Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/LgxeHYA6gt99UnLfHftaoq02_Cc.roa
File: LgxeHYA6gt99UnLfHftaoq02_Cc.roa (raw, json)
Hash identifier: bpTjHj/W2sKKCMDxMU0cM3hwNAmzHKclr6JSIamOEBE=
Subject key identifier: 2E:0C:5E:1D:80:3A:82:DF:7D:52:72:DF:1D:FB:5A:A2:AD:36:FC:27
Certificate issuer: /CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Certificate serial: 0A45AE75
Authority key identifier: BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/LgxeHYA6gt99UnLfHftaoq02_Cc.roa
Signing time: Sat 01 Jan 2022 05:53:50 +0000
ROA not before: Sat 01 Jan 2022 05:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35332
IP address blocks: 87.236.0.0/21 maxlen: 24
77.242.112.0/20 maxlen: 24
188.92.56.0/21 maxlen: 24
37.235.112.0/21 maxlen: 24
185.113.212.0/22 maxlen: 24
139.28.200.0/22 maxlen: 24
2a00:a000::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172338805 (0xa45ae75)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf809a7e6ca14d0a1a976673e0319e34e956ed3d
Validity
Not Before: Jan 1 05:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e0c5e1d803a82df7d5272df1dfb5aa2ad36fc27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:e9:87:85:ba:b8:59:e9:24:f2:19:c5:2f:45:
48:57:2f:a1:a6:79:22:fa:2b:9d:3b:5c:45:d5:90:
d7:ee:c7:5c:dd:a5:a0:13:be:ab:07:94:c4:ef:2c:
a6:e9:ad:2c:ae:b7:dc:5b:07:cf:6b:38:d2:cb:5a:
f7:f2:3d:f8:6d:ae:c9:7d:d8:36:13:6e:c2:45:23:
55:45:01:aa:49:68:f5:09:a8:ef:61:62:58:0b:de:
ba:44:7f:73:24:b5:e7:71:6d:0c:b3:cd:6d:73:a5:
5e:99:27:a2:b2:93:19:f9:25:1f:5d:ea:34:e5:a3:
1b:a7:d7:ea:a0:23:1b:4f:8c:97:c3:94:ce:19:ec:
3d:aa:5c:ea:3a:86:49:aa:75:9c:e7:98:8d:81:19:
2d:2b:57:cd:0e:46:61:f4:77:49:f0:16:63:03:76:
b1:cc:bf:e7:7d:9e:fb:2d:5f:ae:74:93:47:b5:56:
ae:ff:82:a4:81:fb:a7:a3:16:3b:bb:f8:88:e0:76:
f1:42:1e:e3:25:5f:a6:d5:8e:a7:15:41:84:a8:86:
34:6d:1c:8c:fb:81:2e:64:66:d9:40:3a:fd:1a:58:
c2:4c:1d:b1:df:1c:97:fd:9e:2f:5f:47:9d:80:97:
07:aa:56:85:fe:7e:f0:7a:d6:73:cd:e4:c9:94:bd:
35:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0C:5E:1D:80:3A:82:DF:7D:52:72:DF:1D:FB:5A:A2:AD:36:FC:27
X509v3 Authority Key Identifier:
keyid:BF:80:9A:7E:6C:A1:4D:0A:1A:97:66:73:E0:31:9E:34:E9:56:ED:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4CafmyhTQoal2Zz4DGeNOlW7T0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/LgxeHYA6gt99UnLfHftaoq02_Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3a382a-3dda-4796-b320-3fdfb4140f24/1/v4CafmyhTQoal2Zz4DGeNOlW7T0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.112.0/21
77.242.112.0/20
87.236.0.0/21
139.28.200.0/22
185.113.212.0/22
188.92.56.0/21
IPv6:
2a00:a000::/32
