Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LFlt9gCvGsaw2TRAESnJRQF4CQo.roa
File: LFlt9gCvGsaw2TRAESnJRQF4CQo.roa (raw, json)
Hash identifier: 0jX52j5Sq6Wlaqcdk6t9hpedPfaAo2JBeEVFgee3rUM=
Subject key identifier: 2C:59:6D:F6:00:AF:1A:C6:B0:D9:34:40:11:29:C9:45:01:78:09:0A
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 073010D2
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LFlt9gCvGsaw2TRAESnJRQF4CQo.roa
Signing time: Thu 13 Jan 2022 13:31:06 +0000
ROA not before: Thu 13 Jan 2022 13:31:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 77.83.39.0/24 maxlen: 24
193.30.241.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
45.151.2.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.144.214.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
77.83.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120590546 (0x73010d2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Jan 13 13:31:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c596df600af1ac6b0d934401129c9450178090a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ad:31:e1:16:cb:d7:d8:4d:dc:30:d7:77:85:
9a:62:63:7c:1e:d7:0c:81:23:cc:7e:80:fa:ca:c4:
21:30:ca:82:9d:8a:f4:9c:eb:e5:20:e9:57:ae:1f:
01:ce:de:3b:a2:d5:7f:77:19:ea:95:00:55:fc:80:
50:ce:e6:39:1b:de:d4:51:7f:b8:6e:34:4e:ea:34:
81:ec:ec:cc:9f:e4:6c:30:a5:3b:1a:20:83:04:72:
6e:38:99:48:d3:4c:e0:e1:7c:e1:cd:d6:85:8b:33:
50:f6:17:37:47:ab:95:8d:8f:67:8b:0b:e5:c0:1f:
64:3f:63:46:18:8d:0b:9a:df:30:ff:a6:f7:81:fa:
73:69:97:a3:98:f2:ef:c4:b1:f1:cc:4c:5d:c3:1f:
f1:c3:c4:6a:7d:c3:7a:68:23:0d:64:e9:fe:81:df:
f4:3e:32:0f:e1:31:08:a3:2d:5e:da:69:2f:92:92:
e6:31:65:5b:a3:a2:12:76:4a:ae:70:d3:c1:59:fd:
79:44:a8:ac:a6:38:76:5a:7c:4d:d3:d9:f7:c8:8a:
cd:7f:a1:df:28:97:4c:2c:36:fa:b3:68:1f:26:8d:
56:0e:67:57:7a:cc:d9:79:d2:53:5f:c1:d2:68:4c:
cc:89:c7:01:55:54:5f:86:a5:90:6d:97:07:9a:f4:
47:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:59:6D:F6:00:AF:1A:C6:B0:D9:34:40:11:29:C9:45:01:78:09:0A
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/LFlt9gCvGsaw2TRAESnJRQF4CQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.188.0/23
45.88.136.0/24
45.132.181.0/24
45.144.214.0/24
45.151.2.0/24
77.83.38.0/23
85.209.122.0/24
193.30.241.0/24
195.177.92.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:4a:fa:a4:b6:19:1e:c3:f9:10:d6:ee:24:f0:74:56:16:ee:
d3:52:03:65:45:48:4a:5d:e4:d1:ad:35:81:0d:36:9c:59:83:
a8:b5:d4:50:5d:94:91:8f:15:ab:96:d5:31:ca:d0:88:e0:72:
91:41:f0:2d:be:5b:22:5d:8b:05:af:4c:33:7b:c0:4e:a0:dd:
39:da:be:eb:21:da:24:ab:3b:55:31:1c:e5:43:d4:9f:eb:8a:
be:b3:cc:68:91:f2:23:02:dc:18:e3:e2:28:e0:b4:a9:38:2f:
5c:85:63:d3:75:fc:41:31:ec:30:5a:81:17:e9:77:4b:f7:08:
40:00:37:75:77:02:a0:8e:8a:a7:d8:cb:62:07:6c:f7:45:2f:
e4:54:d5:96:e8:b0:f8:0c:f7:1a:35:88:b8:de:0d:8e:ca:a3:
28:09:db:1d:08:b9:3e:d4:6f:18:4b:2f:58:db:5d:fb:4c:bf:
aa:89:a7:82:4f:0e:c6:91:e9:ac:36:75:4c:3d:6b:e1:e2:e5:
7d:d3:71:e1:cc:30:9a:d5:f3:24:17:16:d4:ef:a9:8b:15:41:
dc:6f:d7:6d:cf:7d:d5:52:38:e2:84:ad:d5:3e:27:a2:f4:9d:
f5:1c:dc:9d:e2:02:2a:da:3c:54:bc:a3:9f:6c:43:d6:f5:d1:
fe:1f:bd:bb
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBzAQ0jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZDJhNDc4YmIwYjA4ZTY2MWIwYjJmOWZiZTg5MzViYzljMmEyOGExMB4XDTIyMDEx
MzEzMzEwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM1OTZkZjYwMGFm
MWFjNmIwZDkzNDQwMTEyOWM5NDUwMTc4MDkwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOytMeEWy9fYTdww13eFmmJjfB7XDIEjzH6A+srEITDKgp2K
9Jzr5SDpV64fAc7eO6LVf3cZ6pUAVfyAUM7mORve1FF/uG40Tuo0gezszJ/kbDCl
OxoggwRybjiZSNNM4OF84c3WhYszUPYXN0erlY2PZ4sL5cAfZD9jRhiNC5rfMP+m
94H6c2mXo5jy78Sx8cxMXcMf8cPEan3DemgjDWTp/oHf9D4yD+ExCKMtXtppL5KS
5jFlW6OiEnZKrnDTwVn9eUSorKY4dlp8TdPZ98iKzX+h3yiXTCw2+rNoHyaNVg5n
V3rM2XnSU1/B0mhMzInHAVVUX4alkG2XB5r0RzUCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQsWW32AK8axrDZNEARKclFAXgJCjAfBgNVHSMEGDAWgBSdKkeLsLCOZhsL
L5++iTW8nCoooTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25TcEhpN0N3am1ZYkN5LWZ2b2sxdkp3cUtLRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvNjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8x
L0xGbHQ5Z0N2R3NhdzJUUkFFU25KUlFGNENRby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
NjYzZGY1LTU4MGMtNGYyYy1hNjZjLWVlZjM1MTFmNmM2MC8xL25TcEhpN0N3am1Z
YkN5LWZ2b2sxdkp3cUtLRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAS0NvAMEAC1YiAMEAC2EtQMEAC2Q
1gMEAC2XAgMEAU1TJgMEAFXRegMEAMEe8QMEAMOxXDANBgkqhkiG9w0BAQsFAAOC
AQEAn0r6pLYZHsP5ENbuJPB0Vhbu01IDZUVISl3k0a01gQ02nFmDqLXUUF2UkY8V
q5bVMcrQiOBykUHwLb5bIl2LBa9MM3vATqDdOdq+6yHaJKs7VTEc5UPUn+uKvrPM
aJHyIwLcGOPiKOC0qTgvXIVj03X8QTHsMFqBF+l3S/cIQAA3dXcCoI6Kp9jLYgds
90Uv5FTVluiw+Az3GjWIuN4NjsqjKAnbHQi5PtRvGEsvWNtd+0y/qomngk8OxpHp
rDZ1TD1r4eLlfdNx4cwwmtXzJBcW1O+pixVB3G/Xbc991VI44oSt1T4novSd9Rzc
neICKto8VLyjn2xD1vXR/h+9uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:18 2024 by rpki-client on console-ams.rpki-client.org