Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/4ZJ_dk7rQxcX2QvwbnuZwdA6Oc0.roa
File: 4ZJ_dk7rQxcX2QvwbnuZwdA6Oc0.roa (raw, json)
Hash identifier: DOfIz9vt72RCnpXHj7cZtIGhiFPQgx6LB982StqFMUs=
Subject key identifier: E1:92:7F:76:4E:EB:43:17:17:D9:0B:F0:6E:7B:99:C1:D0:3A:39:CD
Certificate issuer: /CN=3af7710df8add64bb9688e0f4581bea67e402c66
Certificate serial: 01840B7EE9BEF92802946ECA33271298C5E4
Authority key identifier: 3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/4ZJ_dk7rQxcX2QvwbnuZwdA6Oc0.roa
Signing time: Mon 24 Oct 2022 19:36:17 +0000
ROA not before: Mon 24 Oct 2022 19:36:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5392
IP address blocks: 46.21.18.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0b:7e:e9:be:f9:28:02:94:6e:ca:33:27:12:98:c5:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af7710df8add64bb9688e0f4581bea67e402c66
Validity
Not Before: Oct 24 19:36:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e1927f764eeb431717d90bf06e7b99c1d03a39cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3b:a6:70:23:bd:cd:93:85:8c:6e:24:34:32:
5f:51:a8:a3:b5:11:37:5b:fa:df:cf:a5:d0:e0:61:
de:27:41:88:d2:9e:65:35:c5:f7:58:7e:4a:dd:be:
5a:e7:e3:15:42:96:96:cf:c1:41:5d:86:7c:c7:89:
14:4b:7c:03:39:56:32:ce:85:2e:e7:6c:f3:01:a1:
9a:95:12:f1:11:25:90:d8:77:80:d8:c2:2e:b5:05:
27:af:39:f3:3b:a4:7a:8c:c7:e7:18:1f:78:b3:ab:
24:ac:d5:af:e0:54:63:32:40:69:3a:8f:e2:59:b2:
95:35:28:9c:6a:0c:1f:a7:f9:ad:c3:48:1f:62:4c:
39:a9:56:00:cf:0b:7d:63:59:30:18:95:24:8a:9b:
1e:43:8b:ae:9a:63:a7:50:d1:aa:02:6e:af:22:b1:
ab:46:6d:a3:30:da:68:b7:e9:0a:70:7a:d7:43:c4:
8a:71:34:a5:60:b1:f8:4c:9d:74:0b:ef:97:f2:01:
b2:85:fc:84:5b:e3:e8:76:89:0b:9b:ad:57:c5:19:
08:da:7a:44:cd:e7:07:01:8d:d9:3e:38:f2:06:f0:
95:fa:a7:50:a7:6c:68:d9:fd:b4:7d:d6:72:c8:8c:
47:0d:c2:24:2c:f1:71:c5:34:40:37:6e:0a:57:87:
35:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:92:7F:76:4E:EB:43:17:17:D9:0B:F0:6E:7B:99:C1:D0:3A:39:CD
X509v3 Authority Key Identifier:
keyid:3A:F7:71:0D:F8:AD:D6:4B:B9:68:8E:0F:45:81:BE:A6:7E:40:2C:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvdxDfit1ku5aI4PRYG-pn5ALGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/4ZJ_dk7rQxcX2QvwbnuZwdA6Oc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/f59fe3-956e-4937-858d-eec416a886f7/1/OvdxDfit1ku5aI4PRYG-pn5ALGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.18.0/23
Signature Algorithm: sha256WithRSAEncryption
