Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/LtDB3U80ZnW4gBC7WqC8_GO4xEo.roa
File: LtDB3U80ZnW4gBC7WqC8_GO4xEo.roa (raw, json)
Hash identifier: veFNsxDhnxV+nX9h1uVSv12CsOVQPuplUT+VBUbVM0c=
Subject key identifier: 2E:D0:C1:DD:4F:34:66:75:B8:80:10:BB:5A:A0:BC:FC:63:B8:C4:4A
Certificate issuer: /CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Certificate serial: 0A3AB19C
Authority key identifier: C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/LtDB3U80ZnW4gBC7WqC8_GO4xEo.roa
Signing time: Sat 01 Jan 2022 08:56:46 +0000
ROA not before: Sat 01 Jan 2022 08:56:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202701
IP address blocks: 194.5.100.0/22 maxlen: 24
185.156.204.0/22 maxlen: 24
2a07:a106::/32 maxlen: 32
2a07:a104::/32 maxlen: 32
2a0c:e840::/29 maxlen: 29
2a07:a105::/32 maxlen: 32
2a07:a107::/32 maxlen: 32
2a07:a100::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 171618716 (0xa3ab19c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8f258ce203e04a33f4e90651153b259cffa3e88
Validity
Not Before: Jan 1 08:56:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ed0c1dd4f346675b88010bb5aa0bcfc63b8c44a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:33:55:2b:6a:e6:f7:55:c8:89:72:75:bb:fc:
95:ac:d4:8e:0b:13:7c:5b:0b:9b:d4:41:b1:55:0a:
69:f2:ee:8c:cf:99:65:82:b8:7e:d0:8e:5f:cf:36:
b7:9f:e8:b0:d4:3e:6b:78:7a:87:bd:d9:0e:35:26:
d9:27:32:f5:13:aa:3e:cd:20:19:25:09:6e:0e:a0:
99:59:e3:b8:45:c4:fb:86:ab:bf:3b:3b:51:4a:ae:
1b:37:ef:97:29:86:69:2c:4b:57:62:a1:89:8f:03:
cb:07:4d:d8:f9:83:aa:80:9e:1c:e5:1b:f9:d5:62:
06:b1:79:77:eb:0d:f9:95:0a:39:9a:d7:61:88:0e:
3d:8c:f1:c2:cc:c1:44:f9:34:68:a1:62:29:98:23:
99:33:c7:bb:91:fa:a0:38:98:44:b2:a0:5b:df:f8:
51:89:c9:4b:1f:68:c4:ed:9e:fa:4a:19:9b:65:63:
d5:0c:b8:54:b0:33:b8:d0:43:d4:41:64:a8:48:3f:
14:70:7c:3d:50:4b:4d:24:44:4d:7f:8f:29:b6:92:
89:82:df:17:2a:9e:58:bf:10:c0:c6:92:89:03:35:
3d:dc:22:4d:9d:89:8a:8a:12:a1:84:a1:88:5d:6a:
3e:ef:ee:4f:29:b4:f9:8e:cd:96:9c:12:77:a7:3a:
51:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D0:C1:DD:4F:34:66:75:B8:80:10:BB:5A:A0:BC:FC:63:B8:C4:4A
X509v3 Authority Key Identifier:
keyid:C8:F2:58:CE:20:3E:04:A3:3F:4E:90:65:11:53:B2:59:CF:FA:3E:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yPJYziA-BKM_TpBlEVOyWc_6Pog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/LtDB3U80ZnW4gBC7WqC8_GO4xEo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/1f3c4d-59e4-4937-bc14-6c88bfa7b55c/1/yPJYziA-BKM_TpBlEVOyWc_6Pog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.204.0/22
194.5.100.0/22
IPv6:
2a07:a100::/29
2a0c:e840::/29
