Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/LtQPID-kkJjXK8UCY5HhRXRXyUw.roa
File: LtQPID-kkJjXK8UCY5HhRXRXyUw.roa (raw, json)
Hash identifier: 4xf/0EG6+i98Rjx6EC98iUBewPsmESld7Oby0cLi3YY=
Subject key identifier: 2E:D4:0F:20:3F:A4:90:98:D7:2B:C5:02:63:91:E1:45:74:57:C9:4C
Certificate issuer: /CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Certificate serial: 05AE3B38
Authority key identifier: 47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/LtQPID-kkJjXK8UCY5HhRXRXyUw.roa
Signing time: Sat 01 Jan 2022 10:01:54 +0000
ROA not before: Sat 01 Jan 2022 10:01:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204861
IP address blocks: 194.169.190.0/24 maxlen: 24
194.169.193.0/24 maxlen: 24
194.169.196.0/24 maxlen: 24
194.169.213.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95304504 (0x5ae3b38)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47cf2714f29db80352e9f309ea2e8c528c946bd9
Validity
Not Before: Jan 1 10:01:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ed40f203fa49098d72bc5026391e1457457c94c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0c:36:c7:9c:d9:e1:75:03:5c:bc:a2:90:dc:
e6:b0:12:82:5e:7d:47:04:58:92:19:0c:c4:bd:97:
14:97:d1:ba:86:79:f0:a8:6e:98:9d:0a:3e:c3:cf:
d5:5b:62:6e:31:9c:94:3a:b1:81:c2:cc:bf:81:81:
0a:d4:7c:3a:48:2f:8c:a7:05:c3:0f:9a:c0:64:9a:
fd:c9:cc:43:65:18:24:48:dd:fc:2c:a3:5b:c1:2f:
54:6b:63:85:3c:e2:90:53:bc:bc:4e:f4:2a:4d:c3:
85:7c:4d:a7:95:e2:0b:71:ce:84:e7:b5:6b:df:ed:
1f:1e:89:9a:df:2c:d4:af:ce:f7:7d:ec:97:00:28:
51:72:51:79:1d:94:76:81:0a:6a:2a:15:4a:fe:09:
64:aa:5f:21:6a:44:44:3f:b0:25:26:98:c0:43:d0:
14:f2:b2:c8:42:0e:df:83:c4:64:72:f1:e4:87:fc:
b2:5e:cf:bf:ce:24:1a:f9:d8:b7:5a:23:06:1e:8e:
92:75:60:f8:76:64:a9:2a:8c:08:da:a7:46:be:26:
b3:08:f5:2c:7d:5e:91:80:ad:c1:c2:59:68:90:30:
c3:7a:85:81:2a:9e:e5:7b:0f:c8:2b:fa:91:03:7c:
53:46:eb:92:ce:eb:fc:16:3c:e4:e0:9f:7b:03:6f:
b3:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D4:0F:20:3F:A4:90:98:D7:2B:C5:02:63:91:E1:45:74:57:C9:4C
X509v3 Authority Key Identifier:
keyid:47:CF:27:14:F2:9D:B8:03:52:E9:F3:09:EA:2E:8C:52:8C:94:6B:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R88nFPKduANS6fMJ6i6MUoyUa9k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/LtQPID-kkJjXK8UCY5HhRXRXyUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/2b192f-6cee-47fa-8395-58adf78d8278/1/R88nFPKduANS6fMJ6i6MUoyUa9k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.169.190.0/24
194.169.193.0/24
194.169.196.0/24
194.169.213.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:25:6e:09:ec:bf:b8:3e:5c:da:a5:6c:d4:ec:08:23:1a:55:
