Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/Lif3IeUqLvW1vc-7PUf7flhw4zo.roa
File: Lif3IeUqLvW1vc-7PUf7flhw4zo.roa (raw, json)
Hash identifier: /8trubfnLk2HSEriFrNgjOaYI/lkIxpZh0m5bkiBwm8=
Subject key identifier: 2E:27:F7:21:E5:2A:2E:F5:B5:BD:CF:BB:3D:47:FB:7E:58:70:E3:3A
Certificate issuer: /CN=833e0e480411b9c88e916def90fc3a901026394a
Certificate serial: 321B5DB2
Authority key identifier: 83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/Lif3IeUqLvW1vc-7PUf7flhw4zo.roa
Signing time: Sat 01 Jan 2022 08:53:10 +0000
ROA not before: Sat 01 Jan 2022 08:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34173
IP address blocks: 195.64.164.0/23 maxlen: 23
193.105.43.0/24 maxlen: 24
185.7.72.0/22 maxlen: 22
2a03:1780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 840654258 (0x321b5db2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e0e480411b9c88e916def90fc3a901026394a
Validity
Not Before: Jan 1 08:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e27f721e52a2ef5b5bdcfbb3d47fb7e5870e33a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:06:2a:a2:ce:45:42:21:0b:18:c2:60:dd:d5:
95:57:7d:26:c7:e2:5e:c8:76:95:3b:8f:4c:bc:73:
25:ba:1c:f7:d8:84:b8:45:f4:da:91:af:5f:b0:e4:
60:d7:f8:b1:06:6a:32:10:a1:3e:ba:44:79:89:20:
26:53:c3:f2:10:0c:ea:b0:ee:38:c5:ac:27:39:77:
4d:7c:49:90:87:0b:db:ef:f7:8d:37:df:b4:f1:fb:
6c:92:1c:fd:b6:67:cc:2d:35:c7:94:ea:9a:c6:f8:
77:90:88:c0:58:d3:a0:3f:48:a0:58:ed:6f:0d:44:
32:81:21:d7:ee:bb:11:d5:ad:6e:69:c0:5e:10:25:
63:bd:4b:54:1e:1a:ef:77:63:7f:3c:31:e8:5b:cd:
72:5d:ee:c5:f0:0a:9f:56:13:2c:8c:6c:c2:9c:f1:
08:2e:1e:8d:d5:37:34:81:74:25:0a:14:83:b8:7c:
41:36:a9:d3:1a:65:3f:93:81:46:e9:e5:d9:6d:0e:
96:69:08:00:10:26:c8:86:0d:5c:63:93:b3:46:56:
65:6d:1f:5b:e7:2d:5f:e1:37:ff:06:de:f7:f8:da:
5a:4d:c4:e2:53:6e:42:d6:74:a0:78:be:7c:a3:20:
d6:44:06:8d:b5:89:50:f6:ca:46:34:c8:2e:6c:db:
4b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:27:F7:21:E5:2A:2E:F5:B5:BD:CF:BB:3D:47:FB:7E:58:70:E3:3A
X509v3 Authority Key Identifier:
keyid:83:3E:0E:48:04:11:B9:C8:8E:91:6D:EF:90:FC:3A:90:10:26:39:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4OSAQRuciOkW3vkPw6kBAmOUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/Lif3IeUqLvW1vc-7PUf7flhw4zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/a782cc-1e09-4480-a6dc-6c20ebaf30a9/1/gz4OSAQRuciOkW3vkPw6kBAmOUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.72.0/22
193.105.43.0/24
195.64.164.0/23
IPv6:
2a03:1780::/32
Signature Algorithm: sha256WithRSAEncryption
