Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/lo4FD6WmtG7AvqIlllY7qQqlwko.roa
File: lo4FD6WmtG7AvqIlllY7qQqlwko.roa (raw, json)
Hash identifier: g3gvNcHGm3FutVjpCja1SIFvyB5wt76SrKuzY6fJ9Xo=
Subject key identifier: 96:8E:05:0F:A5:A6:B4:6E:C0:BE:A2:25:96:56:3B:A9:0A:A5:C2:4A
Certificate issuer: /CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Certificate serial: 099DB65F
Authority key identifier: 0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/lo4FD6WmtG7AvqIlllY7qQqlwko.roa
Signing time: Mon 07 Mar 2022 08:42:19 +0000
ROA not before: Mon 07 Mar 2022 08:42:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9583
IP address blocks: 159.151.254.0/24 maxlen: 24
192.109.146.0/24 maxlen: 24
2a07:8145::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161330783 (0x99db65f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a37d807d4f7cdd3e0afe4abc8ee5a880c6090f1
Validity
Not Before: Mar 7 08:42:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=968e050fa5a6b46ec0bea22596563ba90aa5c24a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:99:d8:ea:79:5e:f2:9c:13:ee:08:82:78:b1:
8e:83:8c:e7:02:15:cf:c7:9e:a8:94:9c:76:a3:d6:
39:9e:2c:97:60:d3:7e:60:b0:ac:b3:d8:62:9d:c2:
42:f5:1c:ea:5d:58:d5:a4:ba:f9:c0:e2:25:1d:b1:
6b:53:95:d1:62:69:50:8e:ad:68:54:38:e3:ce:d3:
1f:4e:29:7f:35:0a:bc:62:b0:c4:b5:e8:f2:ff:19:
36:c0:29:a0:91:75:8c:68:b6:8e:5e:7d:f9:9e:e0:
bf:fc:a9:20:0c:92:02:61:fe:56:80:0e:44:4d:66:
ec:08:8a:14:67:e1:03:fa:c5:9b:4d:df:ab:99:89:
25:54:82:29:99:65:22:f5:2d:b2:a8:6d:01:5e:a2:
db:43:a5:9a:7c:42:bd:a8:8d:53:40:b2:c5:72:cf:
4c:8c:0d:e3:c3:d4:e8:7a:88:65:ba:56:4f:ac:05:
f2:0c:b0:8b:5d:c1:2e:9f:0c:f4:ad:16:49:34:bf:
34:23:5e:90:4c:42:19:e6:4e:92:89:55:0b:63:75:
49:c5:7c:7d:5c:02:db:1b:d6:77:ee:91:3d:a4:66:
9f:12:c2:ef:ac:fe:3d:ea:10:37:2c:0e:89:21:31:
24:de:99:97:7c:19:94:2e:e3:3a:af:a0:b4:52:f7:
42:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:8E:05:0F:A5:A6:B4:6E:C0:BE:A2:25:96:56:3B:A9:0A:A5:C2:4A
X509v3 Authority Key Identifier:
keyid:0A:37:D8:07:D4:F7:CD:D3:E0:AF:E4:AB:C8:EE:5A:88:0C:60:90:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CjfYB9T3zdPgr-SryO5aiAxgkPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/lo4FD6WmtG7AvqIlllY7qQqlwko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/bc268d-61f0-471f-aab9-800eda2cfb36/1/CjfYB9T3zdPgr-SryO5aiAxgkPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.151.254.0/24
192.109.146.0/24
IPv6:
2a07:8145::/36
Signature Algorithm: sha256WithRSAEncryption
1b:91:d8:42:6e:33:1f:9d:e8:d7:e2:f1:10:53:dc:67:ae:36:
