Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/lQ3Q20-BKrlpLUVTSYU__HD999E.roa
File: lQ3Q20-BKrlpLUVTSYU__HD999E.roa (raw, json)
Hash identifier: 9VOK3FbI3LDr2NARtWaNxlAMB8pWdGLbqCqlBqmqXHo=
Subject key identifier: 95:0D:D0:DB:4F:81:2A:B9:69:2D:45:53:49:85:3F:FC:70:FD:F7:D1
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0568BD45
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/lQ3Q20-BKrlpLUVTSYU__HD999E.roa
Signing time: Mon 30 May 2022 07:54:14 +0000
ROA not before: Mon 30 May 2022 07:54:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211936
IP address blocks: 85.239.151.0/24 maxlen: 24
85.239.149.0/24 maxlen: 24
85.239.148.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.156.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90750277 (0x568bd45)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 30 07:54:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=950dd0db4f812ab9692d455349853ffc70fdf7d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:de:7e:12:53:b1:cb:2f:30:ff:01:ad:0f:84:
cb:b9:8c:07:2b:51:3e:4f:01:3f:ba:5f:3f:6b:04:
7d:ad:ea:43:46:56:89:3c:ea:e5:d5:dd:5f:85:f3:
96:04:92:86:5f:b2:54:cc:a1:14:ab:43:0f:4d:a1:
f3:28:c6:d7:6a:19:a0:35:ad:34:db:11:9a:07:15:
7a:20:72:d4:40:67:08:ef:6f:4c:c6:11:f3:df:93:
29:43:35:bf:e2:94:9e:76:30:bd:a8:eb:fb:7b:1a:
be:0c:56:0b:d7:4f:55:f9:ba:45:69:9f:03:f8:6d:
63:2a:82:16:97:f5:22:f1:81:f5:31:f9:86:24:fc:
bc:9e:9c:44:29:c9:0a:cb:a8:00:a7:f5:b1:1e:c3:
8b:aa:a2:73:aa:d5:39:12:09:42:f2:60:58:a7:a0:
50:b7:5e:93:ca:0d:60:5e:e4:77:fe:cc:47:eb:8f:
96:af:9f:e7:76:42:22:0f:9a:0f:65:7b:40:1e:ad:
fa:5a:c0:61:3c:d8:eb:b9:bb:2c:79:03:6c:85:0d:
28:6a:58:5b:8a:a8:18:9d:19:d0:9f:ca:8c:24:b6:
d1:5a:31:db:cd:ff:68:75:8e:44:af:6c:70:c0:aa:
23:cc:6b:22:6e:1e:00:19:55:64:de:da:05:ba:1c:
96:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0D:D0:DB:4F:81:2A:B9:69:2D:45:53:49:85:3F:FC:70:FD:F7:D1
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/lQ3Q20-BKrlpLUVTSYU__HD999E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.148.0/23
85.239.151.0/24
185.95.156.0/23
185.95.159.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e3:80:42:44:a7:5d:dd:5a:a4:a4:0a:ff:44:72:97:19:c0:
53:a5:ad:aa:ce:d4:5f:55:72:4c:c7:1b:5c:20:cd:b8:e9:f3:
b5:f8:72:00:fa:cc:49:6d:13:17:7e:77:c1:80:9c:39:4f:4e:
2a:ce:90:1c:ec:9b:c0:de:c7:b7:d3:25:d8:f9:15:a7:bc:ca:
b6:03:69:50:e7:30:a1:05:a8:dd:af:34:51:27:e7:7d:18:e0:
cd:82:44:ab:da:d1:9d:5b:10:6f:20:91:c8:8f:27:0c:a6:08:
12:6a:a1:b0:0e:57:c4:d6:fc:77:78:01:a8:de:1c:a0:aa:e9:
0e:58:41:04:90:14:ca:8e:7c:c9:0b:13:9a:ec:70:66:ca:87:
2d:07:a0:e7:6e:2a:80:44:37:99:00:bf:d3:62:3f:47:42:e2:
9a:c1:24:ef:10:18:66:6c:55:ca:e7:3e:59:db:30:e3:99:cb:
0a:fc:b2:88:09:a9:f4:31:59:b7:8c:aa:a8:ab:45:77:e2:4c:
f5:53:ef:de:b3:a4:cb:20:95:de:4c:1c:86:44:95:9f:93:38:
d6:a4:cd:1c:41:9b:64:fe:bc:61:2a:1a:e6:9d:38:a3:b6:0e:
f7:30:ba:49:9f:66:1f:e4:84:6a:c9:06:96:0b:52:91:d1:b0:
b6:89:fb:c0
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBWi9RTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWQyZGFmZjFjNWJiNjFhMGFjOGIzY2FlYWQ0YjhhMWZhMjg0ZDBmMB4XDTIyMDUz
MDA3NTQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUwZGQwZGI0Zjgx
MmFiOTY5MmQ0NTUzNDk4NTNmZmM3MGZkZjdkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANPefhJTscsvMP8BrQ+Ey7mMBytRPk8BP7pfP2sEfa3qQ0ZW
iTzq5dXdX4XzlgSShl+yVMyhFKtDD02h8yjG12oZoDWtNNsRmgcVeiBy1EBnCO9v
TMYR89+TKUM1v+KUnnYwvajr+3savgxWC9dPVfm6RWmfA/htYyqCFpf1IvGB9TH5
hiT8vJ6cRCnJCsuoAKf1sR7Di6qic6rVORIJQvJgWKegULdek8oNYF7kd/7MR+uP
lq+f53ZCIg+aD2V7QB6t+lrAYTzY67m7LHkDbIUNKGpYW4qoGJ0Z0J/KjCS20Vox
283/aHWORK9scMCqI8xrIm4eABlVZN7aBboclpsCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBSVDdDbT4EquWktRVNJhT/8cP330TAfBgNVHSMEGDAWgBQp0tr/HFu2GgrI
s8rq1Lih+ihNDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8x
L2xRM1EyMC1CS3JscExVVlRTWVVfX0hEOTk5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDcv
ZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNhYS8xL0tkTGFfeHhidGhv
S3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVXvlAMEAFXvlwMEAblfnAMEALlf
nzANBgkqhkiG9w0BAQsFAAOCAQEAfeOAQkSnXd1apKQK/0RylxnAU6Wtqs7UX1Vy
TMcbXCDNuOnztfhyAPrMSW0TF353wYCcOU9OKs6QHOybwN7Ht9Ml2PkVp7zKtgNp
UOcwoQWo3a80USfnfRjgzYJEq9rRnVsQbyCRyI8nDKYIEmqhsA5XxNb8d3gBqN4c
oKrpDlhBBJAUyo58yQsTmuxwZsqHLQeg524qgEQ3mQC/02I/R0LimsEk7xAYZmxV
yuc+Wdsw45nLCvyyiAmp9DFZt4yqqKtFd+JM9VPv3rOkyyCV3kwchkSVn5M41qTN
HEGbZP68YSoa5p04o7YO9zC6SZ9mH+SEaskGlgtSkdGwton7wA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org