Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/L-SoVbsAnycDzXZ16TpvfjRtDPI.roa
File: L-SoVbsAnycDzXZ16TpvfjRtDPI.roa (raw, json)
Hash identifier: rFKo5o1WKMwWOnxn6TNSuq+aDFUpyKUyvkf9shKexsE=
Subject key identifier: 2F:E4:A8:55:BB:00:9F:27:03:CD:76:75:E9:3A:6F:7E:34:6D:0C:F2
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 09B32A95
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/L-SoVbsAnycDzXZ16TpvfjRtDPI.roa
Signing time: Sat 01 Jan 2022 13:55:42 +0000
ROA not before: Sat 01 Jan 2022 13:55:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16376
IP address blocks: 185.68.0.0/22 maxlen: 24
185.122.216.0/22 maxlen: 24
185.71.24.0/22 maxlen: 24
37.35.88.0/21 maxlen: 24
94.199.184.0/21 maxlen: 24
2a0a:fd80::/29 maxlen: 36
2a03:25e0::/32 maxlen: 40
2a01:b280::/29 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 162736789 (0x9b32a95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 13:55:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fe4a855bb009f2703cd7675e93a6f7e346d0cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:eb:59:2d:50:d6:84:c6:55:75:70:94:c1:68:
82:33:73:0a:27:be:2c:5c:15:d4:78:42:fb:8c:e8:
b6:01:90:97:40:52:a4:75:1d:33:44:98:88:0f:e0:
d9:0a:b0:1a:57:40:2a:c3:a8:e4:02:e5:36:1e:0e:
25:c9:ef:7a:6a:0d:19:8a:d0:06:9f:43:8d:a9:05:
7a:76:48:3e:cc:da:f9:c9:75:a9:0d:6c:10:01:e2:
1e:83:07:ed:42:89:6f:0c:44:c4:88:60:45:35:ca:
ee:55:88:7c:c8:f7:6e:92:93:1a:80:d8:18:19:41:
37:99:63:07:f3:c1:db:38:f9:59:81:27:2b:e3:5d:
22:04:96:33:fc:5f:01:5f:86:d0:85:e7:60:de:cf:
1c:0a:72:ca:9d:40:50:48:8c:43:27:75:4d:31:74:
5f:a5:5a:ac:ae:8d:29:0e:c5:8e:0a:f0:40:ee:06:
0c:d4:c6:90:d9:60:31:35:17:4d:bf:5a:5c:2b:1f:
8d:76:72:52:7f:9d:c3:1f:95:32:1c:e3:c0:59:db:
98:68:08:a4:80:f1:7b:e5:82:a8:7d:38:9e:73:d7:
00:6a:fc:cf:8c:47:ae:54:b9:42:d5:e9:de:7a:c3:
a8:87:d0:d8:5c:96:91:22:b2:98:c5:9b:0a:45:72:
65:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:E4:A8:55:BB:00:9F:27:03:CD:76:75:E9:3A:6F:7E:34:6D:0C:F2
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/L-SoVbsAnycDzXZ16TpvfjRtDPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.35.88.0/21
94.199.184.0/21
185.68.0.0/22
185.71.24.0/22
185.122.216.0/22
IPv6:
2a01:b280::/29
2a03:25e0::/32
2a0a:fd80::/29
Signature Algorithm: sha256WithRSAEncryption
00:88:ed:ef:25:5b:d0:65:4a:5b:d7:06:50:d7:b2:7a:bd:25:
50:10:19:e5:b9:cc:62:d4:09:df:8a:1c:db:1d:0f:62:20:25:
3d:e9:85:58:6a:30:89:e4:49:2f:c4:04:0e:b8:82:4a:8c:94:
