/Yhs+NuH+597
7Lg3eRz6TuY3WREPVEN7NqeP6yl9FJW+2IGxotkcQu4ap0ciB+2vS7onqZLD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org