69:31:a7:48:46:3c:ea:e6:21:b1:8b:77:2d:1a:e2:f2:ab:4f:
a3:b3:2d:45:d8:b3:ba:fc:35:52:df:44:5f:dc:3b:70:19:f6:
2e:0c:5d:79:09:b4:53:73:43:fb:01:d9:fa:b3:bb:d7:14:b8:
25:4c:ff:52:82:d9:be:d4:12:94:5a:96:f2:b8:7d:41:0e:e2:
63:42:4f:f7:e9:de:3d:9d:a7:bc:af:f4:64:56:de:c0:cb:55:
23:ba:f1:dd:5c:05:68:84:0b:72:a6:e9:3f:b2:2c:09:f9:f7:
94:a7:f9:c3:43:90:f6:24:f5:a2:18:22:52:fc:8c:f0:5d:c1:
f7:b4:81:aa:10:81:dd:1b:ab:5a:f0:08:12:2d:8e:13:6b:b4:
42:62:f6:52:00:02:ec:e7:5d:aa:6f:69:22:b0:32:fd:c1:9d:
89:70:8b:29:9d:d8:94:a6:7c:ab:cf:73:36:8b:99:e8:c7:9e:
7b:45:13:16:59:5b:ca:51:fe:12:68:d6:2e:1a:d8:9f:9f:64:
90:c4:72:9f:8e:54:60:6d:46:de:16:a7:d6:91:b3:e6:f0:46:
13:cf:08:5a:9b:eb:98:c6:ed:e0:32:41:3c:af:5b:7a:b8:06:
52:bc:a3:b9:dd:f2:08:5a:06:74:6c:50:f5:3e:c1:6f:d6:29:
60:9d:d3:ac
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEMhtdsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzNlMGU0ODA0MTFiOWM4OGU5MTZkZWY5MGZjM2E5MDEwMjYzOTRhMB4XDTIyMDEw
MTA4NTMxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUyN2Y3MjFlNTJh
MmVmNWI1YmRjZmJiM2Q0N2ZiN2U1ODcwZTMzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALYGKqLORUIhCxjCYN3VlVd9JsfiXsh2lTuPTLxzJboc99iE
uEX02pGvX7DkYNf4sQZqMhChPrpEeYkgJlPD8hAM6rDuOMWsJzl3TXxJkIcL2+/3
jTfftPH7bJIc/bZnzC01x5Tqmsb4d5CIwFjToD9IoFjtbw1EMoEh1+67EdWtbmnA
XhAlY71LVB4a73djfzwx6FvNcl3uxfAKn1YTLIxswpzxCC4ejdU3NIF0JQoUg7h8
QTap0xplP5OBRunl2W0OlmkIABAmyIYNXGOTs0ZWZW0fW+ctX+E3/wbe9/jaWk3E
4lNuQtZ0oHi+fKMg1kQGjbWJUPbKRjTILmzbS50CAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQuJ/ch5Sou9bW9z7s9R/t+WHDjOjAfBgNVHSMEGDAWgBSDPg5IBBG5yI6R
be+Q/DqQECY5SjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2d6NE9TQVFSdWNpT2tXM3ZrUHc2a0JBbU9Vby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvYTc4MmNjLTFlMDktNDQ4MC1hNmRjLTZjMjBlYmFmMzBhOS8x
L0xpZjNJZVVxTHZXMXZjLTdQVWY3ZmxodzR6by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
YTc4MmNjLTFlMDktNDQ4MC1hNmRjLTZjMjBlYmFmMzBhOS8xL2d6NE9TQVFSdWNp
T2tXM3ZrUHc2a0JBbU9Vby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArkHSAMEAMFpKwMEAcNApDANBAIA
AjAHAwUAKgMXgDANBgkqhkiG9w0BAQsFAAOCAQEAaTGnSEY86uYhsYt3LRri8qtP
o7MtRdizuvw1Ut9EX9w7cBn2LgxdeQm0U3ND+wHZ+rO71xS4JUz/UoLZvtQSlFqW
8rh9QQ7iY0JP9+nePZ2nvK/0ZFbewMtVI7rx3VwFaIQLcqbpP7IsCfn3lKf5w0OQ
9iT1ohgiUvyM8F3B97SBqhCB3RurWvAIEi2OE2u0QmL2UgAC7Oddqm9pIrAy/cGd
iXCLKZ3YlKZ8q89zNouZ6Meee0UTFllbylH+EmjWLhrYn59kkMRyn45UYG1G3han
1pGz5vBGE88IWpvrmMbt4DJBPK9bergGUryjud3yCFoGdGxQ9T7Bb9YpYJ3TrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:19 2024 by rpki-client on console-fra.rpki-client.org