Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/lhd_XLA9sev41wJNyCk1bDV2k-s.roa
File: lhd_XLA9sev41wJNyCk1bDV2k-s.roa (raw, json)
Hash identifier: tkMr9zFz+ySSist8qMSbcw3Tw+E2slBHYvKLNnJkLdI=
Subject key identifier: 96:17:7F:5C:B0:3D:B1:EB:F8:D7:02:4D:C8:29:35:6C:35:76:93:EB
Certificate issuer: /CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Certificate serial: 107AA73B
Authority key identifier: 33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/lhd_XLA9sev41wJNyCk1bDV2k-s.roa
Signing time: Sat 01 Jan 2022 08:04:14 +0000
ROA not before: Sat 01 Jan 2022 08:04:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31214
IP address blocks: 5.11.64.0/20 maxlen: 20
178.210.0.0/19 maxlen: 19
109.111.128.0/19 maxlen: 19
194.50.12.0/22 maxlen: 22
91.109.128.0/19 maxlen: 19
185.251.216.0/22 maxlen: 22
37.60.208.0/20 maxlen: 20
213.149.0.0/19 maxlen: 19
31.192.128.0/19 maxlen: 19
185.16.136.0/22 maxlen: 22
83.219.128.0/19 maxlen: 19
2a03:5800::/32 maxlen: 32
2a06:50c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 276473659 (0x107aa73b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33fe80aea100e98c0da5d1ffef98b371d11edda2
Validity
Not Before: Jan 1 08:04:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96177f5cb03db1ebf8d7024dc829356c357693eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9b:b3:ea:1a:fd:96:50:3a:59:d6:e1:f0:c4:
dc:66:e1:a0:fc:61:fa:28:db:8a:56:a5:89:f9:9f:
62:d5:a3:39:a4:06:86:53:96:71:b8:35:31:74:5c:
51:60:a5:81:12:8e:6d:88:67:a3:14:13:20:e1:3e:
f1:e3:08:cf:5d:89:3c:cc:5d:a7:b1:50:80:4e:eb:
b2:bb:a6:b6:84:ce:8f:fe:71:50:b5:5d:50:f7:3b:
62:3f:2e:b6:fe:9b:d7:b5:7b:0a:07:fc:d5:b5:12:
7d:18:4b:69:a7:14:da:fc:6f:01:cd:65:20:23:33:
1e:9a:88:86:4b:61:b7:e7:47:21:5e:94:61:ec:1e:
c5:61:98:ef:cc:f7:e5:fd:e2:85:c5:75:71:85:49:
7f:fe:e7:37:52:c2:cb:71:ff:b1:42:6b:d5:9d:74:
64:da:9f:d0:4c:01:cb:17:26:cc:cb:85:e9:a0:32:
8c:c9:6e:fb:e8:2d:11:a6:ec:0a:42:7f:83:74:40:
8f:49:4f:33:b1:f1:f1:20:45:4a:ba:21:b0:81:76:
90:a8:c2:07:c9:71:ba:2e:f0:4a:d8:e2:6a:96:37:
c2:a8:4f:75:16:ef:f4:73:76:52:4f:d9:62:c4:37:
ac:8e:84:54:fa:06:49:e2:39:11:04:fd:c9:0f:e5:
92:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:17:7F:5C:B0:3D:B1:EB:F8:D7:02:4D:C8:29:35:6C:35:76:93:EB
X509v3 Authority Key Identifier:
keyid:33:FE:80:AE:A1:00:E9:8C:0D:A5:D1:FF:EF:98:B3:71:D1:1E:DD:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M_6ArqEA6YwNpdH_75izcdEe3aI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/lhd_XLA9sev41wJNyCk1bDV2k-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/802525-5c2c-4564-ba5a-6cd659acbf07/1/M_6ArqEA6YwNpdH_75izcdEe3aI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.64.0/20
31.192.128.0/19
37.60.208.0/20
83.219.128.0/19
91.109.128.0/19
109.111.128.0/19
