Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/lZ87HRA5se5Pj23NarF8ZuJgAm4.roa
File: lZ87HRA5se5Pj23NarF8ZuJgAm4.roa (raw, json)
Hash identifier: 5y6XuDI+F5b1G3EEDzmhWQsnUtyF3FVKe8MtAPAq4Js=
Subject key identifier: 95:9F:3B:1D:10:39:B1:EE:4F:8F:6D:CD:6A:B1:7C:66:E2:60:02:6E
Certificate issuer: /CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Certificate serial: 38230D24
Authority key identifier: BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/lZ87HRA5se5Pj23NarF8ZuJgAm4.roa
Signing time: Sat 01 Jan 2022 15:02:15 +0000
ROA not before: Sat 01 Jan 2022 15:02:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8767
IP address blocks: 82.135.0.0/17 maxlen: 17
46.244.128.0/17 maxlen: 17
212.18.0.0/19 maxlen: 19
62.216.192.0/19 maxlen: 19
185.17.204.0/22 maxlen: 22
213.179.128.0/19 maxlen: 19
80.81.0.0/19 maxlen: 19
212.114.128.0/17 maxlen: 17
62.245.128.0/17 maxlen: 17
93.104.0.0/16 maxlen: 16
212.204.64.0/18 maxlen: 18
212.204.75.0/24 maxlen: 24
188.174.0.0/16 maxlen: 16
83.171.128.0/18 maxlen: 18
88.217.0.0/16 maxlen: 16
2001:a60::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 941821220 (0x38230d24)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb8e2f5ac7cbe62117da478ac0c027ad6d843c56
Validity
Not Before: Jan 1 15:02:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=959f3b1d1039b1ee4f8f6dcd6ab17c66e260026e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:5c:63:46:4a:bf:30:09:45:50:c5:0a:8b:
15:6f:45:4f:3c:ef:eb:c5:84:e2:84:d6:12:3d:a8:
a9:8d:35:2a:2f:cd:dc:08:ee:0b:1e:bd:b7:f8:2f:
d3:27:72:5c:48:d3:50:67:85:9b:3d:b7:a9:98:8f:
b6:e7:58:90:7c:fe:19:73:da:91:11:26:2a:f0:31:
4d:e4:9c:7c:9f:b8:c5:9d:90:fb:db:7d:07:e3:be:
39:3c:c5:b0:2c:30:ef:fa:5e:35:40:c9:98:84:ad:
8a:53:b0:64:47:35:04:03:56:f7:df:d0:40:9e:11:
76:b6:08:84:2d:a4:31:90:f4:ef:29:2d:b9:ec:05:
57:08:81:8f:5c:9a:e3:8b:5b:f8:2b:45:21:23:cd:
43:92:5f:aa:43:64:d0:13:3c:e7:28:5a:a2:07:d0:
32:a3:08:08:45:cd:74:78:61:d1:33:5a:18:18:5a:
ef:ae:28:b2:4c:6a:01:84:88:65:96:11:82:6c:67:
b2:b9:84:ed:08:73:1e:8b:b1:01:47:34:c6:db:0e:
18:32:c7:a4:b5:63:3f:40:28:b7:a8:22:b2:7b:d3:
52:de:7c:6b:c9:65:f7:d9:88:8c:44:1e:72:15:a6:
14:95:d9:20:ad:df:65:f5:51:a3:b1:74:49:90:8a:
1c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:3B:1D:10:39:B1:EE:4F:8F:6D:CD:6A:B1:7C:66:E2:60:02:6E
X509v3 Authority Key Identifier:
keyid:BB:8E:2F:5A:C7:CB:E6:21:17:DA:47:8A:C0:C0:27:AD:6D:84:3C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u44vWsfL5iEX2keKwMAnrW2EPFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/lZ87HRA5se5Pj23NarF8ZuJgAm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/d208a0-e436-4896-bef2-3b9db05d2384/1/u44vWsfL5iEX2keKwMAnrW2EPFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.244.128.0/17
62.216.192.0/19
62.245.128.0/17
80.81.0.0/19
82.135.0.0/17
83.171.128.0/18
88.217.0.0/16
