Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/hfJXpabNGefrwRnxZq9PBOPZ_mI.roa
File: hfJXpabNGefrwRnxZq9PBOPZ_mI.roa (raw, json)
Hash identifier: A0hlvPCYxs84MFMd4mgkY6DsoiPHTko0QpPOkEHIWyY=
Subject key identifier: 85:F2:57:A5:A6:CD:19:E7:EB:C1:19:F1:66:AF:4F:04:E3:D9:FE:62
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 01843CA001461C8534BA51FD1B6761692041
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/hfJXpabNGefrwRnxZq9PBOPZ_mI.roa
Signing time: Thu 03 Nov 2022 08:33:49 +0000
ROA not before: Thu 03 Nov 2022 08:33:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213245
IP address blocks: 84.17.88.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3c:a0:01:46:1c:85:34:ba:51:fd:1b:67:61:69:20:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Nov 3 08:33:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85f257a5a6cd19e7ebc119f166af4f04e3d9fe62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1f:93:6d:da:28:b7:1c:2d:30:53:e4:0e:0e:
ee:1c:f6:f5:69:0f:2b:ad:76:8e:6c:20:8b:e3:89:
43:ba:72:5e:79:fd:99:12:e0:e9:4b:a2:58:9a:b8:
04:f4:8c:e0:13:f4:f3:28:82:d6:87:ab:51:dc:f7:
c6:a5:66:16:c5:b3:98:8b:73:f4:24:5a:57:c5:e5:
d1:d8:1b:94:9b:c9:53:b9:4e:94:ef:73:c5:4b:84:
82:b0:31:bf:ed:6a:c6:12:ff:b1:2d:7e:f6:c2:ee:
92:00:d3:4a:90:61:79:d1:3c:35:01:eb:82:a3:75:
91:6f:52:ea:6b:23:18:4a:59:d2:5b:7e:9a:41:b1:
f0:5d:00:dd:37:9a:32:4c:04:a7:f7:0d:0f:1f:f7:
a4:6d:a5:02:2b:8d:f7:dd:37:a8:db:0f:bc:c6:81:
8c:7b:01:51:d0:87:67:df:f7:73:82:42:c1:0b:d3:
54:2c:59:24:f4:9c:19:b3:3a:62:40:89:7b:89:3c:
54:df:78:39:a1:5b:1e:e9:55:96:54:66:07:c8:80:
80:0f:79:ac:25:19:7a:e1:3b:54:69:b6:02:de:b7:
df:45:af:52:3c:fe:ee:cb:c2:e8:37:cc:6c:d9:74:
b7:68:d3:09:bf:ad:df:23:69:f2:10:59:fe:19:53:
71:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F2:57:A5:A6:CD:19:E7:EB:C1:19:F1:66:AF:4F:04:E3:D9:FE:62
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/hfJXpabNGefrwRnxZq9PBOPZ_mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.88.0/24
Signature Algorithm: sha256WithRSAEncryption
19:51:1c:6d:dc:41:f2:f7:f2:59:2d:58:2b:2b:f9:e3:19:91:
52:84:0d:01:be:db:5d:d2:d0:98:0a:a8:cf:97:4e:cd:5a:15:
b6:10:37:4f:d1:2e:1c:cc:d2:f1:09:c4:5d:10:d7:f6:d4:ed:
ce:58:d5:34:c7:f3:76:c1:9c:aa:9e:40:0c:f9:d0:0c:30:85:
ef:9d:56:9e:7f:e6:f4:6e:34:d0:a8:4c:c8:04:c6:9d:09:62:
c4:8e:fb:6d:15:f9:e4:99:a1:50:04:b2:5c:bb:8d:ba:5d:f4:
01:6b:e9:8f:1f:f6:c8:fb:98:ba:ea:5c:94:db:58:8a:34:01:
ff:15:fe:80:f9:d9:9c:0d:1a:e3:79:2f:09:a1:9a:11:6e:59:
73:29:26:69:18:9a:69:5b:98:d2:fa:00:1c:ab:25:f7:80:ac:
64:89:99:e8:2b:42:03:e3:77:a3:b4:a4:1f:af:25:8b:ca:54:
96:e3:23:93:68:14:24:14:f1:50:d8:2b:cb:9f:03:c1:ed:cb:
19:bd:b3:35:8b:2f:75:11:f6:f5:ea:27:7c:55:f9:1c:ca:e0:
69:3d:00:1a:ba:45:be:19:93:92:01:c3:dd:85:21:92:06:22:
fb:c4:a6:e1:25:d0:c9:f1:5e:bc:44:d9:ad:eb:35:e3:15:e3:
b9:3b:7e:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQ8oAFGHIU0ulH9G2dhaSBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjIxMTAzMDgzMzQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYyNTdhNWE2Y2QxOWU3ZWJjMTE5ZjE2NmFmNGYwNGUzZDlmZTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh+TbdootxwtMFPkDg7uHPb1aQ8r
rXaObCCL44lDunJeef2ZEuDpS6JYmrgE9IzgE/TzKILWh6tR3PfGpWYWxbOYi3P0
JFpXxeXR2BuUm8lTuU6U73PFS4SCsDG/7WrGEv+xLX72wu6SANNKkGF50Tw1AeuC
o3WRb1LqayMYSlnSW36aQbHwXQDdN5oyTASn9w0PH/ekbaUCK4333Teo2w+8xoGM
ewFR0Idn3/dzgkLBC9NULFkk9JwZszpiQIl7iTxU33g5oVse6VWWVGYHyICAD3ms
JRl64TtUabYC3rffRa9SPP7uy8LoN8xs2XS3aNMJv63fI2nyEFn+GVNxfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXyV6WmzRnn68EZ8WavTwTj2f5iMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvaGZKWHBhYk5HZWZyd1JueFpxOVBCT1BaX21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVBFYMA0G
CSqGSIb3DQEBCwUAA4IBAQAZURxt3EHy9/JZLVgrK/njGZFShA0Bvttd0tCYCqjP
l07NWhW2EDdP0S4czNLxCcRdENf21O3OWNU0x/N2wZyqnkAM+dAMMIXvnVaef+b0
bjTQqEzIBMadCWLEjvttFfnkmaFQBLJcu426XfQBa+mPH/bI+5i66lyU21iKNAH/
Ff6A+dmcDRrjeS8JoZoRbllzKSZpGJppW5jS+gAcqyX3gKxkiZnoK0ID43ejtKQf
ryWLylSW4yOTaBQkFPFQ2CvLnwPB7csZvbM1iy91Efb16id8VfkcyuBpPQAaukW+
GZOSAcPdhSGSBiL7xKbhJdDJ8V68RNmt6zXjFeO5O35F
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:58 2024 by rpki-client on console-fra.rpki-client.org