Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/S4TzuOPWW7PQmuZllwo3s_0qNUA.roa
File: S4TzuOPWW7PQmuZllwo3s_0qNUA.roa (raw, json)
Hash identifier: 4gQCVT/wqvWlwDNA5BwBGbVRK09pcVeUpnRujLOlIEE=
Subject key identifier: 4B:84:F3:B8:E3:D6:5B:B3:D0:9A:E6:65:97:0A:37:B3:FD:2A:35:40
Certificate issuer: /CN=a7f00d1bffff3a53e94f867d743d031b922db5b1
Certificate serial: 018217273AB0692173E1B8B546E11AC3E185
Authority key identifier: A7:F0:0D:1B:FF:FF:3A:53:E9:4F:86:7D:74:3D:03:1B:92:2D:B5:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_ANG___OlPpT4Z9dD0DG5IttbE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/S4TzuOPWW7PQmuZllwo3s_0qNUA.roa
Signing time: Tue 19 Jul 2022 15:50:23 +0000
ROA not before: Tue 19 Jul 2022 15:50:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6663
IP address blocks: 46.29.4.0/22 maxlen: 22
46.29.0.0/22 maxlen: 22
2a03:6e0:8000::/33 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:17:27:3a:b0:69:21:73:e1:b8:b5:46:e1:1a:c3:e1:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f00d1bffff3a53e94f867d743d031b922db5b1
Validity
Not Before: Jul 19 15:50:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4b84f3b8e3d65bb3d09ae665970a37b3fd2a3540
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:d3:6d:78:c3:c1:8e:67:54:57:67:08:8a:16:
eb:aa:c3:8e:f4:5a:ca:e4:ae:60:af:89:a0:38:ba:
47:b1:da:15:3e:1c:d7:6b:6b:71:e7:1e:70:39:93:
52:7d:7e:1a:43:37:3f:f2:a6:7d:e3:69:da:5e:11:
07:89:ca:b4:8a:32:4b:4b:ba:e0:77:99:00:e8:e8:
a8:7f:77:31:7c:3f:25:2f:8f:f2:d8:8a:2d:44:b5:
44:7a:92:2c:f5:55:b9:54:df:0d:4e:2e:c3:aa:c2:
5c:de:b2:cf:c7:78:f4:07:28:a8:f3:66:b9:57:1e:
b8:9a:1a:fa:80:f2:dd:74:8d:83:66:90:88:14:f3:
bf:0b:62:c1:6e:68:17:0b:17:fc:6d:57:27:45:d2:
76:53:91:9b:1f:3e:fe:21:aa:f3:23:f9:a5:87:d8:
0b:66:9b:41:7c:25:f6:98:a3:9e:b2:6b:34:73:0e:
39:f4:37:5d:15:11:89:f0:38:d9:aa:fb:06:ff:db:
25:1b:ae:89:6a:60:d2:f1:19:ae:8c:bc:22:db:c6:
31:1d:9f:95:19:80:5e:8a:35:77:78:43:ea:fc:49:
63:1b:82:63:a9:89:9f:61:ac:78:6d:a4:e6:7a:3e:
4d:72:10:c7:8c:9b:4f:85:f4:2d:3a:d0:8f:9b:55:
20:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:84:F3:B8:E3:D6:5B:B3:D0:9A:E6:65:97:0A:37:B3:FD:2A:35:40
X509v3 Authority Key Identifier:
keyid:A7:F0:0D:1B:FF:FF:3A:53:E9:4F:86:7D:74:3D:03:1B:92:2D:B5:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_ANG___OlPpT4Z9dD0DG5IttbE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/S4TzuOPWW7PQmuZllwo3s_0qNUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/4ff06f-e97f-4c5a-9da7-7ee090504fba/1/p_ANG___OlPpT4Z9dD0DG5IttbE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.0.0/21
IPv6:
2a03:6e0:8000::/33
