Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/lvJ-vLsRetf74z_7IVqMwl7Dwnk.roa
File: lvJ-vLsRetf74z_7IVqMwl7Dwnk.roa (raw, json)
Hash identifier: vrETZvVOB0FMPuPrjMlYf4WJqu73wxRJjD/nj4q4qOc=
Subject key identifier: 96:F2:7E:BC:BB:11:7A:D7:FB:E3:3F:FB:21:5A:8C:C2:5E:C3:C2:79
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08BABD23
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/lvJ-vLsRetf74z_7IVqMwl7Dwnk.roa
Signing time: Sat 01 Jan 2022 07:04:26 +0000
ROA not before: Sat 01 Jan 2022 07:04:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 45.86.156.0/22 maxlen: 24
192.144.35.0/24 maxlen: 24
2a09:ff00:102::/48 maxlen: 48
2a0d:ecc0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146455843 (0x8babd23)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96f27ebcbb117ad7fbe33ffb215a8cc25ec3c279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:28:be:37:f0:39:4d:d5:15:81:d3:9a:06:94:
a6:ce:95:39:ad:15:de:42:5d:41:06:02:c4:94:de:
d7:86:bd:65:99:d4:14:28:26:1f:30:68:1c:1a:bf:
78:9d:f3:1b:12:a3:57:8c:3d:7e:f4:76:21:63:1f:
02:cc:6a:57:ef:20:1b:62:6e:6a:48:15:0c:36:42:
d8:91:17:50:12:33:58:9d:59:55:90:21:04:02:f4:
cc:9f:8b:b9:27:b0:71:9c:29:ed:c1:26:ce:93:8b:
0b:1b:c3:48:cb:d9:90:a9:4d:17:e7:34:3b:42:45:
63:bd:59:fe:fb:b8:03:48:0b:fe:78:a1:bc:da:15:
99:60:28:65:90:88:36:32:31:38:81:9c:ae:ae:0d:
62:a2:eb:d8:b0:ac:17:76:ff:1f:83:af:52:97:a1:
2a:47:ef:75:ec:3d:09:a5:25:56:8b:6e:36:0f:dd:
ae:76:fb:bf:f7:0d:ee:bf:f3:39:de:20:c2:37:01:
d1:b2:fb:04:2a:fd:3f:02:59:16:fb:02:f4:05:7c:
59:c8:ee:89:41:df:4d:8e:e0:59:44:63:97:a4:60:
6c:90:f4:ed:cb:ef:68:0b:b6:13:36:9e:6d:89:d9:
3d:d0:e3:a2:c5:74:ae:3f:d4:66:c5:36:48:92:67:
4b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F2:7E:BC:BB:11:7A:D7:FB:E3:3F:FB:21:5A:8C:C2:5E:C3:C2:79
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/lvJ-vLsRetf74z_7IVqMwl7Dwnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.156.0/22
192.144.35.0/24
IPv6:
2a09:ff00:102::/48
2a0d:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
87:e5:2b:59:b9:b5:c3:2c:7c:62:ba:e8:b1:e8:93:80:27:0f:
27:8a:e1:bb:ee:8c:8f:9d:d2:8d:bd:4c:ed:75:92:5d:f5:c0:
41:b0:15:70:59:2e:b1:23:4a:d3:e5:e3:7d:27:71:0e:17:4f:
2f:26:97:e5:b5:67:87:64:0a:d5:42:d1:39:09:80:17:94:3f:
5d:f0:96:8d:90:39:55:40:79:db:68:0a:a9:68:20:19:25:92:
34:7c:c8:2e:74:b3:c1:4f:45:66:a5:5f:ad:86:76:21:56:ca:
94:b0:bd:1f:44:93:36:f5:f7:11:1a:40:7f:0d:94:2a:1c:cf:
f2:17:c5:06:e4:e4:dd:5f:fe:b1:f6:bb:d5:3b:53:ea:91:5d:
92:66:60:fa:25:76:29:e9:69:d9:c7:f7:5f:0c:6b:9f:d5:2e:
07:76:91:5b:9d:ef:d8:fc:fc:dc:e8:5b:c9:f1:02:b4:48:e8:
12:61:dd:05:52:86:b2:1c:43:4a:6b:90:32:01:4b:40:31:e5:
3a:d5:9e:d4:53:2a:eb:f6:c7:2d:02:dd:20:41:ac:86:cd:5c:
e9:2b:26:9b:66:fc:c0:df:d8:cf:92:e9:de:e4:23:da:00:a9:
c7:3f:b2:da:b2:92:1c:55:fc:d2:0b:71:a5:78:8f:11:2d:70:
99:44:68:82
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIECLq9IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZmMjdlYmNiYjEx
N2FkN2ZiZTMzZmZiMjE1YThjYzI1ZWMzYzI3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKgovjfwOU3VFYHTmgaUps6VOa0V3kJdQQYCxJTe14a9ZZnU
FCgmHzBoHBq/eJ3zGxKjV4w9fvR2IWMfAsxqV+8gG2JuakgVDDZC2JEXUBIzWJ1Z
VZAhBAL0zJ+LuSewcZwp7cEmzpOLCxvDSMvZkKlNF+c0O0JFY71Z/vu4A0gL/nih
vNoVmWAoZZCINjIxOIGcrq4NYqLr2LCsF3b/H4OvUpehKkfvdew9CaUlVotuNg/d
rnb7v/cN7r/zOd4gwjcB0bL7BCr9PwJZFvsC9AV8WcjuiUHfTY7gWURjl6RgbJD0
7cvvaAu2EzaebYnZPdDjosV0rj/UZsU2SJJnS78CAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSW8n68uxF61/vjP/shWozCXsPCeTAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L2x2Si12THNSZXRmNzR6XzdJVnFNd2w3RHduay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwEgQCAAEwDAMEAi1WnAMEAMCQIzAWBAIAAjAQAwcA
Kgn/AAECAwUDKg3swDANBgkqhkiG9w0BAQsFAAOCAQEAh+UrWbm1wyx8YrroseiT
gCcPJ4rhu+6Mj53Sjb1M7XWSXfXAQbAVcFkusSNK0+XjfSdxDhdPLyaX5bVnh2QK
1ULROQmAF5Q/XfCWjZA5VUB522gKqWggGSWSNHzILnSzwU9FZqVfrYZ2IVbKlLC9
H0STNvX3ERpAfw2UKhzP8hfFBuTk3V/+sfa71TtT6pFdkmZg+iV2Kelp2cf3Xwxr
n9UuB3aRW53v2Pz83OhbyfECtEjoEmHdBVKGshxDSmuQMgFLQDHlOtWe1FMq6/bH
LQLdIEGshs1c6Ssmm2b8wN/Yz5Lp3uQj2gCpxz+y2rKSHFX80gtxpXiPES1wmURo
gg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org