Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/cLBP0tXWJN-7STlp_D1oElUdyLI.roa
File: cLBP0tXWJN-7STlp_D1oElUdyLI.roa (raw, json)
Hash identifier: HdFEod/4YGeDWvd5/6ERajNz5JkaFI/u19MOxXHkLYk=
Subject key identifier: 70:B0:4F:D2:D5:D6:24:DF:BB:49:39:69:FC:3D:68:12:55:1D:C8:B2
Certificate issuer: /CN=3b3daef89306a75f0b88191440742a720afb3f20
Certificate serial: 0B86B4FD
Authority key identifier: 3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/cLBP0tXWJN-7STlp_D1oElUdyLI.roa
Signing time: Sat 01 Jan 2022 11:54:05 +0000
ROA not before: Sat 01 Jan 2022 11:54:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24796
IP address blocks: 193.201.40.0/24 maxlen: 24
193.24.29.0/24 maxlen: 24
185.33.110.0/23 maxlen: 23
185.33.108.0/23 maxlen: 23
185.33.108.0/22 maxlen: 22
2a0f:80::/32 maxlen: 32
2001:7f8:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193377533 (0xb86b4fd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b3daef89306a75f0b88191440742a720afb3f20
Validity
Not Before: Jan 1 11:54:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70b04fd2d5d624dfbb493969fc3d6812551dc8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e5:e5:28:f1:c9:72:df:f5:cb:52:27:21:93:
0b:83:c2:de:b3:5a:84:b2:b7:b7:9c:30:42:36:fa:
4b:25:2d:e1:58:a9:fc:66:f8:a0:26:ae:07:45:1a:
b8:fd:0c:9a:76:33:c9:1f:c8:58:12:50:cf:83:2e:
2d:d4:c2:d5:31:b1:fc:13:3c:52:d0:d9:73:21:f2:
51:83:12:3d:0c:1e:62:52:c1:f8:5c:29:e6:15:b9:
b4:9c:6a:69:2d:f8:86:c2:34:14:40:40:95:4a:ba:
a8:0c:3d:6f:a0:e9:6a:f8:e1:2d:fb:0a:f1:2e:01:
20:56:d5:e3:2a:bb:71:dc:28:23:8d:e3:56:de:ef:
90:89:cf:ac:ab:99:3f:69:bf:e5:06:87:80:ba:79:
59:63:d3:0c:d3:f6:c6:e9:c9:e6:f8:ab:c5:35:de:
a6:fb:ca:dd:40:db:b5:82:e0:c0:56:77:2d:d4:8d:
b0:8b:80:b4:44:de:6d:20:05:b1:46:82:6b:39:ef:
7d:87:2e:24:fb:ca:da:68:2d:59:42:37:8a:36:a5:
b7:fa:30:52:d3:91:bf:ef:06:21:bf:9e:b0:6d:a3:
55:0b:07:72:26:5f:c7:f2:6c:88:8f:28:50:31:7e:
3b:8b:c3:65:cc:40:b9:d2:73:22:35:6d:7c:c1:f7:
84:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:B0:4F:D2:D5:D6:24:DF:BB:49:39:69:FC:3D:68:12:55:1D:C8:B2
X509v3 Authority Key Identifier:
keyid:3B:3D:AE:F8:93:06:A7:5F:0B:88:19:14:40:74:2A:72:0A:FB:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Oz2u-JMGp18LiBkUQHQqcgr7PyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/cLBP0tXWJN-7STlp_D1oElUdyLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/f150b1-43b9-4911-a005-aacad86c617d/1/Oz2u-JMGp18LiBkUQHQqcgr7PyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.108.0/22
193.24.29.0/24
193.201.40.0/24
IPv6:
2001:7f8:10::/48
2a0f:80::/32
Signature Algorithm: sha256WithRSAEncryption
