Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/136492-21de-4ab2-a436-88c2cd00848d/1/LdLwsC4jDE_1y_C2lMh1pJ8twPY.roa
File: LdLwsC4jDE_1y_C2lMh1pJ8twPY.roa (raw, json)
Hash identifier: 9ZfSaHZxWwRostIJjFmSovhP0SL3r+X53LtcVPzXMCw=
Subject key identifier: 2D:D2:F0:B0:2E:23:0C:4F:F5:CB:F0:B6:94:C8:75:A4:9F:2D:C0:F6
Certificate issuer: /CN=db0a55a3ed6aaeff9ab02253917ac99d1537026c
Certificate serial: 059C3C79
Authority key identifier: DB:0A:55:A3:ED:6A:AE:FF:9A:B0:22:53:91:7A:C9:9D:15:37:02:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2wpVo-1qrv-asCJTkXrJnRU3Amw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/136492-21de-4ab2-a436-88c2cd00848d/1/LdLwsC4jDE_1y_C2lMh1pJ8twPY.roa
Signing time: Sat 01 Jan 2022 04:02:10 +0000
ROA not before: Sat 01 Jan 2022 04:02:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34402
IP address blocks: 91.203.52.0/24 maxlen: 24
91.203.53.0/24 maxlen: 24
91.203.54.0/24 maxlen: 24
91.203.55.0/24 maxlen: 24
91.203.52.0/22 maxlen: 22
91.227.56.0/24 maxlen: 24
91.227.57.0/24 maxlen: 24
91.227.58.0/24 maxlen: 24
91.227.56.0/22 maxlen: 22
91.227.59.0/24 maxlen: 24
195.225.76.0/24 maxlen: 24
195.225.77.0/24 maxlen: 24
195.225.76.0/22 maxlen: 22
195.225.78.0/24 maxlen: 24
195.225.79.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 94125177 (0x59c3c79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db0a55a3ed6aaeff9ab02253917ac99d1537026c
Validity
Not Before: Jan 1 04:02:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dd2f0b02e230c4ff5cbf0b694c875a49f2dc0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:89:6c:a7:69:63:7b:23:bf:d4:3c:91:ef:
02:12:73:a7:aa:f6:70:9a:be:67:0f:fb:22:22:8e:
ad:84:7a:d8:d7:ad:93:b0:a5:e0:1d:30:5c:72:52:
99:b8:72:d4:22:2a:1f:d6:ae:40:e2:2a:eb:9a:af:
29:00:3b:e8:bc:98:a2:78:e0:4c:9c:08:7e:62:16:
83:36:72:3a:14:ad:21:23:5b:98:4c:2d:60:32:ce:
6f:69:d0:ea:8f:e1:e9:54:e2:ab:9e:b2:0a:b3:37:
14:a6:76:13:a6:d0:2b:2c:ba:f4:32:82:aa:4a:64:
c1:5c:8e:cf:3f:3b:0a:aa:be:27:81:a1:e8:7a:e6:
e8:fe:d5:a2:bb:61:75:dc:cc:4e:65:8f:07:15:a4:
11:cc:6f:79:8d:c7:08:8d:10:f6:ef:14:e0:65:3c:
ad:a5:62:e3:31:a5:c4:e2:fd:c8:14:38:38:14:67:
2e:7d:85:a3:ba:2a:5c:2c:a1:59:fe:5f:7e:aa:c5:
84:50:a1:89:d1:a8:34:22:1d:9b:c7:3d:d0:85:ff:
12:8d:65:33:78:b9:ee:a0:b8:c4:4b:45:b3:9f:b5:
39:12:6e:28:7a:3c:f2:11:2b:d9:5c:4c:ba:e7:b1:
7b:7a:1f:93:be:e9:88:53:44:94:e1:5b:e2:6e:06:
ae:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D2:F0:B0:2E:23:0C:4F:F5:CB:F0:B6:94:C8:75:A4:9F:2D:C0:F6
X509v3 Authority Key Identifier:
keyid:DB:0A:55:A3:ED:6A:AE:FF:9A:B0:22:53:91:7A:C9:9D:15:37:02:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2wpVo-1qrv-asCJTkXrJnRU3Amw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/136492-21de-4ab2-a436-88c2cd00848d/1/LdLwsC4jDE_1y_C2lMh1pJ8twPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/136492-21de-4ab2-a436-88c2cd00848d/1/2wpVo-1qrv-asCJTkXrJnRU3Amw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.52.0/22
