Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lcxtqccaUDWvFXyFDtr1qRY2xhU.roa
File: lcxtqccaUDWvFXyFDtr1qRY2xhU.roa (raw, json)
Hash identifier: a4rd5Bs3ppPK0jVJoTUVkK8mJgasqcRpXFe21PPA/2E=
Subject key identifier: 95:CC:6D:A9:C7:1A:50:35:AF:15:7C:85:0E:DA:F5:A9:16:36:C6:15
Certificate issuer: /CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Certificate serial: 0A06573E
Authority key identifier: 39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lcxtqccaUDWvFXyFDtr1qRY2xhU.roa
Signing time: Sat 01 Jan 2022 13:55:08 +0000
ROA not before: Sat 01 Jan 2022 13:55:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29286
IP address blocks: 90.159.208.0/20 maxlen: 20
90.159.224.0/21 maxlen: 21
90.159.224.0/20 maxlen: 20
90.159.220.0/24 maxlen: 24
90.159.232.0/22 maxlen: 22
90.159.236.0/22 maxlen: 22
90.159.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 168187710 (0xa06573e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3919f2ad91584baff0467447bac8fb978d1f9dd3
Validity
Not Before: Jan 1 13:55:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95cc6da9c71a5035af157c850edaf5a91636c615
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c5:fd:23:a7:65:19:56:00:c5:9d:58:ec:84:
bb:d4:9f:15:8f:4a:5e:76:99:85:2a:4e:60:ba:4e:
d8:a2:59:64:d6:bc:21:3a:0d:e2:35:1b:6f:ae:69:
e4:c4:b8:1c:10:7e:2c:80:c9:e9:12:95:80:fa:27:
cf:89:8f:37:b9:f5:02:91:c3:4b:b4:0f:40:fe:cd:
e1:11:85:f4:ee:9f:6b:69:f9:52:00:93:d6:fe:19:
d7:d9:ad:33:5d:aa:ed:69:37:3b:ba:11:9f:7f:a1:
b2:b5:07:54:74:b5:8f:10:f4:3e:4f:c8:68:9c:ab:
0e:60:77:6e:48:b7:39:7e:1b:36:b7:7c:2e:f0:49:
6b:37:ca:ac:51:56:21:9a:0a:ea:af:52:ee:4e:73:
ce:01:53:a0:18:6a:88:52:b0:60:1f:76:5e:9f:f1:
e5:e2:da:e8:f3:dc:a7:c5:a3:94:8b:24:ca:b8:58:
93:ab:1c:69:45:2a:e9:a8:84:25:e2:7e:5d:c4:51:
05:ec:36:d1:2a:80:59:c5:4f:73:0d:ea:37:8e:03:
e6:e2:08:0a:c5:55:83:c8:f8:6f:7c:7f:4f:ab:70:
8e:a8:7d:49:2f:90:d5:9f:11:8e:37:2c:79:5c:e3:
66:3b:bc:cf:57:67:ea:aa:ec:70:e4:7c:e9:2a:9e:
94:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:CC:6D:A9:C7:1A:50:35:AF:15:7C:85:0E:DA:F5:A9:16:36:C6:15
X509v3 Authority Key Identifier:
keyid:39:19:F2:AD:91:58:4B:AF:F0:46:74:47:BA:C8:FB:97:8D:1F:9D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORnyrZFYS6_wRnRHusj7l40fndM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/lcxtqccaUDWvFXyFDtr1qRY2xhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9118e2-ae74-4c24-a775-32aa6731c291/1/ORnyrZFYS6_wRnRHusj7l40fndM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.159.28.0/24
90.159.208.0-90.159.239.255