a7:ed:0f:8d:09:c8:20:98:47:d2:f8:e4:81:a2:6c:89:61:d0:
ed:52:9a:ba:73:1f:e3:07:d1:e5:84:19:27:fd:80:66:ca:4b:
01:e6:a6:03:69:1e:6a:6a:af:77:aa:8d:9d:e2:31:9c:57:b1:
3f:8f:be:be:95:91:39:9b:7d:63:36:62:a2:c6:c5:0f:a3:f2:
e1:68:a0:6d:77:e0:cb:b5:f2:a0:f3:61:0e:c2:a6:42:69:f4:
c8:3f:07:75:de:d2:91:9e:5f:82:31:a9:74:33:31:f2:94:f2:
d3:42:55:f9:b8:61:fd:a0:03:88:6c:66:d0:72:d4:20:5b:49:
8d:85:62:93:b7:9a:18:bd:28:23:d8:df:d0:e1:7c:3d:ec:35:
4f:6a:05:bd:18:7f:f2:34:a6:bf:0f:ae:e9:2a:77:ba:05:51:
98:e7:44:b1:c8:02:9b:7d:47:96:ce:c0:79:d9:09:13:a9:b3:
e5:dc:cf:33:57:9f:31:a2:ee:90:65:1a:80:ee:fe:1f:d5:29:
31:ef:90:6c:00:58:c4:51:5a:4d:c7:86:7f:21:7b:92:30:0f:
20:4c:e6:14:cf:1c:47:d1:54:6a:1d:9c:13:ef:dd:10:ab:74:
90:0e:b2:bd
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECZ22XzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTM3ZDgwN2Q0ZjdjZGQzZTBhZmU0YWJjOGVlNWE4ODBjNjA5MGYxMB4XDTIyMDMw
NzA4NDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY4ZTA1MGZhNWE2
YjQ2ZWMwYmVhMjI1OTY1NjNiYTkwYWE1YzI0YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKqZ2Op5XvKcE+4IgnixjoOM5wIVz8eeqJScdqPWOZ4sl2DT
fmCwrLPYYp3CQvUc6l1Y1aS6+cDiJR2xa1OV0WJpUI6taFQ4487TH04pfzUKvGKw
xLXo8v8ZNsApoJF1jGi2jl59+Z7gv/ypIAySAmH+VoAORE1m7AiKFGfhA/rFm03f
q5mJJVSCKZllIvUtsqhtAV6i20OlmnxCvaiNU0CyxXLPTIwN48PU6HqIZbpWT6wF
8gywi13BLp8M9K0WSTS/NCNekExCGeZOkolVC2N1ScV8fVwC2xvWd+6RPaRmnxLC
76z+PeoQNywOiSExJN6Zl3wZlC7jOq+gtFL3QkcCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBSWjgUPpaa0bsC+oiWWVjupCqXCSjAfBgNVHSMEGDAWgBQKN9gH1PfN0+Cv
5KvI7lqIDGCQ8TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NqZllCOVQzemRQZ3ItU3J5TzVhaUF4Z2tQRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODgvYmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8x
L2xvNEZENldtdEc3QXZxSWxsbFk3cVFxbHdrby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODgv
YmMyNjhkLTYxZjAtNDcxZi1hYWI5LTgwMGVkYTJjZmIzNi8xL0NqZllCOVQzemRQ
Z3ItU3J5TzVhaUF4Z2tQRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwEgQCAAEwDAMEAJ+X/gMEAMBtkjAOBAIAAjAIAwYE
KgeBRQAwDQYJKoZIhvcNAQELBQADggEBABuR2EJuMx+d6Nfi8RBT3GeuNqftD40J
yCCYR9L45IGibIlh0O1SmrpzH+MH0eWEGSf9gGbKSwHmpgNpHmpqr3eqjZ3iMZxX
sT+Pvr6VkTmbfWM2YqLGxQ+j8uFooG134Mu18qDzYQ7CpkJp9Mg/B3Xe0pGeX4Ix
qXQzMfKU8tNCVfm4Yf2gA4hsZtBy1CBbSY2FYpO3mhi9KCPY39DhfD3sNU9qBb0Y
f/I0pr8Prukqd7oFUZjnRLHIApt9R5bOwHnZCROps+XczzNXnzGi7pBlGoDu/h/V
KTHvkGwAWMRRWk3Hhn8he5IwDyBM5hTPHEfRVGodnBPv3RCrdJAOsr0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:54 2024 by rpki-client on console-fra.rpki-client.org