Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/LAVJ2W058jecxUMxaQrmksekpgQ.roa
File: LAVJ2W058jecxUMxaQrmksekpgQ.roa (raw, json)
Hash identifier: Sp+8DyWCRIXmqsXq7UAQVniajRk1uRYPm8NmvqsO41A=
Subject key identifier: 2C:05:49:D9:6D:39:F2:37:9C:C5:43:31:69:0A:E6:92:C7:A4:A6:04
Certificate issuer: /CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Certificate serial: 01856FD4F466E1DD86EC34090849D09D55BC
Authority key identifier: 01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/LAVJ2W058jecxUMxaQrmksekpgQ.roa
Signing time: Mon 02 Jan 2023 00:15:05 +0000
ROA not before: Mon 02 Jan 2023 00:15:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209277
IP address blocks: 185.38.192.0/24 maxlen: 24
185.38.193.0/24 maxlen: 24
88.214.16.0/24 maxlen: 24
88.214.17.0/24 maxlen: 24
88.214.19.0/24 maxlen: 24
88.214.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d4:f4:66:e1:dd:86:ec:34:09:08:49:d0:9d:55:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Validity
Not Before: Jan 2 00:15:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c0549d96d39f2379cc54331690ae692c7a4a604
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:e0:b8:0e:27:b6:08:33:9f:5d:1e:91:ec:4d:
57:1a:e6:36:a8:e6:09:80:9f:81:4e:97:0d:7f:97:
e3:2f:21:04:9c:bc:6b:26:e2:3e:d8:60:03:34:86:
6d:55:83:b0:8d:fd:80:1d:15:d8:e9:89:19:04:c3:
c6:7d:78:cd:aa:20:56:c1:02:88:d7:0a:27:43:fd:
71:d5:53:f6:b0:58:24:ae:dc:09:73:4c:c1:07:d6:
58:55:2f:ee:74:34:1e:1c:5c:0c:fc:ff:a6:95:0c:
04:4e:8a:ff:41:2d:49:6b:dd:8e:9b:9f:0e:fd:c4:
53:36:73:6d:88:60:e8:22:79:f4:14:52:c1:4c:66:
12:cc:71:e4:66:77:42:43:27:5b:38:3d:8e:5d:fa:
c9:f5:65:23:de:29:5f:91:9e:6e:12:38:e2:1a:3d:
a2:fa:a5:3f:5b:d8:f8:f6:89:df:37:76:ec:bb:76:
f2:e2:0a:c8:59:5b:ea:a2:ce:6e:04:8d:33:ab:2a:
ea:36:78:88:54:6c:3c:c0:ba:0f:7b:49:f0:a9:5f:
17:61:5f:a2:e5:1b:de:77:05:02:98:c8:ec:53:3f:
63:66:b9:b3:d7:e7:bf:9c:74:80:dc:eb:c6:83:53:
6f:9d:b1:10:c4:1e:b5:c9:62:05:df:1e:01:62:0a:
54:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:05:49:D9:6D:39:F2:37:9C:C5:43:31:69:0A:E6:92:C7:A4:A6:04
X509v3 Authority Key Identifier:
keyid:01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/LAVJ2W058jecxUMxaQrmksekpgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.16.0/22
185.38.192.0/23
Signature Algorithm: sha256WithRSAEncryption
95:cf:fc:1c:7a:af:45:0f:49:15:a0:19:db:95:76:ef:48:75:
e3:06:52:af:12:ed:81:5d:04:77:35:80:62:56:32:36:2b:5f:
c1:a3:0d:46:c8:1d:ca:34:ce:93:5d:8b:2e:e4:c5:86:cd:f7:
7c:99:fe:e9:d2:23:cd:74:47:2c:47:ba:6b:b4:23:e2:4e:68:
92:a0:0f:89:ec:a4:73:36:0b:fd:38:e3:04:a9:0a:4d:ef:89:
08:eb:e9:90:37:d6:bf:f3:db:d6:c9:5b:0b:5a:d2:0d:96:65:
55:12:cb:ab:5c:22:cf:31:a7:96:51:f9:ff:4f:b2:57:42:df:
83:32:4c:c8:86:46:6e:14:a8:c7:f8:f6:ee:63:65:6f:af:51:
1d:c4:2d:c1:36:ef:c6:99:3e:5b:c8:08:72:1a:1f:42:6b:35:
1e:cc:52:e8:07:df:1c:2f:d3:01:cf:e6:7a:cd:77:75:ae:2b:
c1:73:c2:4d:72:42:05:11:e5:23:f1:fb:54:03:32:fa:ad:27:
6d:fb:df:2e:f4:20:7f:3c:bb:d2:ed:b3:ba:19:6d:88:f2:9b:
63:37:a0:4f:ec:31:90:d7:9d:b6:8e:c4:7c:72:f1:98:bf:eb:
56:f0:da:bb:d5:bf:a0:62:c1:91:33:cb:cb:7e:3c:c7:74:ae:
e7:c9:25:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVv1PRm4d2G7DQJCEnQnVW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTI3NTY2YTVhYzQxZTY2YjRjNzUzN2E2MGZkY2JiZmFi
MzlhMTcwHhcNMjMwMTAyMDAxNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA1NDlkOTZkMzlmMjM3OWNjNTQzMzE2OTBhZTY5MmM3YTRhNjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuC4Die2CDOfXR6R7E1XGuY2qOYJ
gJ+BTpcNf5fjLyEEnLxrJuI+2GADNIZtVYOwjf2AHRXY6YkZBMPGfXjNqiBWwQKI
1wonQ/1x1VP2sFgkrtwJc0zBB9ZYVS/udDQeHFwM/P+mlQwETor/QS1Ja92Om58O
/cRTNnNtiGDoInn0FFLBTGYSzHHkZndCQydbOD2OXfrJ9WUj3ilfkZ5uEjjiGj2i
+qU/W9j49onfN3bsu3by4grIWVvqos5uBI0zqyrqNniIVGw8wLoPe0nwqV8XYV+i
5RvedwUCmMjsUz9jZrmz1+e/nHSA3OvGg1NvnbEQxB61yWIF3x4BYgpUNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCwFSdltOfI3nMVDMWkK5pLHpKYEMB8GA1UdIwQY
MBaAFAESdWalrEHma0x1N6YP3Lv6s5oXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2It
MWJlYWM3NDQwMjYyLzEvTEFWSjJXMDU4amVjeFVNeGFRcm1rc2VrcGdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2ItMWJlYWM3NDQwMjYy
LzEvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNYQAwQB
uSbAMA0GCSqGSIb3DQEBCwUAA4IBAQCVz/wceq9FD0kVoBnblXbvSHXjBlKvEu2B
XQR3NYBiVjI2K1/Bow1GyB3KNM6TXYsu5MWGzfd8mf7p0iPNdEcsR7prtCPiTmiS
oA+J7KRzNgv9OOMEqQpN74kI6+mQN9a/89vWyVsLWtINlmVVEsurXCLPMaeWUfn/
T7JXQt+DMkzIhkZuFKjH+PbuY2Vvr1EdxC3BNu/GmT5byAhyGh9CazUezFLoB98c
L9MBz+Z6zXd1rivBc8JNckIFEeUj8ftUAzL6rSdt+98u9CB/PLvS7bO6GW2I8ptj
N6BP7DGQ1522jsR8cvGYv+tW8Nq71b+gYsGRM8vLfjzHdK7nySV4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:30 2025 by rpki-client