Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/LFKlcNpnCoL-UObyuaWpITHSA04.roa
File: LFKlcNpnCoL-UObyuaWpITHSA04.roa (raw, json)
Hash identifier: H+OnL39vKzkKlfb8FmkqpRwqrJQMBtif3+Dag9ZJBS4=
Subject key identifier: 2C:52:A5:70:DA:67:0A:82:FE:50:E6:F2:B9:A5:A9:21:31:D2:03:4E
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 44725767
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/LFKlcNpnCoL-UObyuaWpITHSA04.roa
Signing time: Sat 01 Jan 2022 03:58:21 +0000
ROA not before: Sat 01 Jan 2022 03:58:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12601
IP address blocks: 195.101.164.0/23 maxlen: 23
195.101.166.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1148344167 (0x44725767)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 03:58:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c52a570da670a82fe50e6f2b9a5a92131d2034e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:e4:27:71:62:7f:70:3c:47:9e:96:d9:39:07:
69:34:e4:94:88:71:5b:c2:46:0f:16:f3:23:7f:93:
cb:fd:4c:85:bf:fc:03:c4:20:1e:fc:7f:65:ae:9f:
94:93:dd:c4:61:0b:00:68:8a:fd:06:65:90:05:7c:
21:bd:ad:04:66:d1:0d:d9:0f:80:f2:8c:23:4e:86:
34:8f:4b:76:db:05:cf:40:05:9b:e5:61:ba:67:6b:
c3:40:f4:b2:c1:01:c4:86:f2:ea:99:e9:cd:0f:cd:
58:4b:e8:20:34:e8:d0:2b:d5:00:c3:ea:6d:c5:59:
8e:cf:9c:d9:4e:99:8c:a3:7c:9f:2e:2e:5a:ed:2e:
9e:02:58:f4:c6:dd:45:9b:7d:8a:b2:62:24:f9:0c:
5a:c4:43:4d:cd:ff:9b:4f:2d:c0:96:be:69:ce:6d:
13:a1:45:6b:7e:81:63:9e:cc:62:bb:57:5b:41:ed:
6a:6d:bc:8c:04:18:ff:87:b7:9f:24:35:da:56:63:
f4:ee:35:ff:62:e5:5e:ca:96:c9:e6:c4:73:9f:47:
54:a5:17:22:f5:7b:b3:e5:93:97:50:6c:b4:9e:43:
78:ff:d9:64:34:fb:b5:6a:eb:9f:8e:a4:a5:11:26:
52:19:f7:eb:db:00:70:7e:e5:e2:a9:3d:ae:56:e9:
ba:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:52:A5:70:DA:67:0A:82:FE:50:E6:F2:B9:A5:A9:21:31:D2:03:4E
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/LFKlcNpnCoL-UObyuaWpITHSA04.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.101.164.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:1b:3b:fd:6e:04:90:3e:0f:34:11:9c:de:21:7f:c2:93:e4:
b7:83:dd:e8:79:30:17:82:10:56:90:b5:29:ad:31:1b:b5:9d:
25:d2:67:44:3a:ba:89:57:15:d7:ae:63:57:45:e1:27:84:bd:
56:01:05:f5:60:43:b3:66:76:a2:4e:85:3e:54:06:a7:3c:f5:
11:e5:9c:46:9e:4b:45:c2:cf:62:7d:75:f5:a4:00:76:16:55:
d3:97:f1:b8:b5:20:71:54:64:38:ff:35:5b:13:4a:7c:2f:19:
d0:c5:14:a3:00:19:2b:02:19:c5:8d:9a:b9:e5:69:ec:dc:77:
34:51:47:b8:09:63:39:03:8f:01:ad:dd:06:44:bf:39:e4:68:
92:cc:21:04:38:37:7d:48:44:2d:d5:5d:f2:b9:42:dc:46:e0:
1f:05:1c:70:ff:67:d4:7d:85:ee:16:52:e6:bf:d0:a4:50:13:
83:df:ea:20:4c:5e:53:35:88:4e:68:ca:3e:f2:31:55:57:41:
aa:e8:be:ea:be:3e:a1:0c:a9:c8:d8:bd:0a:27:54:20:b0:27:
1b:f0:97:d1:88:c9:7e:ff:8d:8c:0c:82:f3:eb:32:aa:32:80:
97:3c:f1:07:69:97:60:7c:c6:24:80:46:df:36:ea:43:a2:49:
d3:e4:04:ad
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIERHJXZzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YWYwOWJhMzNiNWFlNTgxYjBkMjkzMjMyNDkzMTRmNzZhYTEwNTExMB4XDTIyMDEw
MTAzNTgyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM1MmE1NzBkYTY3
MGE4MmZlNTBlNmYyYjlhNWE5MjEzMWQyMDM0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOXkJ3Fif3A8R56W2TkHaTTklIhxW8JGDxbzI3+Ty/1Mhb/8
A8QgHvx/Za6flJPdxGELAGiK/QZlkAV8Ib2tBGbRDdkPgPKMI06GNI9LdtsFz0AF
m+Vhumdrw0D0ssEBxIby6pnpzQ/NWEvoIDTo0CvVAMPqbcVZjs+c2U6ZjKN8ny4u
Wu0ungJY9MbdRZt9irJiJPkMWsRDTc3/m08twJa+ac5tE6FFa36BY57MYrtXW0Ht
am28jAQY/4e3nyQ12lZj9O41/2LlXsqWyebEc59HVKUXIvV7s+WTl1BstJ5DeP/Z
ZDT7tWrrn46kpREmUhn369sAcH7l4qk9rlbpurcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsUqVw2mcKgv5Q5vK5pakhMdIDTjAfBgNVHSMEGDAWgBQ68JujO1rlgbDS
kyMkkxT3aqEFETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L092Q2JvenRhNVlHdzBwTWpKSk1VOTJxaEJSRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmIvMzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8x
L0xGS2xjTnBuQ29MLVVPYnl1YVdwSVRIU0EwNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmIv
MzNkNWQxLWM0NTAtNDEzYi1hZmU0LTQ1OTM1ZjUwNmExMi8xL092Q2JvenRhNVlH
dzBwTWpKSk1VOTJxaEJSRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsNlpDANBgkqhkiG9w0BAQsFAAOC
AQEAPhs7/W4EkD4PNBGc3iF/wpPkt4Pd6HkwF4IQVpC1Ka0xG7WdJdJnRDq6iVcV
165jV0XhJ4S9VgEF9WBDs2Z2ok6FPlQGpzz1EeWcRp5LRcLPYn119aQAdhZV05fx
uLUgcVRkOP81WxNKfC8Z0MUUowAZKwIZxY2aueVp7Nx3NFFHuAljOQOPAa3dBkS/
OeRokswhBDg3fUhELdVd8rlC3EbgHwUccP9n1H2F7hZS5r/QpFATg9/qIExeUzWI
TmjKPvIxVVdBqui+6r4+oQypyNi9CidUILAnG/CX0YjJfv+NjAyC8+syqjKAlzzx
B2mXYHzGJIBG3zbqQ6JJ0+QErQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:51 2024 by rpki-client on console-fra.rpki-client.org