Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/LwfAQ0qqHzYSAEbivaWCY1TdxmM.roa
File: LwfAQ0qqHzYSAEbivaWCY1TdxmM.roa (raw, json)
Hash identifier: gsVnocMcUsaK/Fkz5OencmcnL+/OfpxmS4Pq04FYvv4=
Subject key identifier: 2F:07:C0:43:4A:AA:1F:36:12:00:46:E2:BD:A5:82:63:54:DD:C6:63
Certificate issuer: /CN=ba0d738dd28ff2549456ce66e744898372fc503d
Certificate serial: 0E045917
Authority key identifier: BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/LwfAQ0qqHzYSAEbivaWCY1TdxmM.roa
Signing time: Thu 20 Jan 2022 12:49:44 +0000
ROA not before: Thu 20 Jan 2022 12:49:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31229
IP address blocks: 185.23.21.0/24 maxlen: 24
185.23.20.0/24 maxlen: 24
185.23.20.0/22 maxlen: 22
185.23.23.0/24 maxlen: 24
185.23.22.0/24 maxlen: 24
178.216.200.0/21 maxlen: 21
46.245.192.0/22 maxlen: 22
46.245.192.0/24 maxlen: 24
46.245.193.0/24 maxlen: 24
46.245.195.0/24 maxlen: 24
46.245.196.0/22 maxlen: 22
46.245.194.0/24 maxlen: 24
92.43.112.0/21 maxlen: 21
109.205.48.0/21 maxlen: 21
91.102.112.0/21 maxlen: 21
5.149.160.0/21 maxlen: 21
5.149.165.0/24 maxlen: 24
109.205.55.0/24 maxlen: 24
193.187.64.0/24 maxlen: 24
193.187.68.0/23 maxlen: 23
193.187.66.0/23 maxlen: 23
193.187.71.0/24 maxlen: 24
193.187.70.0/24 maxlen: 24
194.50.186.0/24 maxlen: 24
185.49.150.0/23 maxlen: 23
185.49.148.0/23 maxlen: 23
2a02:951::/32 maxlen: 32
2001:67c:6c8::/48 maxlen: 48
2a02:952::/32 maxlen: 32
2a02:950::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 235165975 (0xe045917)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba0d738dd28ff2549456ce66e744898372fc503d
Validity
Not Before: Jan 20 12:49:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f07c0434aaa1f36120046e2bda5826354ddc663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:58:47:f7:b1:1b:f3:24:9c:f6:9f:ce:62:d0:
ed:db:b9:75:b9:cb:7b:61:36:00:50:1a:ea:07:77:
0c:d8:39:a4:96:4d:c6:93:ca:f3:41:40:b8:77:05:
90:c0:20:f3:7a:bc:f5:cd:f1:95:50:2d:41:01:3a:
01:bc:91:dc:af:d4:24:4d:11:42:03:21:44:8a:28:
d0:2b:2e:7e:0f:71:7f:29:6b:1a:6f:fa:0b:eb:58:
ba:a0:04:40:87:c1:31:3b:80:14:25:d3:27:5a:75:
31:15:8f:c0:15:ef:10:68:4e:0c:a8:eb:15:f4:52:
66:ae:8e:d4:c5:63:4c:07:7c:b3:17:f9:f8:f3:17:
93:29:5a:9e:8c:7f:dd:4e:60:c2:68:34:11:fd:26:
a7:1f:c0:d2:4c:bc:13:34:a1:43:c7:99:fa:29:04:
6a:3f:43:29:65:55:b7:eb:e2:d6:93:dc:f4:cb:de:
f7:59:2c:a0:1d:98:16:8f:4a:81:86:c2:d9:00:bd:
37:4d:97:93:a4:9a:16:9b:cd:33:32:41:bf:aa:2b:
00:b6:04:ae:ad:9d:d3:9f:e0:19:37:1f:29:fc:b6:
8d:49:c4:fa:1d:c7:b0:8b:b5:be:bb:57:64:5b:a3:
34:31:0b:93:c5:b0:b3:22:d3:db:b8:34:5b:14:16:
76:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:07:C0:43:4A:AA:1F:36:12:00:46:E2:BD:A5:82:63:54:DD:C6:63
X509v3 Authority Key Identifier:
keyid:BA:0D:73:8D:D2:8F:F2:54:94:56:CE:66:E7:44:89:83:72:FC:50:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ug1zjdKP8lSUVs5m50SJg3L8UD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/LwfAQ0qqHzYSAEbivaWCY1TdxmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/1cd76c-0201-4703-8ed6-beb6da03755e/1/ug1zjdKP8lSUVs5m50SJg3L8UD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.160.0/21
