Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/LHSoVkec_RXYRtdEwIt5voQAAcM.roa
File: LHSoVkec_RXYRtdEwIt5voQAAcM.roa (raw, json)
Hash identifier: iMS1ANkzp+ydI5gUFkBWIaxzNLgw4gT6+Gz5IavGTK8=
Subject key identifier: 2C:74:A8:56:47:9C:FD:15:D8:46:D7:44:C0:8B:79:BE:84:00:01:C3
Certificate issuer: /CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Certificate serial: 1A672D9A
Authority key identifier: B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/LHSoVkec_RXYRtdEwIt5voQAAcM.roa
Signing time: Sat 01 Jan 2022 06:59:10 +0000
ROA not before: Sat 01 Jan 2022 06:59:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41729
IP address blocks: 89.248.0.0/20 maxlen: 20
88.151.160.0/21 maxlen: 21
45.158.92.0/22 maxlen: 22
91.184.128.0/19 maxlen: 19
195.177.96.0/24 maxlen: 24
195.177.97.0/24 maxlen: 24
195.177.99.0/24 maxlen: 24
2a00:1a78::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 442969498 (0x1a672d9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a0bd42058a0390f463cfeb7b17e21de0b75500
Validity
Not Before: Jan 1 06:59:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c74a856479cfd15d846d744c08b79be840001c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:f4:27:f3:57:e8:47:16:24:e2:b4:63:63:af:
a2:6e:f6:d5:30:a2:65:e5:13:5f:89:d3:38:df:ca:
99:76:6f:87:7b:2b:ae:55:7c:b4:01:78:ae:18:bf:
0c:0f:03:34:5d:c9:b7:98:fd:eb:3b:85:24:0d:f8:
4c:d3:b0:5c:29:74:94:64:d9:ad:6d:21:19:87:01:
f8:21:eb:1a:98:ce:21:9c:18:b8:4a:7a:a5:fe:ca:
63:c7:70:4a:63:be:54:38:9f:91:60:cf:47:c9:38:
1d:7b:84:ee:e9:3e:32:ea:66:ae:07:9b:76:32:87:
00:39:f4:79:91:a2:af:34:a5:3a:b3:a8:ea:49:a7:
7c:94:00:2e:8f:93:9a:a4:85:d7:eb:fa:2f:fd:fb:
8c:31:3f:5a:25:9c:b2:e4:7c:8b:16:01:1f:8e:0c:
57:0e:d8:e1:27:4e:c3:a1:c4:05:67:5c:91:46:69:
04:20:43:f3:dd:24:99:a1:e7:94:4d:20:b5:b9:3c:
f8:97:3f:16:ff:04:59:75:4d:b1:d2:6b:35:2b:94:
36:26:5c:b1:b4:59:d6:53:87:d0:aa:a0:93:d8:86:
dd:9f:59:07:14:45:40:11:6f:67:4a:43:f0:18:16:
e0:62:82:d2:3a:fa:5f:2f:4e:11:9e:e6:8f:b7:e4:
6e:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:74:A8:56:47:9C:FD:15:D8:46:D7:44:C0:8B:79:BE:84:00:01:C3
X509v3 Authority Key Identifier:
keyid:B1:A0:BD:42:05:8A:03:90:F4:63:CF:EB:7B:17:E2:1D:E0:B7:55:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saC9QgWKA5D0Y8_rexfiHeC3VQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/LHSoVkec_RXYRtdEwIt5voQAAcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/c6f76b-7887-412a-bab4-ec2819c0ac4d/1/saC9QgWKA5D0Y8_rexfiHeC3VQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.158.92.0/22
88.151.160.0/21
89.248.0.0/20
91.184.128.0/19
195.177.96.0/23
195.177.99.0/24
IPv6:
2a00:1a78::/32
