Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LVQjO6GnS5mtksL7KmD7XkGO2OE.roa
File: LVQjO6GnS5mtksL7KmD7XkGO2OE.roa (raw, json)
Hash identifier: E6su3vwzumCassZTS/I1u7YZH/G4Tq0FjWlFrxXUqZo=
Subject key identifier: 2D:54:23:3B:A1:A7:4B:99:AD:92:C2:FB:2A:60:FB:5E:41:8E:D8:E1
Certificate issuer: /CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Certificate serial: 03E624F9
Authority key identifier: 23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LVQjO6GnS5mtksL7KmD7XkGO2OE.roa
Signing time: Sat 01 Jan 2022 03:55:56 +0000
ROA not before: Sat 01 Jan 2022 03:55:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6846
IP address blocks: 212.1.122.0/23 maxlen: 23
212.1.64.0/18 maxlen: 24
212.1.96.0/22 maxlen: 22
195.230.128.0/19 maxlen: 24
2a02:f1c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65414393 (0x3e624f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2378a4a9c52325a85920809ba1a4d89e21c02f17
Validity
Not Before: Jan 1 03:55:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d54233ba1a74b99ad92c2fb2a60fb5e418ed8e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6c:a5:9f:00:42:6c:39:1d:d4:e5:31:d1:2a:
37:be:95:30:d1:77:f3:a4:a8:3b:fd:3c:4b:56:e7:
44:f0:8c:41:95:83:59:cd:df:d7:6f:ce:f1:85:2e:
6b:69:03:f3:1f:44:f4:6c:6b:b2:c6:88:18:e3:22:
19:2f:e0:fb:d8:11:26:6f:70:0d:74:b0:f9:ef:df:
db:a7:78:e6:0c:9d:60:88:32:5d:82:04:6d:40:98:
41:cd:3b:a6:bc:d1:b6:0a:1c:53:12:d3:c9:74:ed:
93:e3:80:9a:2b:e3:74:3b:1a:3b:55:93:75:fe:79:
97:93:63:77:34:75:85:e8:8e:a4:ea:68:b9:c9:e4:
fe:03:ee:ff:a9:1d:95:bd:1e:66:3e:fd:57:8e:5b:
76:40:50:17:b9:04:6e:00:29:c5:78:36:e1:a1:c7:
4b:d7:be:89:73:da:29:31:68:cb:50:18:2f:f4:d2:
e2:2e:2a:9b:6c:4c:6f:e9:35:8b:c9:76:77:88:a4:
30:09:21:fa:ab:b3:5d:c9:4f:f1:24:73:c2:27:c3:
e5:15:b7:c2:15:24:b9:62:81:17:62:66:d8:74:4f:
8e:4c:7a:84:43:c8:f7:cf:d7:fc:14:2d:29:cd:74:
36:c3:95:09:8c:26:d1:06:45:2a:c5:38:6e:4f:f2:
b1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:54:23:3B:A1:A7:4B:99:AD:92:C2:FB:2A:60:FB:5E:41:8E:D8:E1
X509v3 Authority Key Identifier:
keyid:23:78:A4:A9:C5:23:25:A8:59:20:80:9B:A1:A4:D8:9E:21:C0:2F:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3ikqcUjJahZIICboaTYniHALxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/LVQjO6GnS5mtksL7KmD7XkGO2OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/d654be-174e-41f7-9cfb-937e27ee1b5b/1/I3ikqcUjJahZIICboaTYniHALxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.230.128.0/19
212.1.64.0/18
IPv6:
2a02:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