72:94:a1:30:a6:90:ef:ba:53:93:16:9a:f2:0c:43:05:80:d3:
a9:e9:1a:0d:c3:a4:59:62:9e:71:d4:9e:8e:3d:57:30:5d:f3:
0d:94:26:bb:b3:63:d7:c6:9b:0a:cd:4f:47:c8:eb:d7:37:c8:
e5:7c:08:fa:7b:65:61:77:7f:31:61:08:49:7f:91:82:2c:d5:
7d:ba:18:78:9c:80:9e:3d:b4:6f:4e:14:a6:e5:11:93:f0:11:
a6:aa:f9:d3:48:57:01:19:6f:02:cc:c4:89:f1:ca:d9:35:d1:
69:88:fd:aa:b3:7b:41:25:15:cf:82:03:53:10:cb:cc:f6:33:
8d:ae:bc:a3:cb:70:09:8a:17:ff:62:42:53:0c:34:e1:65:d1:
f2:71:b5:c3:03:ce:c9:a4:88:26:8e:b2:65:cb:72:4b:f5:c3:
f9:e1:cd:ba:02:20:e2:b5:61:5d:4e:66:cc:8b:78:1a:fd:b2:
58:07:c7:73:85:0e:3a:ba:f6:5b:90:b8:ef:2a:1d:ef:94:83:
26:39:8e:99
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIECbMqlTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ODRkNjFjZDE3ZWQ5MmU1NGJiMzM5N2YxZTVhNmIzOTA0YWM2ZjA1MB4XDTIyMDEw
MTEzNTU0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZlNGE4NTViYjAw
OWYyNzAzY2Q3Njc1ZTkzYTZmN2UzNDZkMGNmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANXrWS1Q1oTGVXVwlMFogjNzCie+LFwV1HhC+4zotgGQl0BS
pHUdM0SYiA/g2QqwGldAKsOo5ALlNh4OJcnvemoNGYrQBp9DjakFenZIPsza+cl1
qQ1sEAHiHoMH7UKJbwxExIhgRTXK7lWIfMj3bpKTGoDYGBlBN5ljB/PB2zj5WYEn
K+NdIgSWM/xfAV+G0IXnYN7PHApyyp1AUEiMQyd1TTF0X6VarK6NKQ7FjgrwQO4G
DNTGkNlgMTUXTb9aXCsfjXZyUn+dwx+VMhzjwFnbmGgIpIDxe+WCqH04nnPXAGr8
z4xHrlS5QtXp3nrDqIfQ2FyWkSKymMWbCkVyZW0CAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQv5KhVuwCfJwPNdnXpOm9+NG0M8jAfBgNVHSMEGDAWgBTITWHNF+2S5Uuz
OX8eWms5BKxvBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3lFMWh6UmZ0a3VWTHN6bF9IbHByT1FTc2J3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWEvODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8x
L0wtU29WYnNBbnljRHpYWjE2VHB2ZmpSdERQSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWEv
ODhlYWU4LTRiODYtNDM4OS1hYWRiLWMyNTc3OTJkYWRjNC8xL3lFMWh6UmZ0a3VW
THN6bF9IbHByT1FTc2J3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwJAQCAAEwHgMEAyUjWAMEA17HuAMEArlEAAMEArlH
GAMEArl62DAbBAIAAjAVAwUDKgGygAMFACoDJeADBQMqCv2AMA0GCSqGSIb3DQEB
CwUAA4IBAQAAiO3vJVvQZUpb1wZQ17J6vSVQEBnlucxi1AnfihzbHQ9iICU96YVY
ajCJ5EkvxAQOuIJKjJRylKEwppDvulOTFpryDEMFgNOp6RoNw6RZYp5x1J6OPVcw
XfMNlCa7s2PXxpsKzU9HyOvXN8jlfAj6e2Vhd38xYQhJf5GCLNV9uhh4nICePbRv
ThSm5RGT8BGmqvnTSFcBGW8CzMSJ8crZNdFpiP2qs3tBJRXPggNTEMvM9jONrryj
y3AJihf/YkJTDDThZdHycbXDA87JpIgmjrJly3JL9cP54c26AiDitWFdTmbMi3ga
/bJYB8dzhQ46uvZbkLjvKh3vlIMmOY6Z
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:56:38 2024 by rpki-client on console-ams.rpki-client.org