04:b1:2c:7a:5c:be:01:fb:de:06:c6:dd:e7:03:73:01:5b:d5:
37:f5:ca:da:81:17:40:1a:d7:28:69:45:ea:d3:1a:5a:9c:37:
c7:e6:9b:8e:96:35:07:7c:6e:74:0b:34:08:af:63:55:89:f8:
1b:f4:32:f9:65:0a:26:f6:a0:be:87:e4:c8:4d:b4:60:9d:7b:
5e:37:a3:dd:10:c9:d3:11:25:04:5e:d8:d6:b0:48:bf:72:9a:
ff:04:1e:37:c6:3e:06:93:01:5d:65:10:9d:53:f7:bb:2b:cc:
a2:1c:51:67:14:6b:c3:a6:a2:13:e9:1c:dc:1b:0e:a1:8b:73:
c3:73:51:53:6c:0e:22:c9:e1:8d:c2:87:d7:95:5c:3f:f7:47:
42:35:2d:02:16:47:4b:62:2a:f5:35:eb:aa:10:69:a4:1b:94:
35:67:bf:1c:59:a1:cb:a6:17:fc:af:fe:d8:80:4b:18:13:e5:
32:39:eb:a2:f8:07:a0:1e:00:07:cc:38:63:93:cf:55:cf:7c:
b0:ec:23:69:33:bd:58:3d:4d:1b:75:b6:25:fc:ed:d2:da:cd:
2d:6e:eb:a2:50:e0:c4:a5:62:1c:8e:26:e6:af:af:24:74:bd:
8e:4b:18:25:30:56:d6:ae:55:b9:ee:d5:63:96:46:59:40:43:
d7:9d:9c:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQLfum++SgClG7KMycSmMXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjc3MTBkZjhhZGQ2NGJiOTY4OGUwZjQ1ODFiZWE2N2U0
MDJjNjYwHhcNMjIxMDI0MTkzNjE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTkyN2Y3NjRlZWI0MzE3MTdkOTBiZjA2ZTdiOTljMWQwM2EzOWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgDumcCO9zZOFjG4kNDJfUaijtRE3
W/rfz6XQ4GHeJ0GI0p5lNcX3WH5K3b5a5+MVQpaWz8FBXYZ8x4kUS3wDOVYyzoUu
52zzAaGalRLxESWQ2HeA2MIutQUnrznzO6R6jMfnGB94s6skrNWv4FRjMkBpOo/i
WbKVNSicagwfp/mtw0gfYkw5qVYAzwt9Y1kwGJUkipseQ4uummOnUNGqAm6vIrGr
Rm2jMNpot+kKcHrXQ8SKcTSlYLH4TJ10C++X8gGyhfyEW+PodokLm61XxRkI2npE
zecHAY3ZPjjyBvCV+qdQp2xo2f20fdZyyIxHDcIkLPFxxTRAN24KV4c1EQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOGSf3ZO60MXF9kL8G57mcHQOjnNMB8GA1UdIwQY
MBaAFDr3cQ34rdZLuWiOD0WBvqZ+QCxmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQt
ZWVjNDE2YTg4NmY3LzEvNFpKX2RrN3JReGNYMlF2d2JudVp3ZEE2T2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mNTlmZTMtOTU2ZS00OTM3LTg1OGQtZWVjNDE2YTg4NmY3
LzEvT3ZkeERmaXQxa3U1YUk0UFJZRy1wbjVBTEdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLhUSMA0G
CSqGSIb3DQEBCwUAA4IBAQAEsSx6XL4B+94Gxt3nA3MBW9U39cragRdAGtcoaUXq
0xpanDfH5puOljUHfG50CzQIr2NVifgb9DL5ZQom9qC+h+TITbRgnXteN6PdEMnT
ESUEXtjWsEi/cpr/BB43xj4GkwFdZRCdU/e7K8yiHFFnFGvDpqIT6RzcGw6hi3PD
c1FTbA4iyeGNwofXlVw/90dCNS0CFkdLYir1NeuqEGmkG5Q1Z78cWaHLphf8r/7Y
gEsYE+UyOeui+AegHgAHzDhjk89Vz3yw7CNpM71YPU0bdbYl/O3S2s0tbuuiUODE
pWIcjibmr68kdL2OSxglMFbWrlW57tVjlkZZQEPXnZyf
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:45 2023 by rpki-client on console-ams.rpki-client.org