Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/LdcgS4XIv_VW8nEWeaWPw_HBLjo.roa
File: LdcgS4XIv_VW8nEWeaWPw_HBLjo.roa (raw, json)
Hash identifier: ZsHf5FShLup1YwiwjavMm1w50h1+LgCsMIJVSw8sS0w=
Subject key identifier: 2D:D7:20:4B:85:C8:BF:F5:56:F2:71:16:79:A5:8F:C3:F1:C1:2E:3A
Certificate issuer: /CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Certificate serial: 01856D41A2DFA91E796A2893B522AA7F2918
Authority key identifier: 83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/LdcgS4XIv_VW8nEWeaWPw_HBLjo.roa
Signing time: Sun 01 Jan 2023 12:14:56 +0000
ROA not before: Sun 01 Jan 2023 12:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48689
IP address blocks: 212.57.32.0/21 maxlen: 24
195.181.248.0/22 maxlen: 24
185.65.220.0/22 maxlen: 24
2a00:1e40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:41:a2:df:a9:1e:79:6a:28:93:b5:22:aa:7f:29:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8387c219c9841ebafaa3d40806c984f9f3e4e461
Validity
Not Before: Jan 1 12:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dd7204b85c8bff556f2711679a58fc3f1c12e3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8e:6e:47:b1:28:b3:57:c6:55:f1:b9:1e:95:
e9:1b:ee:11:1f:43:45:25:1e:7e:8b:25:de:bc:79:
bb:39:29:2e:70:2b:2d:f3:4a:96:aa:ad:30:6b:51:
96:e2:7b:fd:5c:67:fc:04:4f:64:c2:94:42:22:82:
db:bc:90:9f:8a:5c:29:eb:47:3d:00:19:32:db:48:
cd:52:fa:50:8e:79:e3:59:6f:a0:50:46:b5:ae:1d:
c8:51:a1:9c:3d:18:cf:4e:a2:f8:91:c5:90:bb:1c:
40:c0:80:88:7e:0d:3b:b4:38:fb:ac:5c:03:e0:09:
24:37:ae:b7:10:da:fd:5e:04:be:50:11:2f:00:92:
26:01:3b:8b:36:e2:7a:62:c1:a2:42:6d:a0:bc:95:
26:c2:cb:91:85:a0:00:f4:3f:64:44:dd:c3:ce:05:
0c:db:12:a5:2d:86:46:4c:8a:7e:61:cf:99:e3:3c:
81:ce:28:8b:9e:4d:1b:58:97:25:44:11:8d:7f:25:
e4:69:28:88:6d:d7:75:84:aa:86:14:8a:95:7e:ac:
0e:5a:e0:bf:93:36:2d:6a:3d:9d:56:90:48:9f:67:
bb:9d:21:d2:1a:e8:fa:8f:47:b6:1a:c1:34:03:a9:
3e:fc:76:68:3c:9e:2d:92:bb:ba:ac:4c:eb:c1:dc:
e8:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D7:20:4B:85:C8:BF:F5:56:F2:71:16:79:A5:8F:C3:F1:C1:2E:3A
X509v3 Authority Key Identifier:
keyid:83:87:C2:19:C9:84:1E:BA:FA:A3:D4:08:06:C9:84:F9:F3:E4:E4:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g4fCGcmEHrr6o9QIBsmE-fPk5GE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/LdcgS4XIv_VW8nEWeaWPw_HBLjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/ed3054-0a97-497c-9703-bc91c0670d03/1/g4fCGcmEHrr6o9QIBsmE-fPk5GE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.220.0/22
195.181.248.0/22
