Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/LukLHUZXP-6ESPmR6XNSSvHopR0.roa
File: LukLHUZXP-6ESPmR6XNSSvHopR0.roa (raw, json)
Hash identifier: 3Eeap9cQdy24kETb9XEFROP0LYPqJjkgSRyXFKUY2bo=
Subject key identifier: 2E:E9:0B:1D:46:57:3F:EE:84:48:F9:91:E9:73:52:4A:F1:E8:A5:1D
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 41F5E189
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/LukLHUZXP-6ESPmR6XNSSvHopR0.roa
Signing time: Sat 01 Jan 2022 16:05:07 +0000
ROA not before: Sat 01 Jan 2022 16:05:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201250
IP address blocks: 213.59.158.0/24 maxlen: 24
213.59.155.0/24 maxlen: 24
217.107.197.0/24 maxlen: 24
217.107.198.0/24 maxlen: 24
217.107.196.0/22 maxlen: 22
213.59.132.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1106633097 (0x41f5e189)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 16:05:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ee90b1d46573fee8448f991e973524af1e8a51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:86:d9:bf:c2:2a:55:93:f7:bb:d4:7b:57:4d:
63:6d:a8:4d:6d:a0:57:c6:10:1c:b6:d5:32:ad:06:
8f:b6:49:9c:1d:73:57:1d:33:3a:ec:82:d9:f4:da:
8e:cc:8e:5f:05:ae:9c:26:65:80:a4:4c:38:26:cf:
b4:d6:99:2c:5e:24:25:e3:b9:ea:67:81:83:6d:fb:
35:25:ad:d3:c4:63:f0:c6:70:e6:a0:40:4c:66:ec:
6f:04:3e:74:c0:5d:72:b7:12:51:20:b9:aa:52:74:
fb:03:2e:72:73:88:b8:d7:f4:e7:90:2c:16:d5:ef:
c8:8c:4a:d9:24:c7:d9:f2:59:64:0b:e5:89:47:a2:
9e:1e:45:12:97:35:65:23:3c:53:7e:11:e6:74:1a:
87:80:ab:08:15:c3:ef:dc:6c:48:7a:33:20:bf:24:
46:fc:19:73:1f:1c:fa:37:4b:5f:23:cb:a1:95:e0:
70:77:33:4e:61:2d:ca:8c:d1:da:bf:f1:a3:a3:e3:
c3:43:a8:58:d5:51:19:e3:bc:83:1e:97:92:94:c2:
cd:07:fa:24:cb:00:a9:52:0e:0b:bd:eb:ad:e4:c5:
b3:0f:24:16:79:c4:3f:d8:3e:06:23:e1:74:64:52:
3f:e5:2e:13:31:fa:c1:b7:17:d9:0a:ab:e8:85:bb:
a2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E9:0B:1D:46:57:3F:EE:84:48:F9:91:E9:73:52:4A:F1:E8:A5:1D
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/LukLHUZXP-6ESPmR6XNSSvHopR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.59.132.0/22
213.59.155.0/24
213.59.158.0/24
217.107.196.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:f1:1f:72:12:ab:47:9c:fe:28:20:21:e8:c2:d0:2b:2e:c9:
6d:32:ac:a7:94:7e:db:34:18:b5:91:45:13:a8:c7:e1:1d:2f:
ea:8e:f0:56:9c:8b:ce:be:e0:ab:3c:6e:b5:db:05:14:c8:67:
3c:b7:49:5b:92:f5:4f:37:b6:89:42:e9:f0:d1:43:39:d6:47:
01:d4:e7:28:d7:be:fe:92:d9:9f:3a:3b:1b:98:b9:a1:62:d9:
6e:d2:4b:cc:d7:15:5b:5c:90:45:09:cc:ce:e6:93:19:67:3c:
0c:1f:5f:6f:81:fd:33:fa:4c:a1:43:7f:51:f9:55:55:95:b5:
59:c7:aa:19:ab:3b:c0:64:db:00:6c:9b:48:fd:e6:27:76:91:
aa:d8:da:84:3f:5e:97:22:55:3e:f7:b9:fd:ce:46:45:07:cd:
5d:de:d7:bc:46:35:34:b6:ee:e2:27:a1:74:93:c2:05:c7:37:
11:06:20:af:10:8c:1d:5e:67:8c:54:05:29:a3:15:4d:24:4a:
b1:e7:9f:54:36:e2:d3:52:a1:34:c8:ff:23:12:15:bf:6f:1e:
d0:91:87:ff:da:04:fd:48:38:c7:ac:98:c5:18:a7:b0:24:6c:
8e:de:4e:5e:d2:2c:0c:2d:cd:af:ad:f2:df:b9:5a:01:5d:5f:
94:45:31:6e
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEQfXhiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MmY0YjFjMGJmYmFkNDZiODExZWVlNTY4YTE4ZmJhYTE0YTlkNjg3MB4XDTIyMDEw
MTE2MDUwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVlOTBiMWQ0NjU3
M2ZlZTg0NDhmOTkxZTk3MzUyNGFmMWU4YTUxZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANGG2b/CKlWT97vUe1dNY22oTW2gV8YQHLbVMq0Gj7ZJnB1z
Vx0zOuyC2fTajsyOXwWunCZlgKRMOCbPtNaZLF4kJeO56meBg237NSWt08Rj8MZw
5qBATGbsbwQ+dMBdcrcSUSC5qlJ0+wMucnOIuNf055AsFtXvyIxK2STH2fJZZAvl
iUeinh5FEpc1ZSM8U34R5nQah4CrCBXD79xsSHozIL8kRvwZcx8c+jdLXyPLoZXg
cHczTmEtyozR2r/xo6Pjw0OoWNVRGeO8gx6XkpTCzQf6JMsAqVIOC73rreTFsw8k
FnnEP9g+BiPhdGRSP+UuEzH6wbcX2Qqr6IW7ok8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQu6QsdRlc/7oRI+ZHpc1JK8eilHTAfBgNVHSMEGDAWgBSS9LHAv7rUa4Ee
7laKGPuqFKnWhzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2t2U3h3TC02MUd1Qkh1NVdpaGo3cWhTcDFvYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvNGY4NTE0LTJlMjAtNDkzNS05OTVjLWEwODRmNzZjOGUyYi8x
L0x1a0xIVVpYUC02RVNQbVI2WE5TU3ZIb3BSMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
NGY4NTE0LTJlMjAtNDkzNS05OTVjLWEwODRmNzZjOGUyYi8xL2t2U3h3TC02MUd1
Qkh1NVdpaGo3cWhTcDFvYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAtU7hAMEANU7mwMEANU7ngMEAtlr
xDANBgkqhkiG9w0BAQsFAAOCAQEAmvEfchKrR5z+KCAh6MLQKy7JbTKsp5R+2zQY
tZFFE6jH4R0v6o7wVpyLzr7gqzxutdsFFMhnPLdJW5L1Tze2iULp8NFDOdZHAdTn
KNe+/pLZnzo7G5i5oWLZbtJLzNcVW1yQRQnMzuaTGWc8DB9fb4H9M/pMoUN/UflV
VZW1WceqGas7wGTbAGybSP3mJ3aRqtjahD9elyJVPve5/c5GRQfNXd7XvEY1NLbu
4iehdJPCBcc3EQYgrxCMHV5njFQFKaMVTSRKseefVDbi01KhNMj/IxIVv28e0JGH
/9oE/Ug4x6yYxRinsCRsjt5OXtIsDC3Nr63y37laAV1flEUxbg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:03 2023 by rpki-client on console-ams.rpki-client.org