Signature Algorithm: sha256WithRSAEncryption
75:7d:67:f0:43:49:b1:67:5a:00:c8:2f:1d:09:e9:c3:61:23:
eb:e1:90:cd:c3:9e:78:a9:a3:e2:07:0c:d3:19:a0:97:10:2f:
00:dd:0f:68:43:7f:ea:de:00:4e:b2:9d:61:2f:2c:62:b0:6d:
3d:b2:11:24:eb:ca:91:93:f6:e2:61:cd:2d:ad:d6:d9:eb:8d:
6e:5c:5f:ac:b3:57:fc:95:53:b3:49:10:b5:e9:a5:1b:5e:0b:
01:a7:65:59:d3:46:07:27:44:f4:97:da:65:db:f1:86:02:a0:
06:b2:ee:d9:74:b2:30:f9:e8:7c:53:4c:9f:7a:8d:74:cd:a4:
cb:89:b2:72:86:1d:7e:d7:d2:1b:b2:75:05:5c:1b:21:f9:11:
81:32:70:59:dd:cf:83:96:96:a7:84:af:1a:be:c2:b3:b0:64:
8f:d4:26:7f:bd:4f:c8:6b:9a:a8:b3:2d:f8:66:dc:5c:43:88:
0a:33:73:fc:a5:3d:db:4a:ca:6e:a2:62:a4:7d:cc:97:19:7e:
89:aa:ea:eb:22:9f:89:b5:8b:fd:bd:64:6f:f7:6a:58:07:12:
0a:f7:7d:a6:e1:15:60:f4:d1:d7:4a:64:6c:03:18:41:14:2a:
0d:dc:de:b6:41:90:e7:d0:ea:d5:2e:06:e6:79:6f:53:17:a5:
86:e9:eb:ba
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYIXJzqwaSFz4bi1RuEaw+GFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3ZjAwZDFiZmZmZjNhNTNlOTRmODY3ZDc0M2QwMzFiOTIy
ZGI1YjEwHhcNMjIwNzE5MTU1MDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjg0ZjNiOGUzZDY1YmIzZDA5YWU2NjU5NzBhMzdiM2ZkMmEzNTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9NteMPBjmdUV2cIihbrqsOO9FrK
5K5gr4mgOLpHsdoVPhzXa2tx5x5wOZNSfX4aQzc/8qZ942naXhEHicq0ijJLS7rg
d5kA6Oiof3cxfD8lL4/y2IotRLVEepIs9VW5VN8NTi7DqsJc3rLPx3j0Byio82a5
Vx64mhr6gPLddI2DZpCIFPO/C2LBbmgXCxf8bVcnRdJ2U5GbHz7+IarzI/mlh9gL
ZptBfCX2mKOesms0cw459DddFRGJ8DjZqvsG/9slG66JamDS8RmujLwi28YxHZ+V
GYBeijV3eEPq/EljG4JjqYmfYax4baTmej5NchDHjJtPhfQtOtCPm1UgkQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFEuE87jj1luz0JrmZZcKN7P9KjVAMB8GA1UdIwQY
MBaAFKfwDRv//zpT6U+GfXQ9AxuSLbWxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9BTkdfX19PbFBwVDRaOWREMERHNUl0dGJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi80ZmYwNmYtZTk3Zi00YzVhLTlkYTct
N2VlMDkwNTA0ZmJhLzEvUzRUenVPUFdXN1BRbXVabGx3bzNzXzBxTlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi80ZmYwNmYtZTk3Zi00YzVhLTlkYTctN2VlMDkwNTA0ZmJh
LzEvcF9BTkdfX19PbFBwVDRaOWREMERHNUl0dGJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDLh0AMA4E
AgACMAgDBgcqAwbggDANBgkqhkiG9w0BAQsFAAOCAQEAdX1n8ENJsWdaAMgvHQnp
w2Ej6+GQzcOeeKmj4gcM0xmglxAvAN0PaEN/6t4ATrKdYS8sYrBtPbIRJOvKkZP2
4mHNLa3W2euNblxfrLNX/JVTs0kQtemlG14LAadlWdNGBydE9JfaZdvxhgKgBrLu
2XSyMPnofFNMn3qNdM2ky4mycoYdftfSG7J1BVwbIfkRgTJwWd3Pg5aWp4SvGr7C
s7Bkj9Qmf71PyGuaqLMt+GbcXEOICjNz/KU920rKbqJipH3Mlxl+iarq6yKfibWL
/b1kb/dqWAcSCvd9puEVYPTR10pkbAMYQRQqDdzetkGQ59Dq1S4G5nlvUxelhunr
ug==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:20:09 2024 by rpki-client on console-ams.rpki-client.org