93.104.0.0/16
185.17.204.0/22
188.174.0.0/16
212.18.0.0/19
212.114.128.0/17
212.204.64.0/18
213.179.128.0/19
IPv6:
2001:a60::/29
Signature Algorithm: sha256WithRSAEncryption
dc:63:d1:fa:5a:a3:00:fa:db:fd:d4:d7:8c:2f:90:f1:57:ac:
3f:03:45:9c:7d:d9:f5:79:e6:bd:be:a6:30:b9:77:e1:3e:d9:
11:09:3a:11:dc:c6:be:74:c9:8f:83:58:fd:d4:ad:1a:e6:ee:
15:4e:90:17:1c:1b:e4:1d:19:69:e3:66:37:9c:f4:93:a3:43:
f7:e6:65:ee:e4:1a:07:0d:0b:99:01:62:04:22:d7:75:7b:82:
f9:e2:5c:f4:25:5b:f0:96:95:23:ee:3e:f2:95:3f:1c:b1:ff:
87:47:dd:ed:5b:54:60:4f:d5:97:dc:9b:ce:53:fe:df:b5:44:
26:fa:54:4d:2b:7f:0d:76:4e:05:5e:03:f4:08:69:21:72:8b:
cd:64:c1:40:a2:5e:97:69:ca:c6:66:57:ff:5d:6a:38:bf:fc:
29:16:51:bd:e1:c7:5b:9a:d9:27:68:1a:ac:37:d9:90:9f:c6:
2b:81:77:d1:61:75:b5:96:6b:da:97:b6:90:20:83:ea:35:e7:
9f:e8:5d:7a:45:aa:d4:f8:73:5b:d3:fd:cb:37:d4:e9:de:cf:
d2:b7:d8:8d:64:73:31:27:20:63:3b:2e:63:41:b2:e2:4f:ec:
f3:11:2c:a9:22:61:b5:99:7c:0b:45:46:19:bd:00:f1:f3:fc:
95:23:dd:61
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEOCMNJDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjhlMmY1YWM3Y2JlNjIxMTdkYTQ3OGFjMGMwMjdhZDZkODQzYzU2MB4XDTIyMDEw
MTE1MDIxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU5ZjNiMWQxMDM5
YjFlZTRmOGY2ZGNkNmFiMTdjNjZlMjYwMDI2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNQXGNGSr8wCUVQxQqLFW9FTzzv68WE4oTWEj2oqY01Ki/N
3AjuCx69t/gv0ydyXEjTUGeFmz23qZiPtudYkHz+GXPakREmKvAxTeScfJ+4xZ2Q
+9t9B+O+OTzFsCww7/peNUDJmIStilOwZEc1BANW99/QQJ4RdrYIhC2kMZD07ykt
uewFVwiBj1ya44tb+CtFISPNQ5JfqkNk0BM85yhaogfQMqMICEXNdHhh0TNaGBha
764oskxqAYSIZZYRgmxnsrmE7QhzHouxAUc0xtsOGDLHpLVjP0Aot6gisnvTUt58
a8ll99mIjEQechWmFJXZIK3fZfVRo7F0SZCKHN8CAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBSVnzsdEDmx7k+Pbc1qsXxm4mACbjAfBgNVHSMEGDAWgBS7ji9ax8vmIRfa
R4rAwCetbYQ8VjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U0NHZXc2ZMNWlFWDJrZUt3TUFuclcyRVBGWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvZDIwOGEwLWU0MzYtNDg5Ni1iZWYyLTNiOWRiMDVkMjM4NC8x
L2xaODdIUkE1c2U1UGoyM05hckY4WnVKZ0FtNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
ZDIwOGEwLWU0MzYtNDg5Ni1iZWYyLTNiOWRiMDVkMjM4NC8xL3U0NHZXc2ZMNWlF
WDJrZUt3TUFuclcyRVBGWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwVwQCAAEwUQMEBy70gAMEBT7YwAMEBz71gAMEBVBR
AAMEB1KHAAMEBlOrgAMDAFjZAwMAXWgDBAK5EcwDAwC8rgMEBdQSAAMEB9RygAME
BtTMQAMEBdWzgDANBAIAAjAHAwUDIAEKYDANBgkqhkiG9w0BAQsFAAOCAQEA3GPR
+lqjAPrb/dTXjC+Q8VesPwNFnH3Z9Xnmvb6mMLl34T7ZEQk6EdzGvnTJj4NY/dSt
GubuFU6QFxwb5B0ZaeNmN5z0k6ND9+Zl7uQaBw0LmQFiBCLXdXuC+eJc9CVb8JaV
I+4+8pU/HLH/h0fd7VtUYE/Vl9ybzlP+37VEJvpUTSt/DXZOBV4D9AhpIXKLzWTB
QKJel2nKxmZX/11qOL/8KRZRveHHW5rZJ2garDfZkJ/GK4F30WF1tZZr2pe2kCCD
6jXnn+hdekWq1PhzW9P9yzfU6d7P0rfYjWRzMScgYzsuY0Gy4k/s8xEsqSJhtZl8
C0VGGb0A8fP8lSPdYQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:10 2024 by rpki-client on console-ams.rpki-client.org