Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/letpBXNoPRTiBkfTTXG-P5XB9h8.roa
File: letpBXNoPRTiBkfTTXG-P5XB9h8.roa (raw, json)
Hash identifier: sB+VMvF/eG1ecrWFpdS/3Cwph3yd2AFaO+u2VnmShkg=
Subject key identifier: 95:EB:69:05:73:68:3D:14:E2:06:47:D3:4D:71:BE:3F:95:C1:F6:1F
Certificate issuer: /CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Certificate serial: 42119AE2
Authority key identifier: A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/letpBXNoPRTiBkfTTXG-P5XB9h8.roa
Signing time: Sat 01 Jan 2022 10:03:44 +0000
ROA not before: Sat 01 Jan 2022 10:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51191
IP address blocks: 185.24.68.0/22 maxlen: 22
195.138.240.0/21 maxlen: 21
195.138.241.0/24 maxlen: 24
195.138.244.0/24 maxlen: 24
130.185.104.0/21 maxlen: 21
2a01:4a0:2002::/48 maxlen: 48
2a01:4a0:2000::/48 maxlen: 48
2a01:4a0:2001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1108450018 (0x42119ae2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a9b75b64d5da17d70bbabd811a39a602ddaf963a
Validity
Not Before: Jan 1 10:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95eb690573683d14e20647d34d71be3f95c1f61f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:8b:72:ad:39:3b:8c:04:3c:de:b0:82:cb:3b:
66:30:94:fa:d4:21:9a:c3:9b:3c:ba:5b:43:28:0a:
ab:6f:01:32:7b:70:08:2a:7d:b2:87:20:51:80:d4:
f7:ca:26:4d:d2:ef:27:55:9b:cd:a4:e0:7c:2d:9a:
7f:9e:8c:5c:78:17:3c:c9:45:1c:57:de:7b:70:7e:
1a:c4:88:4b:89:39:0d:8a:73:df:9d:1a:59:85:e8:
db:59:b7:a8:39:01:11:13:bb:aa:f1:1d:63:a7:03:
5f:4a:48:df:55:16:13:d7:ff:1b:7b:b0:03:f8:2d:
72:35:7c:ec:c0:5f:66:13:40:94:78:e1:a1:c0:2e:
21:c5:e9:7e:bc:38:e1:41:ba:11:87:7d:2e:83:82:
8a:5b:60:d1:cd:08:6d:df:47:49:85:64:84:24:60:
06:1f:f6:85:51:cb:0d:c4:e5:d6:9e:59:d3:5c:4e:
e9:c8:08:d7:e5:e3:db:47:b3:9e:4c:0e:80:60:30:
bd:a6:8f:c0:19:c3:6d:e1:9d:b0:e6:af:15:91:7c:
30:e1:dd:b8:0d:c5:84:91:ff:de:cc:9a:95:16:da:
09:3d:24:22:1e:87:98:05:f5:2a:18:2b:ad:61:f3:
ec:67:18:09:a0:ef:b3:7e:7f:c6:b4:4e:77:41:82:
a1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EB:69:05:73:68:3D:14:E2:06:47:D3:4D:71:BE:3F:95:C1:F6:1F
X509v3 Authority Key Identifier:
keyid:A9:B7:5B:64:D5:DA:17:D7:0B:BA:BD:81:1A:39:A6:02:DD:AF:96:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qbdbZNXaF9cLur2BGjmmAt2vljo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/letpBXNoPRTiBkfTTXG-P5XB9h8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/da85e7-a452-4b1d-b5ae-9b11804ecd39/1/qbdbZNXaF9cLur2BGjmmAt2vljo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.104.0/21
185.24.68.0/22
195.138.240.0/21
IPv6:
