Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lkse8Y7yMPdRWQODyoSgkC77H4A.roa
File: lkse8Y7yMPdRWQODyoSgkC77H4A.roa (raw, json)
Hash identifier: 9X28V2xtBOShPjTltsdNsDEjH9ys3MI8r+i8XprDZ4k=
Subject key identifier: 96:4B:1E:F1:8E:F2:30:F7:51:59:03:83:CA:84:A0:90:2E:FB:1F:80
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018485B15C6C9C8C50403DDE58C07898648D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lkse8Y7yMPdRWQODyoSgkC77H4A.roa
Signing time: Thu 17 Nov 2022 13:05:04 +0000
ROA not before: Thu 17 Nov 2022 13:05:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 133296
IP address blocks: 93.120.39.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:85:b1:5c:6c:9c:8c:50:40:3d:de:58:c0:78:98:64:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Nov 17 13:05:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=964b1ef18ef230f751590383ca84a0902efb1f80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c4:ff:4b:82:23:a1:fe:9b:f6:c6:77:d4:01:
13:d6:5e:8a:b2:07:cc:f8:3d:28:12:ab:b5:44:e1:
48:6b:c2:db:3e:58:88:5d:e1:27:90:2d:cd:06:15:
e7:2b:b1:2a:59:3e:f1:a2:d2:90:ee:41:3f:d0:6e:
82:30:ca:d6:b0:c6:4b:ab:a7:2e:1a:b5:0c:93:7e:
c3:c5:a7:37:b9:f6:55:54:06:ab:da:6a:20:6a:97:
55:d3:7f:b2:27:c2:0b:6b:25:69:8b:cf:9e:ec:e1:
ba:0b:22:99:72:ea:fa:52:f6:36:ce:04:34:03:ab:
2c:e8:b9:3f:54:77:4b:6b:88:60:4f:97:f8:45:57:
da:b4:ea:5f:19:90:00:81:c1:92:a7:25:02:95:56:
b2:af:44:23:f4:85:c7:20:f3:5f:74:07:4d:20:11:
48:2d:dd:fc:cc:e8:d0:93:4e:bb:44:6d:0f:c4:71:
c9:de:cd:78:76:c6:d0:26:a8:f0:f3:18:31:e7:c6:
af:92:29:ba:b2:36:f0:02:fc:f0:e1:d8:61:65:8f:
3f:60:39:5f:b8:cd:22:0d:cb:9b:3a:c9:8b:b8:46:
ae:09:7d:55:75:a2:eb:a1:db:a3:35:67:9a:c7:4a:
05:52:53:3d:f0:a1:12:5f:9d:2a:4b:e0:20:56:de:
73:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:4B:1E:F1:8E:F2:30:F7:51:59:03:83:CA:84:A0:90:2E:FB:1F:80
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/lkse8Y7yMPdRWQODyoSgkC77H4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.120.39.0/24
Signature Algorithm: sha256WithRSAEncryption
74:96:78:18:fb:d5:3c:ca:bb:b7:5c:a2:db:32:ee:42:33:e2:
1a:23:fb:28:0e:65:97:a0:04:76:bc:c6:96:cd:cb:84:33:2f:
8f:2b:fe:37:2f:e2:22:92:c9:20:b9:03:6b:36:ed:50:fc:97:
07:3f:d9:75:f0:3e:dc:28:44:4b:89:a8:43:05:7c:80:7e:76:
54:74:3e:cc:3a:38:20:8d:2d:d9:32:03:10:d9:0a:a6:ec:96:
b4:94:ce:32:e0:58:07:e4:f9:70:7b:6f:5d:89:2f:91:1e:e3:
2c:28:c1:a6:72:b2:7a:6b:e5:c9:ca:8b:26:d4:63:77:78:9e:
fb:52:96:a8:71:5f:85:38:16:f7:07:4c:9a:f8:30:a2:d7:fb:
eb:6e:a0:2f:9e:62:9f:88:a0:8c:d3:3b:af:c4:91:fb:72:10:
31:f5:e4:61:ae:03:cf:87:78:93:72:a3:87:3e:07:e9:26:75:
6c:ac:ea:73:a9:be:af:36:5c:e4:cf:02:32:1a:73:06:94:8b:
18:61:7f:73:35:1f:a1:0d:3d:30:90:bf:85:2f:66:25:c9:f2:
89:2c:6b:e6:3e:2e:d2:dd:aa:11:3c:59:28:f2:8d:36:2c:e6:
d6:4e:99:c0:7b:b5:23:2b:ce:c5:f3:3b:ea:9e:4a:e1:45:2c:
bb:65:15:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSFsVxsnIxQQD3eWMB4mGSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjIxMTE3MTMwNTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjRiMWVmMThlZjIzMGY3NTE1OTAzODNjYTg0YTA5MDJlZmIxZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsT/S4Ijof6b9sZ31AET1l6KsgfM
+D0oEqu1ROFIa8LbPliIXeEnkC3NBhXnK7EqWT7xotKQ7kE/0G6CMMrWsMZLq6cu
GrUMk37Dxac3ufZVVAar2mogapdV03+yJ8ILayVpi8+e7OG6CyKZcur6UvY2zgQ0
A6ss6Lk/VHdLa4hgT5f4RVfatOpfGZAAgcGSpyUClVayr0Qj9IXHIPNfdAdNIBFI
Ld38zOjQk067RG0PxHHJ3s14dsbQJqjw8xgx58avkim6sjbwAvzw4dhhZY8/YDlf
uM0iDcubOsmLuEauCX1VdaLrodujNWeax0oFUlM98KESX50qS+AgVt5zwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZLHvGO8jD3UVkDg8qEoJAu+x+AMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvbGtzZThZN3lNUGRSV1FPRHlvU2drQzc3SDRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXXgnMA0G
CSqGSIb3DQEBCwUAA4IBAQB0lngY+9U8yru3XKLbMu5CM+IaI/soDmWXoAR2vMaW
zcuEMy+PK/43L+IikskguQNrNu1Q/JcHP9l18D7cKERLiahDBXyAfnZUdD7MOjgg
jS3ZMgMQ2Qqm7Ja0lM4y4FgH5Plwe29diS+RHuMsKMGmcrJ6a+XJyosm1GN3eJ77
UpaocV+FOBb3B0ya+DCi1/vrbqAvnmKfiKCM0zuvxJH7chAx9eRhrgPPh3iTcqOH
PgfpJnVsrOpzqb6vNlzkzwIyGnMGlIsYYX9zNR+hDT0wkL+FL2YlyfKJLGvmPi7S
3aoRPFko8o02LObWTpnAe7UjK87F8zvqnkrhRSy7ZRUV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:42 2023 by rpki-client on console-ams.rpki-client.org