212.57.32.0/21
IPv6:
2a00:1e40::/32
Signature Algorithm: sha256WithRSAEncryption
6b:df:c9:0e:24:ed:ef:f1:37:87:14:f2:ac:d7:7e:07:2a:10:
d6:8a:bc:a0:2d:3f:85:68:50:e3:8f:ff:98:e9:ef:4a:4b:7d:
ea:69:45:81:9c:06:a3:71:0f:50:0b:40:06:09:6b:bd:6c:10:
91:cd:01:59:61:7a:19:d9:3a:91:34:7a:2e:08:14:c3:1a:80:
ab:28:fc:41:70:3b:b3:3f:0d:29:a6:d1:68:e5:3a:27:66:65:
02:7a:4b:0c:ec:c5:36:8f:89:46:2d:a3:51:3f:76:57:6f:5b:
b7:85:fd:9e:70:ed:10:67:94:af:b8:5a:02:98:6c:f1:5a:a0:
a0:59:72:32:31:15:a8:b5:de:7a:96:4a:34:71:a0:d9:50:c1:
84:24:46:a5:6a:fa:bc:13:47:22:30:68:fd:55:31:47:a1:b5:
23:d9:f8:00:59:4f:24:44:10:07:60:be:78:83:14:33:85:14:
8c:68:61:f7:68:92:7f:53:33:7f:d0:9b:6a:07:58:af:c6:2e:
40:2f:ca:2b:93:88:41:31:c3:3a:8f:94:23:e4:14:1d:de:d6:
e0:39:ab:87:b4:b2:03:44:c5:84:08:3e:ec:7b:14:57:d4:75:
13:f2:43:47:11:e3:7b:3b:d1:32:33:b3:7b:14:9c:ea:53:45:
2f:e1:5a:dd
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVtQaLfqR55aiiTtSKqfykYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzODdjMjE5Yzk4NDFlYmFmYWEzZDQwODA2Yzk4NGY5ZjNl
NGU0NjEwHhcNMjMwMTAxMTIxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGQ3MjA0Yjg1YzhiZmY1NTZmMjcxMTY3OWE1OGZjM2YxYzEyZTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn45uR7Eos1fGVfG5HpXpG+4RH0NF
JR5+iyXevHm7OSkucCst80qWqq0wa1GW4nv9XGf8BE9kwpRCIoLbvJCfilwp60c9
ABky20jNUvpQjnnjWW+gUEa1rh3IUaGcPRjPTqL4kcWQuxxAwICIfg07tDj7rFwD
4AkkN663ENr9XgS+UBEvAJImATuLNuJ6YsGiQm2gvJUmwsuRhaAA9D9kRN3DzgUM
2xKlLYZGTIp+Yc+Z4zyBziiLnk0bWJclRBGNfyXkaSiIbdd1hKqGFIqVfqwOWuC/
kzYtaj2dVpBIn2e7nSHSGuj6j0e2GsE0A6k+/HZoPJ4tkru6rEzrwdzoOwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFC3XIEuFyL/1VvJxFnmlj8PxwS46MB8GA1UdIwQY
MBaAFIOHwhnJhB66+qPUCAbJhPnz5ORhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMt
YmM5MWMwNjcwZDAzLzEvTGRjZ1M0WEl2X1ZXOG5FV2VhV1B3X0hCTGpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9lZDMwNTQtMGE5Ny00OTdjLTk3MDMtYmM5MWMwNjcwZDAz
LzEvZzRmQ0djbUVIcnI2bzlRSUJzbUUtZlBrNUdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUHcAwQC
w7X4AwQD1DkgMA0EAgACMAcDBQAqAB5AMA0GCSqGSIb3DQEBCwUAA4IBAQBr38kO
JO3v8TeHFPKs134HKhDWirygLT+FaFDjj/+Y6e9KS33qaUWBnAajcQ9QC0AGCWu9
bBCRzQFZYXoZ2TqRNHouCBTDGoCrKPxBcDuzPw0pptFo5TonZmUCeksM7MU2j4lG
LaNRP3ZXb1u3hf2ecO0QZ5SvuFoCmGzxWqCgWXIyMRWotd56lko0caDZUMGEJEal
avq8E0ciMGj9VTFHobUj2fgAWU8kRBAHYL54gxQzhRSMaGH3aJJ/UzN/0JtqB1iv
xi5AL8ork4hBMcM6j5Qj5BQd3tbgOauHtLIDRMWECD7sexRX1HUT8kNHEeN7O9Ey
M7N7FJzqU0Uv4Vrd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:07 2025 by rpki-client