2a01:4a0:2000::-2a01:4a0:2002:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1a:6a:2d:04:19:77:b2:27:df:f6:fa:ef:15:1d:a6:bb:47:d7:
de:a4:ed:dd:b9:e6:40:0e:8a:5c:dc:2f:69:03:cd:bd:ba:ce:
c8:ed:7c:65:75:09:2a:9b:51:88:6f:de:7e:5f:81:a1:7f:60:
ba:a6:77:af:ef:5a:22:27:f1:db:69:11:01:55:e5:30:1a:f2:
a4:73:d9:d3:c3:97:4e:8b:71:e5:4b:33:e2:9d:ba:08:37:06:
6d:db:c5:07:3d:1e:77:57:9b:87:e8:df:5b:97:08:14:18:28:
e6:bc:8c:50:18:98:c4:c2:c9:d8:37:b5:92:6d:bc:84:45:68:
9f:f9:da:76:c0:4b:51:b8:88:9f:ed:ca:1c:68:25:b0:96:a6:
09:19:09:58:c2:45:96:f7:2e:4e:76:df:b6:2c:44:12:f5:ae:
c5:ef:30:16:e5:66:f9:b4:d0:87:ef:e7:9d:45:73:f2:d7:65:
59:fa:b4:b0:fe:59:a9:25:06:29:19:50:90:96:3f:3a:98:41:
49:55:1a:e9:58:da:dd:c8:94:e2:a7:bb:63:20:b3:70:4b:c4:
f6:2c:f5:1d:11:3f:3d:aa:ba:05:d0:6c:92:12:70:8d:12:56:
6a:98:15:bb:f7:f2:a6:76:9d:79:27:20:2e:9e:16:9b:a3:b7:
3f:b3:88:58
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEQhGa4jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
OWI3NWI2NGQ1ZGExN2Q3MGJiYWJkODExYTM5YTYwMmRkYWY5NjNhMB4XDTIyMDEw
MTEwMDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVlYjY5MDU3MzY4
M2QxNGUyMDY0N2QzNGQ3MWJlM2Y5NWMxZjYxZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOLcq05O4wEPN6wgss7ZjCU+tQhmsObPLpbQygKq28BMntw
CCp9socgUYDU98omTdLvJ1WbzaTgfC2af56MXHgXPMlFHFfee3B+GsSIS4k5DYpz
350aWYXo21m3qDkBERO7qvEdY6cDX0pI31UWE9f/G3uwA/gtcjV87MBfZhNAlHjh
ocAuIcXpfrw44UG6EYd9LoOCiltg0c0Ibd9HSYVkhCRgBh/2hVHLDcTl1p5Z01xO
6cgI1+Xj20eznkwOgGAwvaaPwBnDbeGdsOavFZF8MOHduA3FhJH/3syalRbaCT0k
Ih6HmAX1KhgrrWHz7GcYCaDvs35/xrROd0GCoWUCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSV62kFc2g9FOIGR9NNcb4/lcH2HzAfBgNVHSMEGDAWgBSpt1tk1doX1wu6
vYEaOaYC3a+WOjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FiZGJaTlhhRjljTHVyMkJHam1tQXQydmxqby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjUvZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8x
L2xldHBCWE5vUFJUaUJrZlRUWEctUDVYQjloOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjUv
ZGE4NWU3LWE0NTItNGIxZC1iNWFlLTliMTE4MDRlY2QzOS8xL3FiZGJaTlhhRjlj
THVyMkJHam1tQXQydmxqby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwGAQCAAEwEgMEA4K5aAMEArkYRAMEA8OK8DAZBAIA
AjATMBEDBgUqAQSgIAMHACoBBKAgAjANBgkqhkiG9w0BAQsFAAOCAQEAGmotBBl3
siff9vrvFR2mu0fX3qTt3bnmQA6KXNwvaQPNvbrOyO18ZXUJKptRiG/efl+BoX9g
uqZ3r+9aIifx22kRAVXlMBrypHPZ08OXTotx5Usz4p26CDcGbdvFBz0ed1ebh+jf
W5cIFBgo5ryMUBiYxMLJ2De1km28hEVon/nadsBLUbiIn+3KHGglsJamCRkJWMJF
lvcuTnbftixEEvWuxe8wFuVm+bTQh+/nnUVz8tdlWfq0sP5ZqSUGKRlQkJY/OphB
SVUa6Vja3ciU4qe7YyCzcEvE9iz1HRE/Paq6BdBskhJwjRJWapgVu/fypnadeScg
Lp4Wm6O3P7OIWA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:40 2024 by rpki-client on console-ams.rpki-client.org