91.227.56.0/22
195.225.76.0/22
Signature Algorithm: sha256WithRSAEncryption
66:3b:76:1e:55:12:a4:23:62:27:33:4f:98:63:f9:06:45:31:
70:f5:96:fd:b7:e1:aa:86:22:23:24:ae:86:e9:78:7f:a9:ab:
8c:32:93:95:f6:57:67:9a:46:5b:67:33:18:81:b7:2b:a7:21:
a5:30:7b:c5:5e:d7:72:e4:8f:a5:4d:14:2c:5e:6f:d1:73:cf:
a3:27:68:9a:be:f8:87:5e:c4:ea:ba:ff:37:1f:50:f3:57:eb:
aa:a1:3e:e0:6b:95:20:50:8d:fd:b1:35:0d:de:85:a4:eb:09:
2c:ef:b4:b6:1d:cb:19:d3:73:0d:49:62:14:d9:27:9c:17:55:
6f:d7:9b:a1:54:73:0a:ca:04:95:ca:29:36:ee:c1:eb:82:40:
f6:8d:94:26:24:de:5e:cb:03:75:90:5f:f5:75:6d:38:25:5f:
39:14:10:93:7b:af:fc:e5:46:ec:96:9a:d7:cc:ff:40:0b:05:
8f:f6:1d:e9:37:fc:df:16:40:03:2a:8b:ef:d4:8b:50:42:62:
4d:e6:76:1c:a6:2e:9a:08:30:ec:90:56:35:d1:e7:26:d1:74:
a2:6a:b0:ae:4d:72:52:22:e8:3d:33:24:cc:b4:11:a5:bc:c2:
d9:0f:9f:d0:73:a2:55:a9:09:97:95:79:cc:0c:76:56:fb:06:
8a:f4:a8:b5
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEBZw8eTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YjBhNTVhM2VkNmFhZWZmOWFiMDIyNTM5MTdhYzk5ZDE1MzcwMjZjMB4XDTIyMDEw
MTA0MDIxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRkMmYwYjAyZTIz
MGM0ZmY1Y2JmMGI2OTRjODc1YTQ5ZjJkYzBmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJq3iWynaWN7I7/UPJHvAhJzp6r2cJq+Zw/7IiKOrYR62Net
k7Cl4B0wXHJSmbhy1CIqH9auQOIq65qvKQA76LyYonjgTJwIfmIWgzZyOhStISNb
mEwtYDLOb2nQ6o/h6VTiq56yCrM3FKZ2E6bQKyy69DKCqkpkwVyOzz87Cqq+J4Gh
6Hrm6P7VorthddzMTmWPBxWkEcxveY3HCI0Q9u8U4GU8raVi4zGlxOL9yBQ4OBRn
Ln2Fo7oqXCyhWf5ffqrFhFChidGoNCIdm8c90IX/Eo1lM3i57qC4xEtFs5+1ORJu
KHo88hEr2VxMuuexe3ofk77piFNElOFb4m4GrtcCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQt0vCwLiMMT/XL8LaUyHWkny3A9jAfBgNVHSMEGDAWgBTbClWj7Wqu/5qw
IlOResmdFTcCbDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJ3cFZvLTFxcnYtYXNDSlRrWHJKblJVM0Ftdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvMTM2NDkyLTIxZGUtNGFiMi1hNDM2LTg4YzJjZDAwODQ4ZC8x
L0xkTHdzQzRqREVfMXlfQzJsTWgxcEo4dHdQWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
MTM2NDkyLTIxZGUtNGFiMi1hNDM2LTg4YzJjZDAwODQ4ZC8xLzJ3cFZvLTFxcnYt
YXNDSlRrWHJKblJVM0Ftdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlvLNAMEAlvjOAMEAsPhTDANBgkq
hkiG9w0BAQsFAAOCAQEAZjt2HlUSpCNiJzNPmGP5BkUxcPWW/bfhqoYiIySuhul4
f6mrjDKTlfZXZ5pGW2czGIG3K6chpTB7xV7XcuSPpU0ULF5v0XPPoydomr74h17E
6rr/Nx9Q81frqqE+4GuVIFCN/bE1Dd6FpOsJLO+0th3LGdNzDUliFNknnBdVb9eb
oVRzCsoElcopNu7B64JA9o2UJiTeXssDdZBf9XVtOCVfORQQk3uv/OVG7Jaa18z/
QAsFj/Yd6Tf83xZAAyqL79SLUEJiTeZ2HKYumggw7JBWNdHnJtF0omqwrk1yUiLo
PTMkzLQRpbzC2Q+f0HOiVakJl5V5zAx2VvsGivSotQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:38 2024 by rpki-client on console-fra.rpki-client.org