Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LMnw0J7jIsHET8yzyaY_TjjTrIw.roa
File: LMnw0J7jIsHET8yzyaY_TjjTrIw.roa (raw, json)
Hash identifier: /bODejQ7Uzq49GZfNSen/xej+G2UMCcwX/2YqTz3Pjo=
Subject key identifier: 2C:C9:F0:D0:9E:E3:22:C1:C4:4F:CC:B3:C9:A6:3F:4E:38:D3:AC:8C
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 14EF960F
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LMnw0J7jIsHET8yzyaY_TjjTrIw.roa
Signing time: Thu 24 Feb 2022 03:16:28 +0000
ROA not before: Thu 24 Feb 2022 03:16:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202958
IP address blocks: 194.4.58.0/24 maxlen: 24
194.4.57.0/24 maxlen: 24
194.4.56.0/24 maxlen: 24
194.4.59.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
86.107.199.0/24 maxlen: 24
86.107.198.0/24 maxlen: 24
194.146.43.0/24 maxlen: 24
194.146.42.0/24 maxlen: 24
194.146.41.0/24 maxlen: 24
194.146.40.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.81.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.193.0/24 maxlen: 24
2a06:941::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 351245839 (0x14ef960f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Feb 24 03:16:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2cc9f0d09ee322c1c44fccb3c9a63f4e38d3ac8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ed:20:94:25:2d:c0:97:90:2a:e0:41:89:f3:
1e:4a:c2:dd:29:3d:d6:fd:94:76:2d:48:38:31:9f:
9d:21:47:72:69:ce:a5:5c:97:ae:64:de:4f:66:53:
61:08:c1:93:9e:d0:1e:55:56:e1:5f:26:8c:85:2b:
55:81:ca:76:a3:b1:f6:b1:32:7a:91:35:81:e5:61:
d7:fd:6b:8b:00:f8:a3:64:02:57:76:ee:f3:8b:1e:
a8:a0:7c:54:26:d6:88:21:07:7c:d1:47:c1:d5:39:
3d:41:13:f7:85:1d:c2:7c:62:53:af:8a:2f:21:a2:
e8:2b:65:aa:ff:a3:61:48:02:cc:b6:70:39:e8:69:
47:29:ee:1a:53:a4:88:3f:05:62:1b:b0:a9:54:ea:
eb:09:2f:ee:98:ae:b0:ce:5e:01:d3:88:e2:e0:ce:
b1:09:30:f8:27:92:ae:18:a1:d6:9b:9d:c3:04:6d:
0f:86:ef:07:5c:97:a2:c2:a9:5f:cc:0a:0c:8c:e4:
77:27:d1:2e:34:1c:34:1f:b6:28:d8:54:5e:0b:e9:
9e:16:09:e5:1d:89:b6:a6:84:1e:b7:f7:aa:dc:19:
5a:c2:ed:3f:a6:fb:bc:8d:17:96:ff:99:4e:3f:5e:
1a:3f:5f:c3:66:a5:92:ee:82:49:ab:1e:36:75:03:
a6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C9:F0:D0:9E:E3:22:C1:C4:4F:CC:B3:C9:A6:3F:4E:38:D3:AC:8C
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/LMnw0J7jIsHET8yzyaY_TjjTrIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.198.0/23
185.98.4.0/24
185.100.66.0/24
185.113.133.0/24
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
194.4.56.0/22
194.146.40.0/22
IPv6:
2a06:941::/48
Signature Algorithm: sha256WithRSAEncryption
6a:31:31:21:00:58:17:9a:e3:30:ba:bc:20:d9:40:b4:ee:bd:
e6:e3:6f:1d:8b:7e:74:60:b9:e1:71:13:e3:e3:99:6e:e7:19:
9d:11:f7:c0:f1:a1:b4:76:f6:c2:89:1e:fc:2a:74:4d:46:bd:
a2:4d:42:13:6b:d2:1c:b1:a3:72:7d:d6:0c:9a:12:06:63:5d:
79:5a:d6:cf:fa:60:bf:11:88:3b:e3:be:0e:35:78:3a:52:9f:
72:40:fd:fb:32:4d:04:14:f2:e3:21:50:06:ca:56:cd:e2:36:
70:71:47:f6:36:7e:81:e9:fd:68:84:c0:9b:ab:4b:aa:58:9e:
1c:18:1a:37:7c:b1:af:eb:89:d0:4f:dd:a1:9e:ea:e4:80:1a:
72:81:34:02:09:12:c5:20:a5:fd:8d:e5:02:bf:01:86:d0:16:
95:72:fe:71:8a:8f:e5:ea:58:c0:be:9c:68:75:9d:99:73:61:
a3:e2:9d:2a:c8:49:98:86:52:3f:af:03:e9:84:cc:cd:ad:b6:
5b:a0:42:ee:ee:a5:61:b4:8d:10:c6:75:43:83:e3:34:95:3d:
34:b5:09:c9:a9:d6:c7:69:3d:7e:8e:11:c8:9a:8e:39:30:94:
e1:be:e7:02:34:8b:bb:28:81:13:e1:82:df:b1:11:4c:3f:f8:
6d:0f:e1:21
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEFO+WDzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDIy
NDAzMTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNjOWYwZDA5ZWUz
MjJjMWM0NGZjY2IzYzlhNjNmNGUzOGQzYWM4YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALDtIJQlLcCXkCrgQYnzHkrC3Sk91v2Udi1IODGfnSFHcmnO
pVyXrmTeT2ZTYQjBk57QHlVW4V8mjIUrVYHKdqOx9rEyepE1geVh1/1riwD4o2QC
V3bu84seqKB8VCbWiCEHfNFHwdU5PUET94UdwnxiU6+KLyGi6Ctlqv+jYUgCzLZw
OehpRynuGlOkiD8FYhuwqVTq6wkv7piusM5eAdOI4uDOsQkw+CeSrhih1pudwwRt
D4bvB1yXosKpX8wKDIzkdyfRLjQcNB+2KNhUXgvpnhYJ5R2JtqaEHrf3qtwZWsLt
P6b7vI0Xlv+ZTj9eGj9fw2alku6CSaseNnUDphsCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBQsyfDQnuMiwcRPzLPJpj9OONOsjDAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
L0xNbncwSjdqSXNIRVQ4eXp5YVlfVGpqVHJJdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wPAQCAAEwNgMEAVZrxgMEALliBAMEALlkQgMEALlx
hQMEArl0wAMEArl5UAMEArl9WAMEAsIEOAMEAsKSKDAPBAIAAjAJAwcAKgYJQQAA
MA0GCSqGSIb3DQEBCwUAA4IBAQBqMTEhAFgXmuMwurwg2UC07r3m428di350YLnh
cRPj45lu5xmdEffA8aG0dvbCiR78KnRNRr2iTUITa9IcsaNyfdYMmhIGY115WtbP
+mC/EYg7474ONXg6Up9yQP37Mk0EFPLjIVAGylbN4jZwcUf2Nn6B6f1ohMCbq0uq
WJ4cGBo3fLGv64nQT92hnurkgBpygTQCCRLFIKX9jeUCvwGG0BaVcv5xio/l6ljA
vpxodZ2Zc2Gj4p0qyEmYhlI/rwPphMzNrbZboELu7qVhtI0QxnVDg+M0lT00tQnJ
qdbHaT1+jhHImo45MJThvucCNIu7KIET4YLfsRFMP/htD+Eh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org