Signature Algorithm: sha256WithRSAEncryption
3f:ac:63:63:77:36:b6:be:a6:d1:12:f3:9a:d9:25:2a:bb:c4:
89:97:18:11:c8:b2:9f:56:ed:d7:07:53:c4:39:af:74:fc:d7:
a2:8b:ba:5a:64:40:92:92:27:b4:f2:36:87:af:ad:dc:d2:a0:
26:de:83:e8:17:94:10:ee:c5:e6:e2:36:d4:67:12:d8:7f:1f:
03:30:20:52:33:7b:3e:a1:41:8d:5b:f7:a4:74:4a:c5:b6:4f:
2e:3b:52:3f:8c:2c:9a:dc:6b:57:fa:bf:ab:d2:7c:dc:54:e6:
2d:05:d0:61:96:50:bd:30:26:76:a3:9e:58:16:ae:ff:d0:4f:
db:c1:41:0f:1c:32:1f:56:bc:41:5e:33:ac:02:55:09:59:e3:
cd:08:05:2e:4c:d8:2c:1a:bd:58:d8:73:ce:38:f5:51:ef:37:
0e:4a:18:77:66:45:e7:79:47:3a:ae:77:67:53:46:c2:be:8a:
b5:97:2d:8e:f7:aa:6f:5e:7d:1e:d7:03:07:8e:d6:bf:f6:29:
6d:45:4b:f2:de:e3:7f:ff:5a:ba:84:1a:3e:ef:a1:17:a3:86:
a8:be:fc:0e:d9:f1:94:f0:c7:46:85:d6:bd:5b:62:b7:26:6b:
c9:1a:0a:cc:b7:7e:65:56:3e:3d:ce:92:4c:f3:22:ff:3c:5f:
df:19:23:0e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIECjqxnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
OGYyNThjZTIwM2UwNGEzM2Y0ZTkwNjUxMTUzYjI1OWNmZmEzZTg4MB4XDTIyMDEw
MTA4NTY0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVkMGMxZGQ0ZjM0
NjY3NWI4ODAxMGJiNWFhMGJjZmM2M2I4YzQ0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKUzVStq5vdVyIlydbv8lazUjgsTfFsLm9RBsVUKafLujM+Z
ZYK4ftCOX882t5/osNQ+a3h6h73ZDjUm2Scy9ROqPs0gGSUJbg6gmVnjuEXE+4ar
vzs7UUquGzfvlymGaSxLV2KhiY8DywdN2PmDqoCeHOUb+dViBrF5d+sN+ZUKOZrX
YYgOPYzxwszBRPk0aKFiKZgjmTPHu5H6oDiYRLKgW9/4UYnJSx9oxO2e+koZm2Vj
1Qy4VLAzuNBD1EFkqEg/FHB8PVBLTSRETX+PKbaSiYLfFyqeWL8QwMaSiQM1Pdwi
TZ2JiooSoYShiF1qPu/uTym0+Y7NlpwSd6c6UfUCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQu0MHdTzRmdbiAELtaoLz8Y7jESjAfBgNVHSMEGDAWgBTI8ljOID4Eoz9O
kGURU7JZz/o+iDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lQSll6aUEtQktNX1RwQmxFVk95V2NfNlBvZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMWYzYzRkLTU5ZTQtNDkzNy1iYzE0LTZjODhiZmE3YjU1Yy8x
L0x0REIzVTgwWm5XNGdCQzdXcUM4X0dPNHhFby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MWYzYzRkLTU5ZTQtNDkzNy1iYzE0LTZjODhiZmE3YjU1Yy8xL3lQSll6aUEtQktN
X1RwQmxFVk95V2NfNlBvZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArmczAMEAsIFZDAUBAIAAjAOAwUD
KgehAAMFAyoM6EAwDQYJKoZIhvcNAQELBQADggEBAD+sY2N3Nra+ptES85rZJSq7
xImXGBHIsp9W7dcHU8Q5r3T816KLulpkQJKSJ7TyNoevrdzSoCbeg+gXlBDuxebi
NtRnEth/HwMwIFIzez6hQY1b96R0SsW2Ty47Uj+MLJrca1f6v6vSfNxU5i0F0GGW
UL0wJnajnlgWrv/QT9vBQQ8cMh9WvEFeM6wCVQlZ480IBS5M2CwavVjYc8449VHv
Nw5KGHdmRed5Rzqud2dTRsK+irWXLY73qm9efR7XAweO1r/2KW1FS/Le43//WrqE
Gj7voRejhqi+/A7Z8ZTwx0aF1r1bYrcma8kaCsy3fmVWPj3OkkzzIv88X98ZIw4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:00 2024 by rpki-client on console-ams.rpki-client.org