Signature Algorithm: sha256WithRSAEncryption
66:fb:c4:ef:6a:e3:f9:4e:94:9d:b2:e8:1f:d6:85:32:ef:4a:
14:7b:27:95:0e:a4:e0:79:09:43:6f:6a:b5:e6:fb:14:2b:40:
b7:9f:d2:7a:9e:f8:02:d6:81:a5:ce:db:dd:0b:2f:f4:e4:2a:
f4:e0:c5:05:71:0a:b5:27:d1:20:0f:f4:88:fa:fc:d0:04:cd:
03:6d:a7:a2:18:51:4a:68:1b:3e:a1:38:07:13:af:45:8a:25:
40:a6:e4:05:7f:02:4f:83:0c:29:c3:35:1d:f5:0f:0b:28:51:
d9:da:54:f4:42:58:bc:91:f5:77:d7:7a:2c:a8:b9:3c:97:8d:
82:15:58:bc:55:59:7b:a9:d8:77:9f:82:d8:52:5b:62:1f:19:
f0:4c:cc:7a:d4:28:0d:16:eb:15:29:86:46:31:77:ce:72:df:
69:99:e7:88:16:a8:29:0c:5d:fc:7e:0d:63:25:4a:a5:72:aa:
fe:9a:8d:a8:be:66:08:ed:56:6c:bf:90:6e:98:3e:6c:3e:61:
bb:24:93:f6:07:62:d5:52:dd:f6:d5:de:e7:9c:d6:17:83:cc:
40:91:0f:c6:cb:75:33:17:b7:01:2c:db:92:3f:c5:cf:42:db:
6e:b6:2c:d6:e9:45:b5:ad:45:cc:c6:fa:46:11:cd:d7:84:f1:
89:9b:11:d8
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEGmctmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MWEwYmQ0MjA1OGEwMzkwZjQ2M2NmZWI3YjE3ZTIxZGUwYjc1NTAwMB4XDTIyMDEw
MTA2NTkxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3NGE4NTY0Nzlj
ZmQxNWQ4NDZkNzQ0YzA4Yjc5YmU4NDAwMDFjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOD0J/NX6EcWJOK0Y2Ovom721TCiZeUTX4nTON/KmXZvh3sr
rlV8tAF4rhi/DA8DNF3Jt5j96zuFJA34TNOwXCl0lGTZrW0hGYcB+CHrGpjOIZwY
uEp6pf7KY8dwSmO+VDifkWDPR8k4HXuE7uk+MupmrgebdjKHADn0eZGirzSlOrOo
6kmnfJQALo+TmqSF1+v6L/37jDE/WiWcsuR8ixYBH44MVw7Y4SdOw6HEBWdckUZp
BCBD890kmaHnlE0gtbk8+Jc/Fv8EWXVNsdJrNSuUNiZcsbRZ1lOH0Kqgk9iG3Z9Z
BxRFQBFvZ0pD8BgW4GKC0jr6Xy9OEZ7mj7fkbjMCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQsdKhWR5z9FdhG10TAi3m+hAABwzAfBgNVHSMEGDAWgBSxoL1CBYoDkPRj
z+t7F+Id4LdVADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NhQzlRZ1dLQTVEMFk4X3JleGZpSGVDM1ZRQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDQvYzZmNzZiLTc4ODctNDEyYS1iYWI0LWVjMjgxOWMwYWM0ZC8x
L0xIU29Wa2VjX1JYWVJ0ZEV3SXQ1dm9RQUFjTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDQv
YzZmNzZiLTc4ODctNDEyYS1iYWI0LWVjMjgxOWMwYWM0ZC8xL3NhQzlRZ1dLQTVE
MFk4X3JleGZpSGVDM1ZRQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAi2eXAMEA1iXoAMEBFn4AAMEBVu4
gAMEAcOxYAMEAMOxYzANBAIAAjAHAwUAKgAaeDANBgkqhkiG9w0BAQsFAAOCAQEA
ZvvE72rj+U6UnbLoH9aFMu9KFHsnlQ6k4HkJQ29qteb7FCtAt5/Sep74AtaBpc7b
3Qsv9OQq9ODFBXEKtSfRIA/0iPr80ATNA22nohhRSmgbPqE4BxOvRYolQKbkBX8C
T4MMKcM1HfUPCyhR2dpU9EJYvJH1d9d6LKi5PJeNghVYvFVZe6nYd5+C2FJbYh8Z
8EzMetQoDRbrFSmGRjF3znLfaZnniBaoKQxd/H4NYyVKpXKq/pqNqL5mCO1WbL+Q
bpg+bD5huyST9gdi1VLd9tXe55zWF4PMQJEPxst1Mxe3ASzbkj/Fz0LbbrYs1ulF
ta1FzMb6RhHN14TxiZsR2A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:59 2024 by rpki-client on console-ams.rpki-client.org