Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LX3hi2RS2o0VkBDWxna8IPmwbho.roa
File: LX3hi2RS2o0VkBDWxna8IPmwbho.roa (raw, json)
Hash identifier: BN9pesPG/0MLMccxZqA4Zs2LgNS6kX1wv1iAQOi47ac=
Subject key identifier: 2D:7D:E1:8B:64:52:DA:8D:15:90:10:D6:C6:76:BC:20:F9:B0:6E:1A
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0184EC17EE0E19880428DEECE16E0FEC6C5D
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LX3hi2RS2o0VkBDWxna8IPmwbho.roa
Signing time: Wed 07 Dec 2022 10:18:22 +0000
ROA not before: Wed 07 Dec 2022 10:18:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 194.87.120.0/23 maxlen: 24
195.133.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:17:ee:0e:19:88:04:28:de:ec:e1:6e:0f:ec:6c:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 7 10:18:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d7de18b6452da8d159010d6c676bc20f9b06e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3f:b9:72:84:a5:f7:4c:ac:11:d7:87:54:65:
17:ff:6e:df:3a:79:90:3f:4f:b3:65:0b:ca:56:d0:
cd:12:36:c4:dd:a4:67:05:a2:4e:59:e7:68:fa:96:
8b:31:cf:85:e9:b7:9e:80:cb:e4:31:e5:5e:33:6b:
f5:54:57:64:25:a5:6e:10:4a:54:5d:6c:3f:1e:a9:
5d:6a:af:fa:fb:1d:32:81:17:ab:98:a1:ec:eb:26:
56:1b:91:c7:67:39:83:68:7a:55:91:15:bb:dd:2b:
43:02:af:85:81:f4:1e:1b:57:fe:77:4f:95:37:d2:
c8:e8:a6:ee:d3:3d:f9:5d:9d:7f:31:c8:f1:86:28:
5f:7e:48:64:85:18:d4:7f:fc:52:bb:66:25:6b:b3:
b9:ca:26:03:46:88:37:0c:48:47:7e:dc:ee:0d:48:
82:3d:ea:fa:52:5f:22:52:a9:ea:57:03:7c:48:7d:
a5:a8:16:7d:ff:65:83:9a:66:d3:80:c6:72:db:62:
77:05:7e:08:06:1b:2c:ed:91:71:ae:3b:e9:af:cc:
fd:e7:09:80:77:73:a1:86:35:63:3c:e1:d5:94:e6:
bc:10:8c:ac:e3:2c:ff:61:ce:34:a8:2d:80:3b:c4:
aa:4f:a5:a4:1e:bb:8b:7e:a6:da:98:33:da:01:37:
32:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:7D:E1:8B:64:52:DA:8D:15:90:10:D6:C6:76:BC:20:F9:B0:6E:1A
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LX3hi2RS2o0VkBDWxna8IPmwbho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.120.0/23
195.133.24.0/24
Signature Algorithm: sha256WithRSAEncryption
84:c2:b7:a6:7d:18:53:14:b4:de:e9:ae:90:94:ad:fb:5b:e6:
cc:76:6c:a1:de:14:8c:52:95:04:96:f0:34:e7:db:1c:70:86:
38:08:b7:9d:bb:0b:3e:ef:4a:ed:8b:3c:fc:18:68:1d:df:38:
70:27:bd:5c:fb:1f:91:4c:d6:e5:5f:78:35:c3:e2:b3:32:74:
1d:9c:a4:20:3b:58:57:fa:45:2f:d9:57:0e:6a:b3:09:50:17:
79:f3:a4:e6:04:78:4f:0a:f2:01:29:e3:1f:32:66:81:d7:de:
d4:4e:06:06:ed:08:66:ca:f4:c2:b6:3e:11:ed:7e:d9:ea:13:
04:ae:e3:54:59:47:95:a6:21:46:28:b4:ed:94:69:a9:84:e8:
23:61:0f:55:88:ea:2a:82:8a:45:63:0a:a9:8c:1b:77:67:f9:
4b:61:d8:c7:11:84:02:2d:2e:2c:ce:2b:ae:76:88:d9:7c:49:
62:21:5f:d6:d6:e3:a7:e8:41:e7:03:e9:8c:0d:cb:bd:7f:d1:
11:7a:d7:9b:af:65:ea:b8:d9:e9:20:db:db:c1:c8:1a:ee:1a:
97:19:b4:8b:dc:58:3b:1a:7c:cb:4d:d4:82:4f:e6:af:48:53:
64:b1:5b:b8:37:42:af:c3:b0:1b:25:e0:47:85:52:90:28:44:
3d:73:54:ac
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTsF+4OGYgEKN7s4W4P7GxdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMjA3MTAxODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDdkZTE4YjY0NTJkYThkMTU5MDEwZDZjNjc2YmMyMGY5YjA2ZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT+5coSl90ysEdeHVGUX/27fOnmQ
P0+zZQvKVtDNEjbE3aRnBaJOWedo+paLMc+F6beegMvkMeVeM2v1VFdkJaVuEEpU
XWw/Hqldaq/6+x0ygRermKHs6yZWG5HHZzmDaHpVkRW73StDAq+FgfQeG1f+d0+V
N9LI6Kbu0z35XZ1/McjxhihffkhkhRjUf/xSu2Yla7O5yiYDRog3DEhHftzuDUiC
Per6Ul8iUqnqVwN8SH2lqBZ9/2WDmmbTgMZy22J3BX4IBhss7ZFxrjvpr8z95wmA
d3OhhjVjPOHVlOa8EIys4yz/Yc40qC2AO8SqT6WkHruLfqbamDPaATcyXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC194YtkUtqNFZAQ1sZ2vCD5sG4aMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTFgzaGkyUlMybzBWa0JEV3huYThJUG13YmhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwld4AwQA
w4UYMA0GCSqGSIb3DQEBCwUAA4IBAQCEwremfRhTFLTe6a6QlK37W+bMdmyh3hSM
UpUElvA059sccIY4CLeduws+70rtizz8GGgd3zhwJ71c+x+RTNblX3g1w+KzMnQd
nKQgO1hX+kUv2VcOarMJUBd586TmBHhPCvIBKeMfMmaB197UTgYG7QhmyvTCtj4R
7X7Z6hMEruNUWUeVpiFGKLTtlGmphOgjYQ9ViOoqgopFYwqpjBt3Z/lLYdjHEYQC
LS4sziuudojZfEliIV/W1uOn6EHnA+mMDcu9f9ERetebr2XquNnpINvbwcga7hqX
GbSL3Fg7GnzLTdSCT+avSFNksVu4N0Kvw7AbJeBHhVKQKEQ9c1Ss
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-ams.rpki-client.org