Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/lffKER8773QlJZ_7lbD1ISY2LG8.roa
File: lffKER8773QlJZ_7lbD1ISY2LG8.roa (raw, json)
Hash identifier: mNPInNzhrmlbOSvdJYNytpPr+fxS59e2I37TY339BlM=
Subject key identifier: 95:F7:CA:11:1F:3B:EF:74:25:25:9F:FB:95:B0:F5:21:26:36:2C:6F
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 01854050E5A3A4B8563FB191B4CDA26E6379
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/lffKER8773QlJZ_7lbD1ISY2LG8.roa
Signing time: Fri 23 Dec 2022 18:48:41 +0000
ROA not before: Fri 23 Dec 2022 18:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 174
IP address blocks: 185.152.92.0/22 maxlen: 24
85.239.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:40:50:e5:a3:a4:b8:56:3f:b1:91:b4:cd:a2:6e:63:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Dec 23 18:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95f7ca111f3bef7425259ffb95b0f52126362c6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fa:a7:8a:a4:34:19:12:8c:98:51:2e:cc:f3:
74:94:65:4a:3e:65:bb:6e:28:20:6b:4e:2f:d4:b1:
9d:b7:05:27:ed:a9:12:73:c8:e2:0e:ff:8f:45:dd:
a5:0c:45:47:c2:ed:fd:d7:6f:a6:29:c6:df:a4:ee:
90:84:53:11:96:c3:e6:0e:89:04:b0:b0:cc:4b:6c:
f9:0d:9c:c5:e3:22:c1:eb:d7:87:bb:b0:b5:ff:b1:
c9:a9:33:89:5a:6d:99:f6:da:e2:f8:6f:33:07:2e:
f7:90:d4:b3:fe:5f:13:be:f3:b6:86:b8:32:9a:e8:
20:e7:72:af:72:0a:d9:45:f1:c4:b8:65:61:d8:ae:
b0:46:38:c4:c7:b1:82:22:67:b4:3a:57:fb:14:ab:
72:98:4b:bd:ac:be:87:d2:44:2f:b6:9b:f3:f3:c1:
0e:3d:28:7c:04:bd:13:27:e5:92:b6:f0:c7:48:bc:
8d:86:7d:86:9b:0d:1c:5b:6b:2e:51:a6:db:3b:91:
a5:f5:09:15:75:1c:49:63:79:f4:44:c8:11:96:04:
cc:08:1b:af:46:ef:75:31:b5:ef:d3:32:b7:92:ee:
3c:10:ac:9b:2f:5e:3b:3a:52:9a:56:e8:8d:75:51:
bd:7d:07:65:ea:b4:07:b2:49:1f:f1:76:4b:fd:ac:
e6:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F7:CA:11:1F:3B:EF:74:25:25:9F:FB:95:B0:F5:21:26:36:2C:6F
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/lffKER8773QlJZ_7lbD1ISY2LG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
185.152.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:b1:88:98:3e:59:75:cf:cc:22:71:ff:27:35:67:3b:e2:14:
50:d5:69:11:e6:89:80:fb:f6:f4:c5:b1:87:bb:2e:98:3e:dd:
d2:8d:d6:54:d9:a2:04:4e:b1:a3:db:4f:a1:ff:a5:4c:b3:aa:
1c:51:d8:98:54:32:b0:e8:73:e2:58:6b:e9:c8:1d:48:9a:4d:
dd:5f:04:e4:c4:ae:c8:f1:8e:52:88:ff:c6:9a:82:21:c4:39:
a1:34:85:95:d7:cf:54:b3:b8:62:53:5e:c6:66:b1:27:0b:8c:
f5:b9:3a:c3:0a:96:a3:e6:2a:53:03:1f:74:74:6b:74:b5:85:
94:4e:f4:64:e0:a5:74:5d:4f:99:6e:b1:7d:0a:e5:4f:13:07:
d7:c5:41:05:ba:9b:1c:b6:d4:57:fd:7a:e5:18:73:af:6a:7c:
43:ef:d7:9f:58:bd:ef:00:ed:48:94:43:94:4e:18:35:34:8e:
ca:12:28:86:4e:3b:8f:a6:0d:e4:4b:86:70:8d:18:c9:7b:e4:
05:d7:d2:1e:3e:71:1a:85:30:ad:82:e5:87:dc:cd:c2:c0:13:
9f:b8:5e:7f:8e:87:43:cf:7c:d7:e8:28:f2:3d:7d:32:79:5e:
81:3c:60:ea:57:1e:cb:13:db:51:fe:21:1c:0b:fc:71:b2:83:
57:01:78:4a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVAUOWjpLhWP7GRtM2ibmN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjIxMjIzMTg0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY3Y2ExMTFmM2JlZjc0MjUyNTlmZmI5NWIwZjUyMTI2MzYyYzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/qniqQ0GRKMmFEuzPN0lGVKPmW7
bigga04v1LGdtwUn7akSc8jiDv+PRd2lDEVHwu3912+mKcbfpO6QhFMRlsPmDokE
sLDMS2z5DZzF4yLB69eHu7C1/7HJqTOJWm2Z9tri+G8zBy73kNSz/l8TvvO2hrgy
mugg53KvcgrZRfHEuGVh2K6wRjjEx7GCIme0Olf7FKtymEu9rL6H0kQvtpvz88EO
PSh8BL0TJ+WStvDHSLyNhn2Gmw0cW2suUabbO5Gl9QkVdRxJY3n0RMgRlgTMCBuv
Ru91MbXv0zK3ku48EKybL147OlKaVuiNdVG9fQdl6rQHskkf8XZL/azmdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJX3yhEfO+90JSWf+5Ww9SEmNixvMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvbGZmS0VSODc3M1FsSlpfN2xiRDFJU1kyTEc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVe8kAwQC
uZhcMA0GCSqGSIb3DQEBCwUAA4IBAQCisYiYPll1z8wicf8nNWc74hRQ1WkR5omA
+/b0xbGHuy6YPt3SjdZU2aIETrGj20+h/6VMs6ocUdiYVDKw6HPiWGvpyB1Imk3d
XwTkxK7I8Y5SiP/GmoIhxDmhNIWV189Us7hiU17GZrEnC4z1uTrDCpaj5ipTAx90
dGt0tYWUTvRk4KV0XU+ZbrF9CuVPEwfXxUEFupscttRX/XrlGHOvanxD79efWL3v
AO1IlEOUThg1NI7KEiiGTjuPpg3kS4ZwjRjJe+QF19IePnEahTCtguWH3M3CwBOf
uF5/jodDz3zX6CjyPX0yeV6BPGDqVx7LE9tR/iEcC/xxsoNXAXhK
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org