Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/czYsmz31-RWrbcQLx-INvOtWyfE.roa
File: czYsmz31-RWrbcQLx-INvOtWyfE.roa (raw, json)
Hash identifier: 0dGz0zNfmh6irg9zMvvbf5MV0yN1fMa6etXF79M2iws=
Subject key identifier: 73:36:2C:9B:3D:F5:F9:15:AB:6D:C4:0B:C7:E2:0D:BC:EB:56:C9:F1
Certificate issuer: /CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Certificate serial: 110FD2EE
Authority key identifier: 4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/czYsmz31-RWrbcQLx-INvOtWyfE.roa
Signing time: Sat 01 Jan 2022 07:53:10 +0000
ROA not before: Sat 01 Jan 2022 07:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35667
IP address blocks: 94.143.216.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 286249710 (0x110fd2ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f030205fa365e9f49ff4ea7506df912d5ed8360
Validity
Not Before: Jan 1 07:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73362c9b3df5f915ab6dc40bc7e20dbceb56c9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:c2:0f:e6:75:3c:20:55:53:95:c6:68:b7:7b:
f8:f9:2c:78:f3:01:36:6d:1b:a0:d2:ef:c5:67:d7:
f6:db:f3:4a:21:37:fc:58:89:86:27:2a:33:68:57:
46:8d:d3:76:87:bb:24:38:bd:c3:aa:44:7c:d7:5a:
65:ff:6b:aa:20:f6:3f:3c:ad:39:64:fd:09:4f:18:
c4:71:ef:e2:20:48:68:1c:68:2d:20:88:99:70:d5:
77:bb:3b:f7:67:b9:3d:7c:a7:0b:a4:94:e0:62:75:
44:72:3e:50:50:e6:d0:65:09:10:7b:0e:84:db:9d:
45:7a:93:f3:a3:91:16:e0:8b:da:b1:db:94:5f:1e:
f6:6f:04:f5:ac:11:d6:77:f1:c0:0f:2f:9c:9b:96:
ca:f2:e9:fc:d2:35:41:8a:d1:69:78:4a:2e:f8:e3:
4b:76:da:21:3a:49:25:f8:31:e4:3d:cb:56:48:08:
75:22:ca:d2:bd:62:3f:f0:86:a1:66:a5:45:82:d0:
54:04:18:10:84:50:07:82:59:93:e0:a5:44:d0:7f:
04:e8:33:57:1b:d3:40:09:81:b5:ea:6c:fe:47:86:
3e:5e:8e:cb:9a:df:31:4d:b1:cd:eb:07:3d:c5:ab:
9a:e7:14:ac:1e:30:64:71:6d:0d:60:91:16:81:d8:
3c:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:36:2C:9B:3D:F5:F9:15:AB:6D:C4:0B:C7:E2:0D:BC:EB:56:C9:F1
X509v3 Authority Key Identifier:
keyid:4F:03:02:05:FA:36:5E:9F:49:FF:4E:A7:50:6D:F9:12:D5:ED:83:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TwMCBfo2Xp9J_06nUG35EtXtg2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/czYsmz31-RWrbcQLx-INvOtWyfE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/3c8da5-a8e9-4a4f-8168-3ce611cb6799/1/TwMCBfo2Xp9J_06nUG35EtXtg2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.216.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:03:91:05:53:79:46:01:4a:1c:2a:d7:c5:66:41:a3:42:d0:
