Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LUA-F_aE3Fsi_sHPbvhlilQYTf8.roa
File: LUA-F_aE3Fsi_sHPbvhlilQYTf8.roa (raw, json)
Hash identifier: FsOmqiO0y+i3rGcPnjqPSwr6pTD/DkZDkXxY3l2eh18=
Subject key identifier: 2D:40:3E:17:F6:84:DC:5B:22:FE:C1:CF:6E:F8:65:8A:54:18:4D:FF
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 01855CAFCF2A1CC02A71A84EA87076AF644B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LUA-F_aE3Fsi_sHPbvhlilQYTf8.roa
Signing time: Thu 29 Dec 2022 07:01:43 +0000
ROA not before: Thu 29 Dec 2022 07:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400377
IP address blocks: 62.76.225.0/24 maxlen: 24
62.76.226.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
193.124.18.0/24 maxlen: 24
193.124.45.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
195.58.51.0/24 maxlen: 24
194.87.125.0/24 maxlen: 24
194.87.124.0/24 maxlen: 24
194.87.122.0/24 maxlen: 24
194.87.139.0/24 maxlen: 24
193.124.90.0/24 maxlen: 24
194.87.200.0/24 maxlen: 24
194.87.205.0/24 maxlen: 24
195.133.76.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.252.0/24 maxlen: 24
212.192.1.0/24 maxlen: 24
212.192.9.0/24 maxlen: 24
194.87.170.0/24 maxlen: 24
192.124.183.0/24 maxlen: 24
192.124.180.0/24 maxlen: 24
193.124.200.0/24 maxlen: 24
195.133.193.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5c:af:cf:2a:1c:c0:2a:71:a8:4e:a8:70:76:af:64:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 29 07:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d403e17f684dc5b22fec1cf6ef8658a54184dff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:52:8e:d7:d8:4d:2e:44:df:00:c9:c2:6b:2a:
12:b8:9a:d8:7d:db:ca:1f:61:fa:9e:89:68:dd:1e:
8f:22:57:bb:80:d5:1e:43:bc:a5:3a:21:e3:35:4b:
6c:98:86:7c:b0:bf:b7:a6:0a:b0:0e:1d:f9:e5:26:
58:ac:1c:ea:01:6c:62:21:bf:62:a8:0c:05:5d:1c:
18:79:10:f4:55:0d:6c:23:ca:82:99:53:3f:35:d5:
73:f2:49:d2:ab:be:0d:59:51:43:50:8d:f0:c6:bb:
b6:c0:7e:a9:43:32:cd:aa:2e:02:b7:d3:f2:19:ed:
ec:0b:fc:22:e5:57:3c:25:d5:84:95:e2:b5:33:cc:
d5:ac:e1:a0:a7:9e:22:29:a7:6e:9a:4a:37:2d:74:
af:d6:29:ce:a7:27:cb:36:99:80:6c:55:32:4c:d6:
60:9b:e6:b2:5d:47:75:25:ef:42:bc:e5:e1:3f:80:
71:92:46:de:a0:e3:01:c1:f8:a2:8a:e0:6c:3c:b3:
2f:cc:73:1c:1e:93:ed:83:c8:99:55:e1:5d:71:bd:
89:2a:39:f4:e3:5d:b8:c0:fb:ca:c7:67:64:b0:3b:
63:80:f6:1f:ad:93:47:b7:f1:62:83:31:ae:ce:62:
27:15:58:f5:ac:8f:d7:43:ea:a1:62:dc:9f:64:41:
05:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:40:3E:17:F6:84:DC:5B:22:FE:C1:CF:6E:F8:65:8A:54:18:4D:FF
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LUA-F_aE3Fsi_sHPbvhlilQYTf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.225.0-62.76.226.255
192.124.180.0/24
192.124.183.0/24
