Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/4swvfz63FGNyDOO6sJ_VKvWjoz4.roa
File: 4swvfz63FGNyDOO6sJ_VKvWjoz4.roa (raw, json)
Hash identifier: /rNLkfC3tIe+tQ8pd6tSBEpgn2LD7/ZLkFHctPRqJFI=
Subject key identifier: E2:CC:2F:7F:3E:B7:14:63:72:0C:E3:BA:B0:9F:D5:2A:F5:A3:A3:3E
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 1B5F1B61
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/4swvfz63FGNyDOO6sJ_VKvWjoz4.roa
Signing time: Sat 01 Jan 2022 08:54:21 +0000
ROA not before: Sat 01 Jan 2022 08:54:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203961
IP address blocks: 185.24.67.0/24 maxlen: 24
2a04:2b00:14aa::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 459217761 (0x1b5f1b61)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 08:54:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e2cc2f7f3eb71463720ce3bab09fd52af5a3a33e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:16:dd:2e:f4:cd:a6:d7:61:f8:04:5c:9a:ab:
11:77:9d:c6:a9:92:8b:52:e7:17:cf:73:96:0a:35:
19:35:40:b9:54:64:12:65:b0:6a:90:b5:01:6a:23:
b0:ed:a8:1e:1b:e5:c8:09:00:37:80:f3:30:3f:fb:
e8:39:7d:3d:62:1f:bb:38:8f:a2:85:56:c8:4c:1f:
fa:b9:a2:6d:6c:b4:14:19:00:e8:60:08:f3:ca:7d:
b3:97:4b:d0:23:e6:d7:79:25:a6:8a:73:95:06:27:
60:d2:d1:9d:91:0b:8d:98:8f:50:a1:9b:67:16:a0:
80:8a:32:cf:48:e1:b8:7d:6e:e4:34:f1:45:ad:a0:
4b:c4:9d:57:d7:49:fa:77:bf:a5:5e:6e:e8:19:34:
f5:fb:4f:b1:29:f0:23:ef:80:ac:a8:31:ab:bd:10:
52:1d:72:a0:ab:cc:cc:c4:51:6f:05:f3:de:21:de:
e5:5a:7f:70:0c:5a:f1:63:09:01:31:e9:29:1c:be:
6b:eb:be:a1:d0:8e:59:40:a7:f0:0c:39:ab:94:bb:
12:60:1d:20:fe:d3:4d:fb:67:2e:fd:12:23:e3:18:
b9:10:7c:fe:ce:78:4c:6f:46:07:aa:b0:c6:14:e0:
ac:5f:8a:85:47:6e:75:95:f6:aa:27:2a:02:ca:09:
ba:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:CC:2F:7F:3E:B7:14:63:72:0C:E3:BA:B0:9F:D5:2A:F5:A3:A3:3E
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/4swvfz63FGNyDOO6sJ_VKvWjoz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.67.0/24
IPv6:
2a04:2b00:14aa::/48
Signature Algorithm: sha256WithRSAEncryption
96:3a:4c:c7:f4:03:0f:a9:7e:b4:69:63:a4:da:f7:40:48:5d:
5b:d3:6a:c0:33:03:5a:50:b1:9c:1f:2d:d4:36:5d:75:9a:e6:
72:9d:6e:93:8f:ff:cb:c1:f1:e7:e6:ae:81:de:91:2f:80:f8:
44:e1:7c:c3:94:79:55:6b:c7:7c:e8:47:fb:08:c7:e3:66:0c:
37:8a:d0:9b:05:b7:a6:10:5f:32:3f:ca:7c:90:03:a0:dd:78:
32:cc:ec:54:9e:22:d8:7b:e8:7f:75:f6:dc:1d:87:4f:c5:f1:
72:c4:df:18:23:8d:fc:bd:00:c6:a2:05:79:36:ff:f9:5c:87:
3b:bc:5e:ce:0e:44:81:9e:45:ef:ad:08:ae:a9:7a:dc:eb:e4:
50:ee:d4:04:f7:40:61:a3:10:59:f3:3e:e7:75:7d:ff:48:5b:
96:63:aa:cc:64:1d:5b:d8:87:db:c0:7e:8b:35:82:73:63:07:
4d:e8:a2:eb:aa:88:90:d9:57:a1:9c:57:b1:a3:1f:12:0e:ac:
bb:ea:04:55:8d:60:c6:b4:58:6d:38:ce:2c:d8:46:ae:6c:57:
4e:17:1c:72:43:1a:6e:5d:b3:27:ce:cf:19:07:af:a0:9e:c2:
ac:7e:42:f7:8c:e0:c7:bf:c4:fb:5e:8e:27:db:8f:ee:a7:46:
3c:00:8f:dd
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEG18bYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Nzc2YWZiNzRmYWQ1YmFmMGE2MTgwYjQ5NTEwZDhiODQ5N2RmOGQzMB4XDTIyMDEw
MTA4NTQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTJjYzJmN2YzZWI3
MTQ2MzcyMGNlM2JhYjA5ZmQ1MmFmNWEzYTMzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPAW3S70zabXYfgEXJqrEXedxqmSi1LnF89zlgo1GTVAuVRk
EmWwapC1AWojsO2oHhvlyAkAN4DzMD/76Dl9PWIfuziPooVWyEwf+rmibWy0FBkA
6GAI88p9s5dL0CPm13klpopzlQYnYNLRnZELjZiPUKGbZxaggIoyz0jhuH1u5DTx
Ra2gS8SdV9dJ+ne/pV5u6Bk09ftPsSnwI++ArKgxq70QUh1yoKvMzMRRbwXz3iHe
5Vp/cAxa8WMJATHpKRy+a+u+odCOWUCn8Aw5q5S7EmAdIP7TTftnLv0SI+MYuRB8
/s54TG9GB6qwxhTgrF+KhUdudZX2qicqAsoJupUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTizC9/PrcUY3IM47qwn9Uq9aOjPjAfBgNVHSMEGDAWgBRHdq+3T61brwph
gLSVENi4SX340zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1IzYXZ0MC10VzY4S1lZQzBsUkRZdUVsOS1OTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTQvZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8x
LzRzd3ZmejYzRkdOeURPTzZzSl9WS3ZXam96NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTQv
ZjcxY2MyLWI3MWQtNDY2OC04NjYxLTA1MzhlOTVmM2YxMi8xL1IzYXZ0MC10VzY4
S1lZQzBsUkRZdUVsOS1OTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEALkYQzAPBAIAAjAJAwcAKgQrABSq
MA0GCSqGSIb3DQEBCwUAA4IBAQCWOkzH9AMPqX60aWOk2vdASF1b02rAMwNaULGc
Hy3UNl11muZynW6Tj//LwfHn5q6B3pEvgPhE4XzDlHlVa8d86Ef7CMfjZgw3itCb
BbemEF8yP8p8kAOg3XgyzOxUniLYe+h/dfbcHYdPxfFyxN8YI438vQDGogV5Nv/5
XIc7vF7ODkSBnkXvrQiuqXrc6+RQ7tQE90BhoxBZ8z7ndX3/SFuWY6rMZB1b2Ifb
wH6LNYJzYwdN6KLrqoiQ2VehnFexox8SDqy76gRVjWDGtFhtOM4s2EaubFdOFxxy
QxpuXbMnzs8ZB6+gnsKsfkL3jODHv8T7Xo4n24/up0Y8AI/d
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:39 2023 by rpki-client on console-fra.rpki-client.org