Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/lKXLxRGx5DoE0xdbcXkjTBbxRjA.roa
File: lKXLxRGx5DoE0xdbcXkjTBbxRjA.roa (raw, json)
Hash identifier: 8B3otzTZIqFb3z/KM93sToSs9hPKiRt7g3ydpXJF3D4=
Subject key identifier: 94:A5:CB:C5:11:B1:E4:3A:04:D3:17:5B:71:79:23:4C:16:F1:46:30
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0184AF6917D1EABFF51CB7FD4C78C421B57C
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/lKXLxRGx5DoE0xdbcXkjTBbxRjA.roa
Signing time: Fri 25 Nov 2022 15:30:10 +0000
ROA not before: Fri 25 Nov 2022 15:30:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.100.0/22 maxlen: 24
103.82.0.0/22 maxlen: 24
185.42.16.0/22 maxlen: 24
125.62.72.0/22 maxlen: 24
185.17.172.0/22 maxlen: 24
185.222.112.0/22 maxlen: 24
2a03:ec40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:af:69:17:d1:ea:bf:f5:1c:b7:fd:4c:78:c4:21:b5:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Nov 25 15:30:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94a5cbc511b1e43a04d3175b7179234c16f14630
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d9:d1:aa:7a:34:5a:56:df:b8:f7:89:c3:e6:
6f:28:6b:ce:f8:d4:36:f0:2c:f7:f1:83:94:61:c5:
17:4f:ed:60:68:f7:93:db:36:e8:45:50:e5:e8:97:
f5:27:5f:2f:6a:20:9a:92:96:a8:b9:df:87:2c:da:
c3:47:13:e9:5b:67:ba:66:57:50:24:25:1f:36:4e:
89:84:b2:84:7a:cb:2a:a0:a7:d8:93:f5:c3:99:9f:
33:8e:a9:89:ab:6c:ff:7a:2a:91:ec:28:25:98:be:
e7:a2:26:1d:e4:4a:44:09:a3:5b:e1:21:97:43:38:
a8:af:f4:dc:1c:9d:2b:69:86:c9:00:a4:4c:53:5d:
af:63:a7:d9:a9:d1:d3:0a:8c:4d:9a:e2:21:22:e9:
57:56:d1:45:b9:ea:3f:bd:18:af:9c:86:c0:45:65:
51:20:54:b0:82:58:c2:c2:e5:90:03:0b:bf:eb:8e:
53:91:88:23:44:72:87:74:9a:68:65:93:37:b1:7a:
c6:7e:6a:e4:99:a3:72:ff:44:43:76:6d:f7:50:7b:
3a:3b:f4:ba:03:de:5c:63:52:4b:b7:7f:4e:69:ba:
30:ee:10:a2:49:6c:c1:39:25:3b:9b:4f:a2:c8:bc:
97:d6:f9:35:19:ac:e9:ae:39:04:59:7a:22:2d:fd:
01:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:A5:CB:C5:11:B1:E4:3A:04:D3:17:5B:71:79:23:4C:16:F1:46:30
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/lKXLxRGx5DoE0xdbcXkjTBbxRjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/22
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
68:66:9b:71:45:9a:11:35:30:c1:f7:37:db:5d:ca:c8:2b:f2:
b7:af:5d:74:3b:d2:40:6e:87:6d:09:f6:5d:7a:ef:9c:c2:63:
ac:5b:9c:22:04:bd:b8:78:64:99:dd:81:57:9c:fc:db:e5:b4:
e4:7a:77:08:34:a2:00:a3:5e:42:3d:64:5a:d6:a1:cd:7a:f3:
24:70:55:98:b4:fc:d1:30:d6:ea:b5:ff:ae:26:c4:be:f5:ed:
54:9a:00:3a:1d:a9:2b:11:cd:70:ee:b0:f4:7c:fa:c9:26:84:
3f:c7:76:7a:63:7c:90:a0:ac:81:8b:b7:a2:0f:f0:fc:7b:cd:
08:dd:02:ef:f6:76:40:e9:b4:6d:d3:cf:f1:5a:93:fe:0b:c9:
14:e0:9e:01:f1:d9:30:5f:32:34:e9:3d:69:a6:09:34:23:b8:
1e:00:8e:18:01:ea:e4:ca:7f:90:bd:c2:94:fc:b9:d0:32:41:
80:34:66:e0:07:71:5d:6b:e4:31:4e:91:b6:ce:47:c1:51:85:
f8:b7:9e:b1:15:88:30:c5:27:6f:f2:b1:8a:6c:78:8b:f3:37:
6b:39:3e:ff:21:82:93:97:74:a0:02:80:db:66:63:d7:b2:c5:
3d:e9:46:cd:ab:11:6f:8e:95:e6:da:95:db:06:f4:8e:29:33:
b9:df:55:59
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYSvaRfR6r/1HLf9THjEIbV8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjIxMTI1MTUzMDEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGE1Y2JjNTExYjFlNDNhMDRkMzE3NWI3MTc5MjM0YzE2ZjE0NjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdnRqno0WlbfuPeJw+ZvKGvO+NQ2
8Cz38YOUYcUXT+1gaPeT2zboRVDl6Jf1J18vaiCakpaoud+HLNrDRxPpW2e6ZldQ
JCUfNk6JhLKEessqoKfYk/XDmZ8zjqmJq2z/eiqR7CglmL7noiYd5EpECaNb4SGX
Qzior/TcHJ0raYbJAKRMU12vY6fZqdHTCoxNmuIhIulXVtFFueo/vRivnIbARWVR
IFSwgljCwuWQAwu/645TkYgjRHKHdJpoZZM3sXrGfmrkmaNy/0RDdm33UHs6O/S6
A95cY1JLt39Oabow7hCiSWzBOSU7m0+iyLyX1vk1GazprjkEWXoiLf0BlwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJSly8URseQ6BNMXW3F5I0wW8UYwMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvbEtYTHhSR3g1RG9FMHhkYmNYa2pUQmJ4UmpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCW9JkAwQC
Z1IAAwQCfT5IAwQCuRGsAwQCuSoQAwQCud5wMA0EAgACMAcDBQMqA+xAMA0GCSqG
SIb3DQEBCwUAA4IBAQBoZptxRZoRNTDB9zfbXcrIK/K3r110O9JAbodtCfZdeu+c
wmOsW5wiBL24eGSZ3YFXnPzb5bTkencINKIAo15CPWRa1qHNevMkcFWYtPzRMNbq
tf+uJsS+9e1UmgA6HakrEc1w7rD0fPrJJoQ/x3Z6Y3yQoKyBi7eiD/D8e80I3QLv
9nZA6bRt08/xWpP+C8kU4J4B8dkwXzI06T1ppgk0I7geAI4YAerkyn+QvcKU/LnQ
MkGANGbgB3Fda+QxTpG2zkfBUYX4t56xFYgwxSdv8rGKbHiL8zdrOT7/IYKTl3Sg
AoDbZmPXssU96UbNqxFvjpXm2pXbBvSOKTO531VZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:08 2024 by rpki-client on console-ams.rpki-client.org