193.124.18.0/24
193.124.45.0-193.124.46.255
193.124.90.0/24
193.124.200.0/24
194.58.40.0/24
194.87.2.0/24
194.87.10.0/24
194.87.122.0/24
194.87.124.0/23
194.87.139.0/24
194.87.170.0/24
194.87.200.0/24
194.87.205.0/24
194.87.233.0/24
194.87.252.0/24
195.58.51.0/24
195.133.76.0/24
195.133.193.0/24
212.192.1.0/24
212.192.9.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:b7:fc:5b:12:44:b7:72:65:9b:17:8e:59:dc:ef:a9:43:05:
ad:7e:23:db:04:2b:e4:31:6d:b4:87:cd:de:fa:e1:d1:83:25:
98:24:b7:8e:96:4b:6a:90:23:2f:5a:a6:38:35:a2:b1:48:e0:
32:a0:1c:c9:2d:80:31:99:e5:82:31:0b:9d:8b:61:2b:33:f5:
fc:8e:e2:a5:3f:74:23:7c:bc:71:c3:03:3a:5b:cc:b7:21:27:
d2:25:6e:73:0b:6b:ac:a4:63:dd:a4:9e:46:cf:a2:ce:e4:cc:
98:88:b6:14:af:77:7b:76:c2:0b:8b:cd:13:40:ac:a9:c9:7a:
28:e9:f3:18:3d:2b:06:1d:ae:2c:a4:ea:64:9d:e6:2f:03:b1:
8a:67:84:64:f5:72:69:3c:20:89:31:1b:f3:ed:8c:13:1d:43:
75:2a:e7:6c:85:38:a3:a8:36:15:dd:61:44:b5:12:a6:ae:5a:
15:91:f2:ea:bf:e1:f9:f1:d0:c7:4c:58:b7:ce:bf:eb:8b:96:
fe:23:34:f3:f7:ce:54:22:18:b9:2a:ac:d4:57:e3:09:88:f2:
23:66:c9:c5:f1:f9:0c:b8:af:7b:ec:43:97:b2:63:3f:0f:66:
39:e8:3f:d2:1f:b7:8d:b1:15:a8:78:59:5b:3b:58:f9:91:d6:
18:c0:72:e5
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAYVcr88qHMAqcahOqHB2r2RLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjI5MDcwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDQwM2UxN2Y2ODRkYzViMjJmZWMxY2Y2ZWY4NjU4YTU0MTg0ZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVKO19hNLkTfAMnCayoSuJrYfdvK
H2H6nolo3R6PIle7gNUeQ7ylOiHjNUtsmIZ8sL+3pgqwDh355SZYrBzqAWxiIb9i
qAwFXRwYeRD0VQ1sI8qCmVM/NdVz8knSq74NWVFDUI3wxru2wH6pQzLNqi4Ct9Py
Ge3sC/wi5Vc8JdWEleK1M8zVrOGgp54iKadumko3LXSv1inOpyfLNpmAbFUyTNZg
m+ayXUd1Je9CvOXhP4BxkkbeoOMBwfiiiuBsPLMvzHMcHpPtg8iZVeFdcb2JKjn0
4124wPvKx2dksDtjgPYfrZNHt/FigzGuzmInFVj1rI/XQ+qhYtyfZEEFaQIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFC1APhf2hNxbIv7Bz274ZYpUGE3/MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTFVBLUZfYUUzRnNpX3NIUGJ2aGxpbFFZVGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDCBoQQCAAEwgZowDAME
AD5M4QMEAD5M4gMEAMB8tAMEAMB8twMEAMF8EjAMAwQAwXwtAwQAwXwuAwQAwXxa
AwQAwXzIAwQAwjooAwQAwlcCAwQAwlcKAwQAwld6AwQBwld8AwQAwleLAwQAwleq
AwQAwlfIAwQAwlfNAwQAwlfpAwQAwlf8AwQAwzozAwQAw4VMAwQAw4XBAwQA1MAB
AwQA1MAJMA0GCSqGSIb3DQEBCwUAA4IBAQBtt/xbEkS3cmWbF45Z3O+pQwWtfiPb
BCvkMW20h83e+uHRgyWYJLeOlktqkCMvWqY4NaKxSOAyoBzJLYAxmeWCMQudi2Er
M/X8juKlP3QjfLxxwwM6W8y3ISfSJW5zC2uspGPdpJ5Gz6LO5MyYiLYUr3d7dsIL
i80TQKypyXoo6fMYPSsGHa4spOpkneYvA7GKZ4Rk9XJpPCCJMRvz7YwTHUN1Kuds
hTijqDYV3WFEtRKmrloVkfLqv+H58dDHTFi3zr/ri5b+IzTz985UIhi5KqzUV+MJ
iPIjZsnF8fkMuK977EOXsmM/D2Y56D/SH7eNsRWoeFlbO1j5kdYYwHLl
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org