c9:29:2f:3b:c2:d4:5d:c8:31:95:45:e1:5f:fa:11:39:bf:61:
84:4a:0e:92:c9:31:f5:cc:22:56:07:cf:6a:ed:5b:09:eb:94:
37:3e:8b:98:9c:70:9a:03:c6:bc:36:55:53:92:1f:bb:1f:43:
e1:73:4b:2d:c8:47:ad:19:32:08:07:d7:d3:a0:97:20:af:d6:
8c:62:ea:3e:2b:f0:37:6e:28:d7:d5:5f:99:bc:f8:ea:b5:51:
aa:b9:d1:ad:50:65:f9:fd:a7:0b:88:3d:c0:ff:9e:0f:32:ea:
10:c2:0d:8c:d2:30:9b:43:8d:b7:bf:60:5b:30:63:e4:72:46:
8b:cf:35:f3:77:c3:14:af:c5:72:83:6f:d3:ad:72:b5:aa:96:
c2:b5:3e:95:e7:b3:a1:e5:c1:f4:87:c6:4a:cb:23:24:3b:0a:
db:38:99:cd:cd:20:bc:c1:6a:fe:4c:b0:10:06:75:7f:b9:a6:
e8:75:77:90:bc:9c:36:8c:5c:c1:60:11:70:fb:86:9a:a0:77:
ce:9a:19:2c:ed:6c:1c:bf:e1:1f:d4:a7:2d:a9:6e:62:82:26:
07:71:5d:02:1a:8a:ed:7f:bc:0e:5e:68:9a:b1:be:29:79:ab:
f3:08:7b:9e:52:10:a7:02:c4:b4:4d:83:bc:1b:ff:60:57:c2:
7b:45:44:f5
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA+Yk+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Mzc4YTRhOWM1MjMyNWE4NTkyMDgwOWJhMWE0ZDg5ZTIxYzAyZjE3MB4XDTIyMDEw
MTAzNTU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ1NDIzM2JhMWE3
NGI5OWFkOTJjMmZiMmE2MGZiNWU0MThlZDhlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5spZ8AQmw5HdTlMdEqN76VMNF386SoO/08S1bnRPCMQZWD
Wc3f12/O8YUua2kD8x9E9GxrssaIGOMiGS/g+9gRJm9wDXSw+e/f26d45gydYIgy
XYIEbUCYQc07przRtgocUxLTyXTtk+OAmivjdDsaO1WTdf55l5NjdzR1heiOpOpo
ucnk/gPu/6kdlb0eZj79V45bdkBQF7kEbgApxXg24aHHS9e+iXPaKTFoy1AYL/TS
4i4qm2xMb+k1i8l2d4ikMAkh+quzXclP8SRzwifD5RW3whUkuWKBF2Jm2HRPjkx6
hEPI98/X/BQtKc10NsOVCYwm0QZFKsU4bk/ysc8CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQtVCM7oadLma2SwvsqYPteQY7Y4TAfBgNVHSMEGDAWgBQjeKSpxSMlqFkg
gJuhpNieIcAvFzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0kzaWtxY1VqSmFoWklJQ2JvYVRZbmlIQUx4Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8x
L0xWUWpPNkduUzVtdGtzTDdLbUQ3WGtHTzJPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
ZDY1NGJlLTE3NGUtNDFmNy05Y2ZiLTkzN2UyN2VlMWI1Yi8xL0kzaWtxY1VqSmFo
WklJQ2JvYVRZbmlIQUx4Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEBcPmgAMEBtQBQDANBAIAAjAHAwUD
KgLxwDANBgkqhkiG9w0BAQsFAAOCAQEAySkvO8LUXcgxlUXhX/oROb9hhEoOkskx
9cwiVgfPau1bCeuUNz6LmJxwmgPGvDZVU5Ifux9D4XNLLchHrRkyCAfX06CXIK/W
jGLqPivwN24o19Vfmbz46rVRqrnRrVBl+f2nC4g9wP+eDzLqEMINjNIwm0ONt79g
WzBj5HJGi88183fDFK/FcoNv061ytaqWwrU+leezoeXB9IfGSssjJDsK2ziZzc0g
vMFq/kywEAZ1f7mm6HV3kLycNoxcwWARcPuGmqB3zpoZLO1sHL/hH9SnLaluYoIm
B3FdAhqK7X+8Dl5omrG+KXmr8wh7nlIQpwLEtE2DvBv/YFfCe0VE9Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:47 2024 by rpki-client on console-fra.rpki-client.org