46.245.192.0/21
91.102.112.0/21
92.43.112.0/21
109.205.48.0/21
178.216.200.0/21
185.23.20.0/22
185.49.148.0/22
193.187.64.0/24
193.187.66.0-193.187.71.255
194.50.186.0/24
IPv6:
2001:67c:6c8::/48
2a02:950::-2a02:952:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:6b:25:90:47:2a:16:3f:8d:f5:45:f5:02:26:6d:ac:63:5d:
c1:21:f9:1b:61:e7:96:1b:f3:38:2e:b6:68:1f:4a:c5:fc:2e:
1c:0e:ca:18:9d:d5:52:cf:40:c1:66:e9:5f:93:e1:eb:d5:ac:
ca:8d:fa:24:6d:11:b9:f7:bb:ac:b4:10:08:7f:f2:b7:a5:65:
b6:5c:cb:d5:84:24:db:69:0e:0b:cc:7e:1c:ee:c6:9c:f5:fe:
d8:0e:2a:04:e6:45:a4:15:c4:32:c4:5b:10:5a:1c:12:89:9b:
11:72:84:25:36:08:ec:f0:f8:a2:52:a9:74:39:16:ad:38:f6:
68:f4:08:a2:39:07:ee:04:b7:83:37:95:6a:96:76:ea:32:fe:
82:d2:96:b3:79:26:5c:a8:7b:ae:24:11:37:93:43:56:80:1d:
a6:12:85:a2:d3:14:e8:8c:64:55:83:08:23:c2:1a:1e:37:e3:
f9:ed:4e:5b:c2:da:bc:75:b0:af:b3:ba:a3:d7:69:b9:b7:43:
57:80:b2:11:9d:55:b6:3b:8f:c7:e1:60:c7:99:88:f9:3e:ec:
29:f5:5c:3f:52:2b:14:7b:cc:20:c1:27:f4:87:b0:02:b6:7d:
7d:e0:1b:0c:a8:15:60:95:a1:13:e6:64:5d:5c:c8:54:d4:de:
93:33:b3:8d
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgIEDgRZFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YTBkNzM4ZGQyOGZmMjU0OTQ1NmNlNjZlNzQ0ODk4MzcyZmM1MDNkMB4XDTIyMDEy
MDEyNDk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYwN2MwNDM0YWFh
MWYzNjEyMDA0NmUyYmRhNTgyNjM1NGRkYzY2MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtYR/exG/MknPafzmLQ7du5dbnLe2E2AFAa6gd3DNg5pJZN
xpPK80FAuHcFkMAg83q89c3xlVAtQQE6AbyR3K/UJE0RQgMhRIoo0Csufg9xfylr
Gm/6C+tYuqAEQIfBMTuAFCXTJ1p1MRWPwBXvEGhODKjrFfRSZq6O1MVjTAd8sxf5
+PMXkylanox/3U5gwmg0Ef0mpx/A0ky8EzShQ8eZ+ikEaj9DKWVVt+vi1pPc9Mve
91ksoB2YFo9KgYbC2QC9N02Xk6SaFpvNMzJBv6orALYErq2d05/gGTcfKfy2jUnE
+h3HsIu1vrtXZFujNDELk8WwsyLT27g0WxQWdtMCAwEAAaOCAm8wggJrMB0GA1Ud
DgQWBBQvB8BDSqofNhIARuK9pYJjVN3GYzAfBgNVHSMEGDAWgBS6DXON0o/yVJRW
zmbnRImDcvxQPTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VnMXpqZEtQOGxTVVZzNW01MFNKZzNMOFVEMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjAvMWNkNzZjLTAyMDEtNDcwMy04ZWQ2LWJlYjZkYTAzNzU1ZS8x
L0x3ZkFRMHFxSHpZU0FFYml2YVdDWTFUZHhtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjAv
MWNkNzZjLTAyMDEtNDcwMy04ZWQ2LWJlYjZkYTAzNzU1ZS8xL3VnMXpqZEtQOGxT
VVZzNW01MFNKZzNMOFVEMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hAYIKwYBBQUHAQcBAf8EdTBzMFAEAgABMEoDBAMFlaADBAMu9cADBANbZnADBANc
K3ADBANtzTADBAOy2MgDBAK5FxQDBAK5MZQDBADBu0AwDAMEAcG7QgMEA8G7QAME
AMIyujAfBAIAAjAZAwcAIAEGfAbIMA4DBQQqAglQAwUAKgIJUjANBgkqhkiG9w0B
AQsFAAOCAQEAAWslkEcqFj+N9UX1AiZtrGNdwSH5G2HnlhvzOC62aB9KxfwuHA7K
GJ3VUs9AwWbpX5Ph69Wsyo36JG0Rufe7rLQQCH/yt6VltlzL1YQk22kOC8x+HO7G
nPX+2A4qBOZFpBXEMsRbEFocEombEXKEJTYI7PD4olKpdDkWrTj2aPQIojkH7gS3
gzeVapZ26jL+gtKWs3kmXKh7riQRN5NDVoAdphKFotMU6IxkVYMII8IaHjfj+e1O
W8LavHWwr7O6o9dpubdDV4CyEZ1VtjuPx+Fgx5mI+T7sKfVcP1IrFHvMIMEn9Iew
ArZ9feAbDKgVYJWhE+ZkXVzIVNTekzOzjQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:38 2024 by rpki-client on console-ams.rpki-client.org