Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/lAsvtN-6OigMPC8boq8xRN9i778.roa
File: lAsvtN-6OigMPC8boq8xRN9i778.roa (raw, json)
Hash identifier: WfbWpXamx3V5Mhibt4rkqwO+0U3uz3LVKJXlhiKoiaU=
Subject key identifier: 94:0B:2F:B4:DF:BA:3A:28:0C:3C:2F:1B:A2:AF:31:44:DF:62:EF:BF
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 07842F96
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/lAsvtN-6OigMPC8boq8xRN9i778.roa
Signing time: Wed 20 Apr 2022 06:28:00 +0000
ROA not before: Wed 20 Apr 2022 06:28:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 194.15.96.0/22 maxlen: 24
188.209.128.0/20 maxlen: 24
45.11.190.0/23 maxlen: 24
185.83.200.0/22 maxlen: 24
45.154.156.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126103446 (0x7842f96)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Apr 20 06:28:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=940b2fb4dfba3a280c3c2f1ba2af3144df62efbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f4:da:df:8e:1c:16:04:ae:b1:ad:36:79:e0:
de:06:1e:98:15:c9:74:bf:24:e2:44:5f:12:c6:7b:
70:d0:af:0e:cd:54:44:34:5f:2e:94:dc:35:9a:00:
90:e3:67:25:8c:ae:78:2b:72:94:db:a6:eb:7c:c8:
f9:70:1c:fe:71:bc:ce:e9:a8:96:cf:36:1b:5b:8a:
d7:4d:05:cf:8a:14:0d:08:ea:94:eb:c5:57:a5:62:
c1:83:60:d4:e1:f2:a2:ae:4d:bd:68:18:f6:93:e0:
5b:4a:2b:cb:fb:da:38:75:5d:d4:f7:4b:1c:54:eb:
e0:e2:b3:30:9b:b7:ba:fd:88:a7:0a:7e:81:5c:45:
d4:51:99:d9:e3:d8:a6:e5:11:1b:87:d2:f8:9f:5f:
f3:0b:41:35:0c:4d:bc:d3:ea:74:2e:cc:e6:b8:a5:
90:6d:a4:29:10:3d:58:25:4d:fc:dd:3e:81:d6:1e:
2a:05:76:83:27:f4:17:31:36:39:3f:2b:5b:ba:b1:
ee:19:dd:96:8a:b4:25:64:a5:fd:d2:c8:26:f4:f7:
1a:76:cd:b0:8d:f7:5b:bc:a9:38:41:b8:bd:7b:c2:
f1:33:22:44:3b:7f:08:80:3f:7a:bf:aa:47:a9:3c:
18:d3:a6:af:4b:5a:7a:3f:2f:9e:68:79:a4:f8:36:
49:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0B:2F:B4:DF:BA:3A:28:0C:3C:2F:1B:A2:AF:31:44:DF:62:EF:BF
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/lAsvtN-6OigMPC8boq8xRN9i778.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.190.0/23
45.154.156.0/22
185.83.200.0/22
188.209.128.0/20
194.15.96.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:84:f6:0a:c7:e9:2b:d6:4e:c5:3f:91:02:41:c8:32:0a:d1:
43:be:20:87:ea:3c:66:8b:d9:9c:8e:84:35:cc:a7:ab:70:d8:
6e:c6:1d:bc:ad:ab:93:6a:88:4b:c2:ec:48:35:c0:a9:40:b8:
cf:51:b6:3f:9b:56:2a:ab:bb:40:b5:0e:e2:12:8e:42:58:2e:
c4:0d:4b:20:a4:74:6d:25:53:b5:aa:e9:2d:e4:28:f9:af:75:
98:a3:a9:71:f3:a1:f5:44:55:37:47:48:ed:cf:ba:1d:09:e6:
5f:c3:4b:22:86:ea:c3:6a:12:aa:6a:b4:a4:d6:ea:be:c3:20:
78:d3:47:b0:b8:cc:56:0b:16:21:fd:5f:d3:aa:63:58:a1:b3:
70:12:d3:ae:dc:34:42:99:2d:9d:2c:14:17:9c:6d:10:0e:bf:
4a:2a:57:e5:b2:6d:29:b9:d3:3a:00:ca:b2:b2:41:7f:a6:3f:
69:a7:f4:11:ba:56:e3:44:e8:81:64:89:3f:fe:33:a6:b3:f1:
24:14:50:0b:ab:8d:d4:15:0a:99:ee:f2:ea:e6:c9:2e:9e:9d:
d8:c3:d0:76:f5:d0:c8:ed:4f:5e:e7:8b:4c:1f:40:8a:46:45:
27:ed:95:8d:0b:35:a4:00:70:75:07:65:00:ed:96:fd:9f:43:
8d:b0:a4:97
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEB4QvljANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OTNkYTIwMTk5MDlkOWZjMzc4MjlmZDllYzI5ZDk0OGVjZmY3YzkyMB4XDTIyMDQy
MDA2MjgwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwYjJmYjRkZmJh
M2EyODBjM2MyZjFiYTJhZjMxNDRkZjYyZWZiZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMT02t+OHBYErrGtNnng3gYemBXJdL8k4kRfEsZ7cNCvDs1U
RDRfLpTcNZoAkONnJYyueCtylNum63zI+XAc/nG8zumols82G1uK100Fz4oUDQjq
lOvFV6ViwYNg1OHyoq5NvWgY9pPgW0ory/vaOHVd1PdLHFTr4OKzMJu3uv2Ipwp+
gVxF1FGZ2ePYpuURG4fS+J9f8wtBNQxNvNPqdC7M5rilkG2kKRA9WCVN/N0+gdYe
KgV2gyf0FzE2OT8rW7qx7hndloq0JWSl/dLIJvT3GnbNsI33W7ypOEG4vXvC8TMi
RDt/CIA/er+qR6k8GNOmr0taej8vnmh5pPg2SbECAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSUCy+037o6KAw8LxuirzFE32LvvzAfBgNVHSMEGDAWgBTZPaIBmQnZ/DeC
n9nsKdlI7P98kjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJUMmlBWmtKMmZ3M2dwX1o3Q25aU096X2ZKSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8x
L2xBc3Z0Ti02T2lnTVBDOGJvcTh4Uk45aTc3OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NDdhZmEzLWNlMzEtNDA2MC1hMDc4LWY1YWRkZGRmMWVjNS8xLzJUMmlBWmtKMmZ3
M2dwX1o3Q25aU096X2ZKSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAS0LvgMEAi2anAMEArlTyAMEBLzR
gAMEAsIPYDANBgkqhkiG9w0BAQsFAAOCAQEAW4T2CsfpK9ZOxT+RAkHIMgrRQ74g
h+o8ZovZnI6ENcynq3DYbsYdvK2rk2qIS8LsSDXAqUC4z1G2P5tWKqu7QLUO4hKO
QlguxA1LIKR0bSVTtarpLeQo+a91mKOpcfOh9URVN0dI7c+6HQnmX8NLIobqw2oS
qmq0pNbqvsMgeNNHsLjMVgsWIf1f06pjWKGzcBLTrtw0QpktnSwUF5xtEA6/SipX
5bJtKbnTOgDKsrJBf6Y/aaf0EbpW40TogWSJP/4zprPxJBRQC6uN1BUKme7y6ubJ
Lp6d2MPQdvXQyO1PXueLTB9AikZFJ+2VjQs1pABwdQdlAO2W/Z9DjbCklw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:59 2023 by rpki-client on console-ams.rpki-client.org