Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgCNH8nDBQbaNwfZ7dnpemzsYYI.roa
File: lgCNH8nDBQbaNwfZ7dnpemzsYYI.roa (raw, json)
Hash identifier: A7rcEoXTvfNs8NQvlp5+GikIEWupG8m0QLA0xPAk1wE=
Subject key identifier: 96:00:8D:1F:C9:C3:05:06:DA:37:07:D9:ED:D9:E9:7A:6C:EC:61:82
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1DCE4515
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgCNH8nDBQbaNwfZ7dnpemzsYYI.roa
Signing time: Fri 08 Apr 2022 12:53:27 +0000
ROA not before: Fri 08 Apr 2022 12:53:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 393398
IP address blocks: 81.161.237.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.218.136.0/22 maxlen: 24
193.42.33.0/24 maxlen: 24
193.42.35.0/24 maxlen: 24
193.42.32.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
82.115.208.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 500057365 (0x1dce4515)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 12:53:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96008d1fc9c30506da3707d9edd9e97a6cec6182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ac:c9:0d:23:14:0d:b2:61:d7:0f:94:9d:02:
f1:6e:a6:df:b9:55:02:c9:88:80:4e:2a:9f:04:0a:
bd:43:56:7d:79:91:12:1d:cf:c6:3f:65:5d:1f:2f:
f0:65:7a:55:03:88:24:39:f9:dc:b4:d5:1f:23:4a:
eb:db:fc:3e:54:8e:1a:8b:3c:5d:7e:72:14:cf:62:
21:e3:94:d6:06:a3:89:5c:52:e2:fd:f4:51:a9:ef:
8d:83:cc:b3:0f:06:d6:17:06:af:d7:42:58:e4:54:
0e:cd:4f:bf:8c:81:84:c9:3b:47:d8:15:26:2f:a8:
ed:fa:c2:9f:b8:94:4b:24:58:bb:1f:20:f7:bb:91:
72:92:de:5e:ca:d6:63:b5:84:4d:91:96:c6:90:e1:
2a:be:fa:dc:70:86:06:b8:4d:4a:22:12:c7:b5:5a:
40:ba:19:43:3a:8c:b4:90:f8:f8:7e:25:6f:15:d5:
cd:f2:f9:90:90:b9:19:72:52:b7:45:27:ec:2b:71:
09:c4:02:a3:07:b1:d1:7f:f6:42:37:da:87:46:7b:
fe:c6:6d:4b:ca:98:40:82:1f:eb:bd:0a:f2:9f:55:
19:1e:7d:94:ac:c4:ad:9a:da:77:97:78:09:f8:66:
e9:82:37:99:70:e7:0b:bd:35:65:31:79:5a:dc:17:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:00:8D:1F:C9:C3:05:06:DA:37:07:D9:ED:D9:E9:7A:6C:EC:61:82
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgCNH8nDBQbaNwfZ7dnpemzsYYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.237.0/24
82.115.208.0/22
185.218.136.0/22
193.42.32.0/22
193.58.120.0/22
Signature Algorithm: sha256WithRSAEncryption
60:4a:12:7d:74:4d:c1:96:04:77:42:99:4b:0b:92:94:48:fd:
58:b0:a0:ee:28:01:15:fe:52:1b:58:a5:6a:39:ef:cc:2e:ef:
cd:b1:2b:04:a4:2c:3b:51:7b:98:32:7d:1c:11:15:4f:1d:5c:
31:e5:28:23:0d:27:78:e2:06:a9:8e:77:57:23:f0:8a:86:00:
e5:89:1f:4f:f9:9c:18:3c:09:2a:dc:97:2e:8b:a3:32:83:39:
f9:e2:03:bf:1e:cb:b3:0b:fb:70:2e:1c:d3:68:92:4b:26:0e:
ed:e8:cb:0d:ee:2a:e8:5a:cb:94:98:ad:7b:a4:8f:e1:0b:bd:
3b:39:b4:47:c3:0c:32:f9:71:a1:77:f3:48:d7:66:09:fb:d5:
4a:a4:06:eb:91:44:95:f1:22:12:94:48:b2:a0:3d:95:11:8f:
d1:c8:6d:93:df:97:ed:57:c7:f9:a4:14:50:1b:d6:d8:50:fb:
4d:c4:32:21:dc:fa:e0:3b:8b:b8:3c:0a:f6:13:8c:0a:39:3c:
50:87:b0:4e:ae:67:6b:4e:29:97:62:67:94:13:ca:10:f2:40:
3e:81:93:d3:fa:b7:45:90:5d:11:c7:28:9f:c1:43:a2:ce:40:
b0:be:c0:d9:6b:ad:5c:4d:bd:81:3f:36:24:c2:ee:f3:db:c9:
95:f5:53:a0
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEHc5FFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDQw
ODEyNTMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYwMDhkMWZjOWMz
MDUwNmRhMzcwN2Q5ZWRkOWU5N2E2Y2VjNjE4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2syQ0jFA2yYdcPlJ0C8W6m37lVAsmIgE4qnwQKvUNWfXmR
Eh3Pxj9lXR8v8GV6VQOIJDn53LTVHyNK69v8PlSOGos8XX5yFM9iIeOU1gajiVxS
4v30UanvjYPMsw8G1hcGr9dCWORUDs1Pv4yBhMk7R9gVJi+o7frCn7iUSyRYux8g
97uRcpLeXsrWY7WETZGWxpDhKr763HCGBrhNSiISx7VaQLoZQzqMtJD4+H4lbxXV
zfL5kJC5GXJSt0Un7CtxCcQCowex0X/2Qjfah0Z7/sZtS8qYQIIf670K8p9VGR59
lKzErZrad5d4Cfhm6YI3mXDnC701ZTF5WtwXN2MCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSWAI0fycMFBto3B9nt2el6bOxhgjAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L2xnQ05IOG5EQlFiYU53Zlo3ZG5wZW16c1lZSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFGh7QMEAlJz0AMEArnaiAMEAsEq
IAMEAsE6eDANBgkqhkiG9w0BAQsFAAOCAQEAYEoSfXRNwZYEd0KZSwuSlEj9WLCg
7igBFf5SG1ilajnvzC7vzbErBKQsO1F7mDJ9HBEVTx1cMeUoIw0neOIGqY53VyPw
ioYA5YkfT/mcGDwJKtyXLoujMoM5+eIDvx7Lswv7cC4c02iSSyYO7ejLDe4q6FrL
lJite6SP4Qu9Ozm0R8MMMvlxoXfzSNdmCfvVSqQG65FElfEiEpRIsqA9lRGP0cht
k9+X7VfH+aQUUBvW2FD7TcQyIdz64DuLuDwK9hOMCjk8UIewTq5na04pl2JnlBPK
EPJAPoGT0/q3RZBdEccon8FDos5AsL7A2WutXE29gT82JMLu89vJlfVToA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org