ae:37:d5:df:fa:13:75:ec:ee:0e:40:7c:00:60:28:02:ab:76:
b8:48:74:b8:21:cf:b1:a6:78:ff:57:58:20:6e:cc:5b:8b:88:
4a:02:08:40:ed:fb:ae:ce:b0:1a:3c:27:b7:fe:38:ca:26:8f:
33:ff:b5:7a:cb:b5:c8:61:ce:19:97:e1:1a:dc:b7:34:f2:59:
a7:0d:f9:1b:58:18:bf:ef:06:9f:e7:0b:1e:8e:5a:89:60:49:
1a:61:87:ea:c3:6a:21:7a:bc:32:3c:4d:35:8f:0d:99:64:76:
6a:4f:d6:b4:bd:f0:f3:3e:bc:83:0e:d7:0e:dd:2e:7a:84:45:
4f:b0:9c:9d:73:bd:42:0f:f2:5e:a8:d8:d8:c3:6f:6b:4c:52:
8f:ca:ab:21:d8:30:ef:50:ff:12:00:cd:8e:4b:56:df:48:9a:
f3:04:75:4f:13:91:7d:02:fd:a3:1b:fe:94:7d:b8:65:c2:1d:
48:2e:26:bb:c5:dd:eb:ca:40:3d:a2:64:01:5d:34:60:10:a5:
3f:5a:e0:2e:af:a9:26:00:8b:09:fb:21:a6:6a:2e:07:1b:44:
d9:af:b8:f7:5a:a1:d8:5f:9f:d6:e7:a5:61:0f:2c:37:46:f5:
b2:50:aa:28
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEQ/S7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjAzMDIwNWZhMzY1ZTlmNDlmZjRlYTc1MDZkZjkxMmQ1ZWQ4MzYwMB4XDTIyMDEw
MTA3NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzMzNjJjOWIzZGY1
ZjkxNWFiNmRjNDBiYzdlMjBkYmNlYjU2YzlmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTCD+Z1PCBVU5XGaLd7+PksePMBNm0boNLvxWfX9tvzSiE3
/FiJhicqM2hXRo3Tdoe7JDi9w6pEfNdaZf9rqiD2PzytOWT9CU8YxHHv4iBIaBxo
LSCImXDVd7s792e5PXynC6SU4GJ1RHI+UFDm0GUJEHsOhNudRXqT86ORFuCL2rHb
lF8e9m8E9awR1nfxwA8vnJuWyvLp/NI1QYrRaXhKLvjjS3baITpJJfgx5D3LVkgI
dSLK0r1iP/CGoWalRYLQVAQYEIRQB4JZk+ClRNB/BOgzVxvTQAmBteps/keGPl6O
y5rfMU2xzesHPcWrmucUrB4wZHFtDWCRFoHYPD0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRzNiybPfX5FattxAvH4g2861bJ8TAfBgNVHSMEGDAWgBRPAwIF+jZen0n/
TqdQbfkS1e2DYDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R3TUNCZm8yWHA5Sl8wNm5VRzM1RXRYdGcyQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvM2M4ZGE1LWE4ZTktNGE0Zi04MTY4LTNjZTYxMWNiNjc5OS8x
L2N6WXNtejMxLVJXcmJjUUx4LUlOdk90V3lmRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
M2M4ZGE1LWE4ZTktNGE0Zi04MTY4LTNjZTYxMWNiNjc5OS8xL1R3TUNCZm8yWHA5
Sl8wNm5VRzM1RXRYdGcyQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEA16P2DANBgkqhkiG9w0BAQsFAAOC
AQEAbgORBVN5RgFKHCrXxWZBo0LQrjfV3/oTdezuDkB8AGAoAqt2uEh0uCHPsaZ4
/1dYIG7MW4uISgIIQO37rs6wGjwnt/44yiaPM/+1esu1yGHOGZfhGty3NPJZpw35
G1gYv+8Gn+cLHo5aiWBJGmGH6sNqIXq8MjxNNY8NmWR2ak/WtL3w8z68gw7XDt0u
eoRFT7CcnXO9Qg/yXqjY2MNva0xSj8qrIdgw71D/EgDNjktW30ia8wR1TxORfQL9
oxv+lH24ZcIdSC4mu8Xd68pAPaJkAV00YBClP1rgLq+pJgCLCfshpmouBxtE2a+4
91qh2F+f1uelYQ8sN0b1slCqKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:19 2024 by rpki-client on console-ams.rpki-client.org