Signature Algorithm: sha256WithRSAEncryption
0d:5b:47:10:38:a2:96:ee:96:c6:e7:14:65:ec:c3:70:ed:16:
b9:88:b5:4d:9c:b5:7c:91:3d:9a:54:4a:2f:39:01:f0:c6:38:
8b:1a:c8:35:fe:c6:86:6b:c2:ff:73:34:d1:1c:49:c9:03:4c:
06:c3:72:85:8f:88:3a:b0:98:30:13:da:f4:a0:a8:82:7f:6a:
fb:a8:77:70:1f:c2:15:08:f1:ce:a0:15:24:0d:2d:ae:69:2a:
7b:d2:fa:1a:77:d5:15:03:65:a6:87:2f:28:27:52:28:b5:70:
90:0c:f6:35:f1:71:27:e1:ea:d9:d4:dc:e4:38:25:23:58:31:
6f:40:81:17:4f:28:8f:c8:d6:77:03:8c:3b:9f:c6:0f:bd:8d:
5e:7d:0a:53:a3:36:44:6b:cf:5c:29:a2:91:b3:a9:54:be:59:
5d:54:22:6e:40:fd:d2:6f:61:88:13:7e:4e:bf:d3:44:c8:dc:
94:00:2f:f6:3b:b3:08:bf:3f:20:89:4f:3c:bc:83:e3:f2:d8:
dc:34:9d:2f:92:7a:a7:f2:66:7c:32:bc:79:e8:bb:6e:f0:eb:
ca:f4:11:ed:69:be:6b:78:84:8c:14:e2:6b:d7:d3:a8:ef:fc:
b6:fc:b8:1f:cb:4f:1b:bc:e8:2e:f2:b9:6b:5b:ac:5e:d9:be:
4b:b6:cb:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIECgZXPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OTE5ZjJhZDkxNTg0YmFmZjA0Njc0NDdiYWM4ZmI5NzhkMWY5ZGQzMB4XDTIyMDEw
MTEzNTUwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVjYzZkYTljNzFh
NTAzNWFmMTU3Yzg1MGVkYWY1YTkxNjM2YzYxNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjF/SOnZRlWAMWdWOyEu9SfFY9KXnaZhSpOYLpO2KJZZNa8
IToN4jUbb65p5MS4HBB+LIDJ6RKVgPonz4mPN7n1ApHDS7QPQP7N4RGF9O6fa2n5
UgCT1v4Z19mtM12q7Wk3O7oRn3+hsrUHVHS1jxD0Pk/IaJyrDmB3bki3OX4bNrd8
LvBJazfKrFFWIZoK6q9S7k5zzgFToBhqiFKwYB92Xp/x5eLa6PPcp8WjlIskyrhY
k6scaUUq6aiEJeJ+XcRRBew20SqAWcVPcw3qN44D5uIICsVVg8j4b3x/T6twjqh9
SS+Q1Z8RjjcseVzjZju8z1dn6qrscOR86SqelL8CAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBSVzG2pxxpQNa8VfIUO2vWpFjbGFTAfBgNVHSMEGDAWgBQ5GfKtkVhLr/BG
dEe6yPuXjR+d0zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09SbnlyWkZZUzZfd1JuUkh1c2o3bDQwZm5kTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvOTExOGUyLWFlNzQtNGMyNC1hNzc1LTMyYWE2NzMxYzI5MS8x
L2xjeHRxY2NhVURXdkZYeUZEdHIxcVJZMnhoVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
OTExOGUyLWFlNzQtNGMyNC1hNzc1LTMyYWE2NzMxYzI5MS8xL09SbnlyWkZZUzZf
d1JuUkh1c2o3bDQwZm5kTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEAFqfHDAMAwQEWp/QAwQEWp/gMA0G
CSqGSIb3DQEBCwUAA4IBAQANW0cQOKKW7pbG5xRl7MNw7Ra5iLVNnLV8kT2aVEov
OQHwxjiLGsg1/saGa8L/czTRHEnJA0wGw3KFj4g6sJgwE9r0oKiCf2r7qHdwH8IV
CPHOoBUkDS2uaSp70voad9UVA2Wmhy8oJ1IotXCQDPY18XEn4erZ1NzkOCUjWDFv
QIEXTyiPyNZ3A4w7n8YPvY1efQpTozZEa89cKaKRs6lUvlldVCJuQP3Sb2GIE35O
v9NEyNyUAC/2O7MIvz8giU88vIPj8tjcNJ0vknqn8mZ8Mrx56Ltu8OvK9BHtab5r
eISMFOJr19Oo7/y2/Lgfy08bvOgu8rlrW6xe2b5Ltsvi
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:14 2024 by rpki-client on console-fra.rpki-client.org