Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/LbE_1W9jVr9jA9Fadtzl5cWjGpA.roa
File: LbE_1W9jVr9jA9Fadtzl5cWjGpA.roa (raw, json)
Hash identifier: oXlhakZxJZjfHeObonvzi3taV+lNnYnmpERjShOjXCA=
Subject key identifier: 2D:B1:3F:D5:6F:63:56:BF:63:03:D1:5A:76:DC:E5:E5:C5:A3:1A:90
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0184FB87EFD352E0EC0F70EBA65F893F59DB
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/LbE_1W9jVr9jA9Fadtzl5cWjGpA.roa
Signing time: Sat 10 Dec 2022 10:15:00 +0000
ROA not before: Sat 10 Dec 2022 10:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 62.60.164.0/22 maxlen: 24
62.60.168.0/21 maxlen: 24
62.60.172.0/22 maxlen: 24
62.60.176.0/22 maxlen: 24
62.60.184.0/22 maxlen: 24
62.60.180.0/22 maxlen: 24
62.60.188.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:87:ef:d3:52:e0:ec:0f:70:eb:a6:5f:89:3f:59:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Dec 10 10:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2db13fd56f6356bf6303d15a76dce5e5c5a31a90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:17:46:dd:20:6c:ac:bb:b9:77:e7:b3:64:0a:
9e:a6:d2:78:1b:64:d2:bb:29:b6:f0:06:38:40:93:
1b:f0:c8:3d:a7:ef:ef:14:16:ec:1d:8c:46:b6:ed:
84:8b:29:3c:2a:12:62:2e:87:42:a6:68:a9:13:74:
3c:aa:45:1c:12:08:40:c0:b3:5b:c2:ea:b9:07:aa:
1b:a5:7d:13:fe:15:ab:f7:ca:42:c9:e7:20:74:c2:
1d:52:1b:85:d1:e7:33:57:a4:04:a1:6e:a5:56:f9:
1e:4e:a9:b4:64:f9:c9:89:54:d8:65:93:95:49:3a:
c9:a3:67:94:d1:bd:18:28:6f:11:15:d8:ff:2a:40:
1b:f7:69:d4:45:43:0e:0f:4a:ab:8d:93:39:bc:a0:
2e:03:31:3b:16:e5:9b:80:b1:48:3b:7e:5b:7c:91:
a7:67:4b:00:24:4c:62:8f:16:86:bb:a1:f9:d8:4f:
1d:19:1d:1e:eb:df:b8:0f:18:5b:c6:bd:87:01:24:
cd:cf:c4:3f:03:68:7d:30:67:89:52:45:a8:5f:74:
6b:ab:3c:1b:01:b0:9f:dc:a1:c9:d5:eb:8f:cb:27:
dd:78:0a:07:d9:fc:fd:68:c3:2b:5c:47:39:d5:41:
22:89:14:d5:68:49:8b:f7:e8:81:7d:f2:49:ce:8e:
d8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B1:3F:D5:6F:63:56:BF:63:03:D1:5A:76:DC:E5:E5:C5:A3:1A:90
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/LbE_1W9jVr9jA9Fadtzl5cWjGpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.164.0-62.60.191.255
Signature Algorithm: sha256WithRSAEncryption
6c:40:e3:c5:77:fd:d8:f5:42:a8:0b:c4:ee:05:de:a5:70:50:
13:05:28:65:95:a9:18:30:7c:24:83:bf:06:41:08:99:1f:d0:
1b:69:fe:90:f6:38:07:7d:ae:bc:0c:64:93:66:a5:ff:57:5e:
26:bf:52:14:88:a7:19:10:e3:24:7f:79:7f:94:8a:d5:3c:8d:
fa:71:95:e3:a8:a0:49:f8:f0:c9:d3:4d:83:92:49:6b:ab:b1:
51:cc:d5:be:0e:65:a5:ac:27:da:0c:82:3e:57:ee:bf:96:f9:
76:d8:f2:a3:50:0b:9e:c5:4e:b3:8b:1e:cf:fb:e9:e4:94:87:
c5:b2:7b:e4:4b:c4:b3:59:9d:15:12:ab:57:a8:ec:ad:c5:67:
1a:d2:39:39:52:4a:e4:c6:2d:41:73:99:37:15:e0:5b:f5:df:
df:62:10:94:81:23:26:01:13:f8:e6:81:84:ca:32:13:76:4e:
53:39:95:29:9d:73:0b:b2:17:20:22:15:7e:85:45:c0:da:f0:
37:e6:1c:34:ca:b5:1f:40:09:45:c6:29:ef:06:1f:32:d6:3b:
05:15:e9:e0:35:36:d8:c7:5e:90:48:65:db:60:d6:8e:09:f5:
b9:fc:7a:33:c8:cf:69:ed:56:e4:92:73:6d:52:3e:bc:4e:c0:
de:1e:30:de
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYT7h+/TUuDsD3Drpl+JP1nbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjEwMTAxNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGIxM2ZkNTZmNjM1NmJmNjMwM2QxNWE3NmRjZTVlNWM1YTMxYTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBdG3SBsrLu5d+ezZAqeptJ4G2TS
uym28AY4QJMb8Mg9p+/vFBbsHYxGtu2Eiyk8KhJiLodCpmipE3Q8qkUcEghAwLNb
wuq5B6obpX0T/hWr98pCyecgdMIdUhuF0eczV6QEoW6lVvkeTqm0ZPnJiVTYZZOV
STrJo2eU0b0YKG8RFdj/KkAb92nURUMOD0qrjZM5vKAuAzE7FuWbgLFIO35bfJGn
Z0sAJExijxaGu6H52E8dGR0e69+4Dxhbxr2HASTNz8Q/A2h9MGeJUkWoX3Rrqzwb
AbCf3KHJ1euPyyfdeAoH2fz9aMMrXEc51UEiiRTVaEmL9+iBffJJzo7YjwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC2xP9VvY1a/YwPRWnbc5eXFoxqQMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvTGJFXzFXOWpWcjlqQTlGYWR0emw1Y1dqR3BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAI+PKQD
BAY+PIAwDQYJKoZIhvcNAQELBQADggEBAGxA48V3/dj1QqgLxO4F3qVwUBMFKGWV
qRgwfCSDvwZBCJkf0Btp/pD2OAd9rrwMZJNmpf9XXia/UhSIpxkQ4yR/eX+UitU8
jfpxleOooEn48MnTTYOSSWursVHM1b4OZaWsJ9oMgj5X7r+W+XbY8qNQC57FTrOL
Hs/76eSUh8Wye+RLxLNZnRUSq1eo7K3FZxrSOTlSSuTGLUFzmTcV4Fv1399iEJSB
IyYBE/jmgYTKMhN2TlM5lSmdcwuyFyAiFX6FRcDa8DfmHDTKtR9ACUXGKe8GHzLW
OwUV6eA1NtjHXpBIZdtg1o4J9bn8ejPIz2ntVuSSc21SPrxOwN4eMN4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org