178.210.0.0/19
185.16.136.0/22
185.251.216.0/22
194.50.12.0/22
213.149.0.0/19
IPv6:
2a03:5800::/32
2a06:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
51:d0:bc:15:d4:62:a9:7a:03:a2:85:12:85:29:3f:fe:78:af:
d6:7e:f9:27:8c:f4:db:1e:08:c5:1b:c0:da:de:70:59:9a:c0:
79:31:f2:30:eb:b3:c5:34:5f:50:d6:fd:28:7a:53:ee:62:01:
ad:46:d8:46:6c:67:07:f2:7a:7d:ea:f5:b7:aa:18:da:c3:56:
47:c0:98:43:15:d0:a2:03:f6:9d:b6:4b:1f:32:53:c5:eb:89:
1e:0f:92:77:67:2d:94:3e:4c:fe:76:b4:60:71:cc:8b:9a:9a:
ef:47:ec:7b:ab:7e:eb:ea:54:89:49:92:dd:ae:3f:e7:5e:81:
06:64:45:53:42:b6:41:99:d2:16:63:c0:0a:79:4f:f0:f2:4f:
39:6a:ab:5f:f6:f7:cb:c9:a7:fa:80:9e:f2:10:ca:7b:46:18:
d3:bd:73:40:34:97:ba:08:f0:48:23:1b:ff:87:8f:4f:2d:66:
a5:2e:62:96:f1:3d:ec:be:51:5b:ac:63:36:77:da:1c:94:d2:
4d:9a:93:9a:a2:05:17:67:73:cf:07:d8:8f:61:ad:0e:32:3d:
d6:8b:5c:e6:82:17:af:ee:bb:59:30:4a:7b:5b:16:4f:c2:28:
e6:42:d8:1a:52:3c:22:3d:f2:db:1f:96:0a:53:2f:e6:c0:cf:
ca:dd:1d:b4
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEEHqnOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
M2ZlODBhZWExMDBlOThjMGRhNWQxZmZlZjk4YjM3MWQxMWVkZGEyMB4XDTIyMDEw
MTA4MDQxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYxNzdmNWNiMDNk
YjFlYmY4ZDcwMjRkYzgyOTM1NmMzNTc2OTNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCbs+oa/ZZQOlnW4fDE3GbhoPxh+ijbilalifmfYtWjOaQG
hlOWcbg1MXRcUWClgRKObYhnoxQTIOE+8eMIz12JPMxdp7FQgE7rsrumtoTOj/5x
ULVdUPc7Yj8utv6b17V7Cgf81bUSfRhLaacU2vxvAc1lICMzHpqIhktht+dHIV6U
YewexWGY78z35f3ihcV1cYVJf/7nN1LCy3H/sUJr1Z10ZNqf0EwByxcmzMuF6aAy
jMlu++gtEabsCkJ/g3RAj0lPM7Hx8SBFSrohsIF2kKjCB8lxui7wStjiapY3wqhP
dRbv9HN2Uk/ZYsQ3rI6EVPoGSeI5EQT9yQ/lkmsCAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBSWF39csD2x6/jXAk3IKTVsNXaT6zAfBgNVHSMEGDAWgBQz/oCuoQDpjA2l
0f/vmLNx0R7dojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01fNkFycUVBNll3TnBkSF83NWl6Y2RFZTNhSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8x
L2xoZF9YTEE5c2V2NDF3Sk55Q2sxYkRWMmstcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
ODAyNTI1LTVjMmMtNDU2NC1iYTVhLTZjZDY1OWFjYmYwNy8xL01fNkFycUVBNll3
TnBkSF83NWl6Y2RFZTNhSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwSAQCAAEwQgMEBAULQAMEBR/AgAMEBCU80AMEBVPb
gAMEBVttgAMEBW1vgAMEBbLSAAMEArkQiAMEArn72AMEAsIyDAMEBdWVADAUBAIA
AjAOAwUAKgNYAAMFACoGUMAwDQYJKoZIhvcNAQELBQADggEBAFHQvBXUYql6A6KF
EoUpP/54r9Z++SeM9NseCMUbwNrecFmawHkx8jDrs8U0X1DW/Sh6U+5iAa1G2EZs
Zwfyen3q9beqGNrDVkfAmEMV0KID9p22Sx8yU8XriR4PkndnLZQ+TP52tGBxzIua
mu9H7HurfuvqVIlJkt2uP+degQZkRVNCtkGZ0hZjwAp5T/DyTzlqq1/298vJp/qA
nvIQyntGGNO9c0A0l7oI8EgjG/+Hj08tZqUuYpbxPey+UVusYzZ32hyU0k2ak5qi
BRdnc88H2I9hrQ4yPdaLXOaCF6/uu1kwSntbFk/CKOZC2BpSPCI98tsflgpTL+bA
z8rdHbQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:12 2023 by rpki-client on console-fra.rpki-client.org