Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/lxqF1anNVzFaUmY7Strj51qXKiY.roa
File: lxqF1anNVzFaUmY7Strj51qXKiY.roa (raw, json)
Hash identifier: 8t0mXVvhf1vatSJQ92pfK8Xmg9nmy+mB9BKBX5veORQ=
Subject key identifier: 97:1A:85:D5:A9:CD:57:31:5A:52:66:3B:4A:DA:E3:E7:5A:97:2A:26
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0182CAD41FC4B114B6C2D8D06646A17B91A5
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/lxqF1anNVzFaUmY7Strj51qXKiY.roa
Signing time: Tue 23 Aug 2022 13:11:15 +0000
ROA not before: Tue 23 Aug 2022 13:11:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 185.126.158.0/23 maxlen: 24
91.221.116.0/23 maxlen: 24
91.221.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ca:d4:1f:c4:b1:14:b6:c2:d8:d0:66:46:a1:7b:91:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Aug 23 13:11:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=971a85d5a9cd57315a52663b4adae3e75a972a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:77:89:8c:d4:39:72:58:64:86:ef:5f:7f:c1:
9a:d0:45:46:ed:e1:90:d3:ea:a9:f2:80:89:8b:79:
1d:1a:44:ef:b7:06:4e:b0:bb:de:4a:52:ae:fb:dc:
71:7b:14:6d:b3:68:5d:c5:07:5a:84:c8:29:f1:b6:
97:f4:f0:69:e3:2f:15:70:b7:36:5d:6d:e0:14:f8:
99:7d:8b:5d:15:32:46:6e:cd:d2:24:df:f8:f6:be:
f3:4c:6e:66:c7:be:98:c9:7d:f6:0b:63:3a:77:fc:
c4:6b:fc:27:c8:e4:d8:5a:48:03:47:1e:42:38:e5:
10:18:aa:e4:7e:d8:47:9d:6d:b5:9c:ec:30:17:a0:
8a:fe:96:75:a8:ba:5f:d9:49:26:e2:a1:06:17:1d:
1d:a6:7d:f0:7a:84:17:f6:57:bf:87:4f:27:ba:3d:
3e:6e:ad:fb:9e:36:82:0f:fb:10:26:6b:25:5d:1b:
5d:33:93:c0:ec:eb:3d:5d:aa:34:c5:bb:dd:d1:b5:
ea:9a:f1:d6:8e:f4:9a:6e:94:72:1d:d5:45:b2:eb:
21:21:ab:a5:15:89:f7:fe:8a:0f:f1:d0:9d:17:52:
c1:b2:ba:3e:3c:48:6f:43:73:81:29:00:89:65:65:
9c:b4:c8:5d:0b:29:10:60:06:d7:46:dc:05:0f:88:
9a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1A:85:D5:A9:CD:57:31:5A:52:66:3B:4A:DA:E3:E7:5A:97:2A:26
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/lxqF1anNVzFaUmY7Strj51qXKiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/23
91.221.232.0/24
185.126.158.0/23
Signature Algorithm: sha256WithRSAEncryption
22:1c:46:2e:59:54:2b:11:bd:33:75:85:d7:56:57:e5:88:8a:
41:5b:3e:72:de:a5:14:29:0e:63:7d:10:73:5b:70:05:7e:30:
1b:39:aa:e7:bb:5d:74:09:69:4b:14:15:c7:cb:21:eb:b2:c7:
65:56:57:e6:b7:a1:09:80:7d:49:d7:23:fc:5b:99:bb:44:26:
0d:99:69:dd:df:c0:22:b6:71:52:5b:0a:b8:2e:56:af:de:16:
6a:27:16:ac:45:d2:bc:1a:b3:d5:e7:6b:37:07:8d:8b:d1:a3:
2a:92:3b:5b:bb:2e:cf:5c:21:8a:80:df:c1:c3:b9:27:44:ff:
e3:51:38:8c:af:70:82:0b:a9:c8:fa:5c:aa:75:9d:d7:f7:06:
db:63:a1:f9:9a:4b:21:d3:e9:d8:ea:81:4a:2e:c4:6a:a0:a2:
ef:c2:fa:c9:e8:89:90:b0:e8:cc:f0:25:b3:6e:1d:82:62:bf:
11:29:88:b1:a5:a1:68:25:48:d2:8a:85:59:84:e5:1f:e7:93:
63:f1:a3:09:cd:31:42:e6:bd:38:cd:09:c3:42:80:6e:ee:b4:
03:44:f2:d1:b7:21:32:8a:36:38:dc:90:f7:00:e9:21:81:18:
16:f4:1c:c3:08:1c:dd:f9:59:2c:45:66:70:3b:15:6f:32:b5:
57:b0:0e:3d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYLK1B/EsRS2wtjQZkahe5GlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjIwODIzMTMxMTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzFhODVkNWE5Y2Q1NzMxNWE1MjY2M2I0YWRhZTNlNzVhOTcyYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3eJjNQ5clhkhu9ff8Ga0EVG7eGQ
0+qp8oCJi3kdGkTvtwZOsLveSlKu+9xxexRts2hdxQdahMgp8baX9PBp4y8VcLc2
XW3gFPiZfYtdFTJGbs3SJN/49r7zTG5mx76YyX32C2M6d/zEa/wnyOTYWkgDRx5C
OOUQGKrkfthHnW21nOwwF6CK/pZ1qLpf2Ukm4qEGFx0dpn3weoQX9le/h08nuj0+
bq37njaCD/sQJmslXRtdM5PA7Os9Xao0xbvd0bXqmvHWjvSabpRyHdVFsushIaul
FYn3/ooP8dCdF1LBsro+PEhvQ3OBKQCJZWWctMhdCykQYAbXRtwFD4iawQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJcahdWpzVcxWlJmO0ra4+dalyomMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvbHhxRjFhbk5WekZhVW1ZN1N0cmo1MXFYS2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW910AwQA
W93oAwQBuX6eMA0GCSqGSIb3DQEBCwUAA4IBAQAiHEYuWVQrEb0zdYXXVlfliIpB
Wz5y3qUUKQ5jfRBzW3AFfjAbOarnu110CWlLFBXHyyHrssdlVlfmt6EJgH1J1yP8
W5m7RCYNmWnd38AitnFSWwq4Llav3hZqJxasRdK8GrPV52s3B42L0aMqkjtbuy7P
XCGKgN/Bw7knRP/jUTiMr3CCC6nI+lyqdZ3X9wbbY6H5mksh0+nY6oFKLsRqoKLv
wvrJ6ImQsOjM8CWzbh2CYr8RKYixpaFoJUjSioVZhOUf55Nj8aMJzTFC5r04zQnD
QoBu7rQDRPLRtyEyijY43JD3AOkhgRgW9BzDCBzd+VksRWZwOxVvMrVXsA49
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:38 2024 by rpki-client on console-ams.rpki-client.org