3e:b8:63:96:68:c5:ba:bb:55:3c:3b:b0:97:69:88:77:1b:35:
9d:30:7d:3c:01:50:a8:ab:ee:b2:eb:46:b8:22:10:6a:14:cd:
f0:26:24:bb:ea:70:08:8f:16:0c:03:43:a6:02:42:b5:72:df:
c6:6a:49:18:41:44:f3:81:58:da:c3:4e:0b:2e:24:42:f1:11:
d0:2e:97:ad:f7:b7:7f:6f:7d:07:20:79:87:3a:90:a8:59:83:
d0:64:d4:a7:28:ef:c6:58:ce:22:5e:01:78:2b:4a:cc:7f:f5:
a9:12:74:bf:ad:a0:06:a1:d9:66:f5:4a:d3:72:8c:94:9a:a4:
ea:b3:53:0a:61:f8:6a:f4:2b:f9:26:d9:24:72:5e:a9:41:2c:
cf:97:ae:7a:09:77:5e:c8:72:42:a9:b0:e0:88:dd:0b:25:f8:
41:1b:18:98:ba:93:73:f6:6f:33:d0:04:f0:21:de:99:d7:57:
e5:f2:e0:13:32:71:ad:dd:bb:66:0f:72:bb:1b:62:95:42:cc:
79:bc:6d:5f:0e:24:61:14:89:4b:c3:f0:80:84:b5:32:2a:15:
78:ea:2b:f0:02:d7:0a:49:fa:07:4c:d7:c1:85:a3:b7:55:14:
7f:03:35:50
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBa47ODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2NmMjcxNGYyOWRiODAzNTJlOWYzMDllYTJlOGM1MjhjOTQ2YmQ5MB4XDTIyMDEw
MTEwMDE1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVkNDBmMjAzZmE0
OTA5OGQ3MmJjNTAyNjM5MWUxNDU3NDU3Yzk0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOwMNsec2eF1A1y8opDc5rASgl59RwRYkhkMxL2XFJfRuoZ5
8KhumJ0KPsPP1VtibjGclDqxgcLMv4GBCtR8OkgvjKcFww+awGSa/cnMQ2UYJEjd
/CyjW8EvVGtjhTzikFO8vE70Kk3DhXxNp5XiC3HOhOe1a9/tHx6Jmt8s1K/O933s
lwAoUXJReR2UdoEKaioVSv4JZKpfIWpERD+wJSaYwEPQFPKyyEIO34PEZHLx5If8
sl7Pv84kGvnYt1ojBh6OknVg+HZkqSqMCNqnRr4mswj1LH1ekYCtwcJZaJAww3qF
gSqe5XsPyCv6kQN8U0brks7r/BY85OCfewNvs30CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQu1A8gP6SQmNcrxQJjkeFFdFfJTDAfBgNVHSMEGDAWgBRHzycU8p24A1Lp
8wnqLoxSjJRr2TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1I4OG5GUEtkdUFOUzZmTUo2aTZNVW95VWE5ay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjEvMmIxOTJmLTZjZWUtNDdmYS04Mzk1LTU4YWRmNzhkODI3OC8x
L0x0UVBJRC1ra0pqWEs4VUNZNUhoUlhSWHlVdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEv
MmIxOTJmLTZjZWUtNDdmYS04Mzk1LTU4YWRmNzhkODI3OC8xL1I4OG5GUEtkdUFO
UzZmTUo2aTZNVW95VWE5ay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMKpvgMEAMKpwQMEAMKpxAMEAMKp
1TANBgkqhkiG9w0BAQsFAAOCAQEATiVuCey/uD5c2qVs1OwIIxpVPrhjlmjFurtV
PDuwl2mIdxs1nTB9PAFQqKvusutGuCIQahTN8CYku+pwCI8WDANDpgJCtXLfxmpJ
GEFE84FY2sNOCy4kQvER0C6Xrfe3f299ByB5hzqQqFmD0GTUpyjvxljOIl4BeCtK
zH/1qRJ0v62gBqHZZvVK03KMlJqk6rNTCmH4avQr+SbZJHJeqUEsz5euegl3Xshy
Qqmw4IjdCyX4QRsYmLqTc/ZvM9AE8CHemddX5fLgEzJxrd27Zg9yuxtilULMebxt
Xw4kYRSJS8PwgIS1MioVeOor8ALXCkn6B0zXwYWjt1UUfwM1UA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:15 2024 by rpki-client on console-fra.rpki-client.org