Signature Algorithm: sha256WithRSAEncryption
b5:ce:e1:9f:09:05:54:04:da:ef:75:0b:72:78:ba:7b:e0:c5:
eb:06:d5:58:f0:57:44:9e:c3:12:35:a5:99:f3:77:4a:be:f3:
ab:8f:ae:2b:5c:9a:06:50:01:23:df:65:77:b0:18:99:c7:f4:
9f:12:fa:93:57:f1:79:46:ad:c0:bf:d9:1b:2e:ed:38:ac:08:
0b:f9:58:1d:c7:03:36:e1:99:c2:50:6e:17:9f:10:40:05:a7:
d7:8f:ee:e2:b4:89:1c:df:13:ce:ca:f9:68:cc:ec:62:47:04:
e3:11:28:11:19:95:2d:73:07:81:11:e4:b2:d3:b5:ab:40:bb:
c3:ad:41:da:d4:56:cf:85:17:30:c2:6f:af:b0:bf:c0:d9:62:
31:44:f2:15:7d:15:cc:ea:90:c1:da:e8:eb:91:80:e0:d0:c8:
a8:ae:e4:cd:55:02:02:1e:cb:ae:c5:07:7e:24:4b:39:a9:0c:
bd:e5:b5:6f:bd:15:37:bc:6d:2f:d3:d9:97:b4:50:37:31:f3:
ba:35:e8:c8:e6:04:75:9e:6f:4b:e9:1e:58:42:cf:dc:f5:7a:
54:76:55:fb:67:85:a2:d1:04:01:39:f5:11:4d:ea:84:e9:a6:
07:05:1d:b6:94:a4:3b:63:ea:25:a8:2b:32:99:7b:09:34:da:
93:e6:a8:e0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIECkWudTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZjgwOWE3ZTZjYTE0ZDBhMWE5NzY2NzNlMDMxOWUzNGU5NTZlZDNkMB4XDTIyMDEw
MTA1NTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwYzVlMWQ4MDNh
ODJkZjdkNTI3MmRmMWRmYjVhYTJhZDM2ZmMyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHph4W6uFnpJPIZxS9FSFcvoaZ5IvornTtcRdWQ1+7HXN2l
oBO+qweUxO8spumtLK633FsHz2s40sta9/I9+G2uyX3YNhNuwkUjVUUBqklo9Qmo
72FiWAveukR/cyS153FtDLPNbXOlXpknorKTGfklH13qNOWjG6fX6qAjG0+Ml8OU
zhnsPapc6jqGSap1nOeYjYEZLStXzQ5GYfR3SfAWYwN2scy/532e+y1frnSTR7VW
rv+CpIH7p6MWO7v4iOB28UIe4yVfptWOpxVBhKiGNG0cjPuBLmRm2UA6/RpYwkwd
sd8cl/2eL19HnYCXB6pWhf5+8HrWc83kyZS9NSMCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQuDF4dgDqC331Sct8d+1qirTb8JzAfBgNVHSMEGDAWgBS/gJp+bKFNChqX
ZnPgMZ406VbtPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Y0Q2FmbXloVFFvYWwyWno0REdlTk9sVzdUMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvM2EzODJhLTNkZGEtNDc5Ni1iMzIwLTNmZGZiNDE0MGYyNC8x
L0xneGVIWUE2Z3Q5OVVuTGZIZnRhb3EwMl9DYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
M2EzODJhLTNkZGEtNDc5Ni1iMzIwLTNmZGZiNDE0MGYyNC8xL3Y0Q2FmbXloVFFv
YWwyWno0REdlTk9sVzdUMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAyXrcAMEBE3ycAMEA1fsAAMEAosc
yAMEArlx1AMEA7xcODANBAIAAjAHAwUAKgCgADANBgkqhkiG9w0BAQsFAAOCAQEA
tc7hnwkFVATa73ULcni6e+DF6wbVWPBXRJ7DEjWlmfN3Sr7zq4+uK1yaBlABI99l
d7AYmcf0nxL6k1fxeUatwL/ZGy7tOKwIC/lYHccDNuGZwlBuF58QQAWn14/u4rSJ
HN8Tzsr5aMzsYkcE4xEoERmVLXMHgRHkstO1q0C7w61B2tRWz4UXMMJvr7C/wNli
MUTyFX0VzOqQwdro65GA4NDIqK7kzVUCAh7LrsUHfiRLOakMveW1b70VN7xtL9PZ
l7RQNzHzujXoyOYEdZ5vS+keWELP3PV6VHZV+2eFotEEATn1EU3qhOmmBwUdtpSk
O2PqJagrMpl7CTTak+ao4A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:00 2024 by rpki-client on console-fra.rpki-client.org