4c:39:f0:5a:e8:f0:bd:a1:64:8a:7d:19:db:8f:06:f4:01:45:
1e:c7:4d:06:9a:bd:c7:3b:50:c7:24:bc:80:7e:52:d0:83:69:
1f:ae:14:6f:c5:7b:73:f9:ff:f2:e3:a7:5e:73:c9:2a:ec:e0:
07:7e:7d:06:52:cf:46:75:54:ed:66:99:c0:aa:78:8f:14:fa:
ad:6e:0e:2f:2c:8e:6d:4a:c0:90:98:68:ba:07:76:ac:09:5a:
6d:e9:3e:98:32:3a:f6:63:0f:0d:47:9f:9e:5a:fb:dd:d9:13:
8d:fd:df:ce:8a:6b:ef:06:f8:e6:65:90:4e:7f:d2:2d:e4:eb:
d4:41:37:df:93:55:53:49:6c:af:81:96:a7:be:4b:5a:fd:54:
bb:a1:17:8d:5b:39:7d:4a:6c:ec:9b:2e:a1:3a:d0:12:83:a2:
3b:2a:7a:98:b2:c5:b1:b7:0a:04:63:fb:e9:c7:99:0d:5f:c4:
5a:26:58:fb:b5:1f:9e:f7:29:81:4f:ec:88:b4:79:24:59:fe:
38:e9:c7:13:4c:f3:c3:76:ca:d7:5d:de:82:66:00:69:29:1d:
14:cb:f6:35:33:78:06:62:5e:d9:56:f2:e1:e8:25:91:39:65:
ab:df:3b:0e:d3:42:75:c7:d2:dd:2b:0d:d7:c5:d1:2e:9f:8d:
c8:26:c0:6e
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEC4a0/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjNkYWVmODkzMDZhNzVmMGI4ODE5MTQ0MDc0MmE3MjBhZmIzZjIwMB4XDTIyMDEw
MTExNTQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBiMDRmZDJkNWQ2
MjRkZmJiNDkzOTY5ZmMzZDY4MTI1NTFkYzhiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTl5SjxyXLf9ctSJyGTC4PC3rNahLK3t5wwQjb6SyUt4Vip
/Gb4oCauB0UauP0MmnYzyR/IWBJQz4MuLdTC1TGx/BM8UtDZcyHyUYMSPQweYlLB
+Fwp5hW5tJxqaS34hsI0FEBAlUq6qAw9b6DpavjhLfsK8S4BIFbV4yq7cdwoI43j
Vt7vkInPrKuZP2m/5QaHgLp5WWPTDNP2xunJ5virxTXepvvK3UDbtYLgwFZ3LdSN
sIuAtETebSAFsUaCaznvfYcuJPvK2mgtWUI3ijalt/owUtORv+8GIb+esG2jVQsH
ciZfx/JsiI8oUDF+O4vDZcxAudJzIjVtfMH3hBUCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRwsE/S1dYk37tJOWn8PWgSVR3IsjAfBgNVHSMEGDAWgBQ7Pa74kwanXwuI
GRRAdCpyCvs/IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L096MnUtSk1HcDE4TGlCa1VRSFFxY2dyN1B5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZjE1MGIxLTQzYjktNDkxMS1hMDA1LWFhY2FkODZjNjE3ZC8x
L2NMQlAwdFhXSk4tN1NUbHBfRDFvRWxVZHlMSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZjE1MGIxLTQzYjktNDkxMS1hMDA1LWFhY2FkODZjNjE3ZC8xL096MnUtSk1HcDE4
TGlCa1VRSFFxY2dyN1B5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwGAQCAAEwEgMEArkhbAMEAMEYHQMEAMHJKDAWBAIA
AjAQAwcAIAEH+AAQAwUAKg8AgDANBgkqhkiG9w0BAQsFAAOCAQEATDnwWujwvaFk
in0Z248G9AFFHsdNBpq9xztQxyS8gH5S0INpH64Ub8V7c/n/8uOnXnPJKuzgB359
BlLPRnVU7WaZwKp4jxT6rW4OLyyObUrAkJhougd2rAlabek+mDI69mMPDUefnlr7
3dkTjf3fzopr7wb45mWQTn/SLeTr1EE335NVU0lsr4GWp75LWv1Uu6EXjVs5fUps
7JsuoTrQEoOiOyp6mLLFsbcKBGP76ceZDV/EWiZY+7UfnvcpgU/siLR5JFn+OOnH
E0zzw3bK113egmYAaSkdFMv2NTN4BmJe2Vby4eglkTllq987DtNCdcfS3SsN18XR
Lp+NyCbAbg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:50 2024 by rpki-client on console-ams.rpki-client.org