Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/LVpJoa5uOln4r8o3FfOQjRPoZw0.roa
File: LVpJoa5uOln4r8o3FfOQjRPoZw0.roa (raw, json)
Hash identifier: X0IrS7dpB7R3k2EMOCPVCzYffReIuBIu3fMwE0GurnU=
Subject key identifier: 2D:5A:49:A1:AE:6E:3A:59:F8:AF:CA:37:15:F3:90:8D:13:E8:67:0D
Certificate issuer: /CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Certificate serial: 02E55386
Authority key identifier: 83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/LVpJoa5uOln4r8o3FfOQjRPoZw0.roa
Signing time: Wed 16 Mar 2022 19:02:56 +0000
ROA not before: Wed 16 Mar 2022 19:02:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 80.242.96.0/22 maxlen: 22
80.242.104.0/22 maxlen: 22
80.242.100.0/22 maxlen: 22
80.242.108.0/22 maxlen: 22
31.3.24.0/22 maxlen: 22
31.3.28.0/22 maxlen: 22
185.14.16.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48583558 (0x2e55386)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83bf36eb18ef9a57c5fb603ada400fe6b6688e6e
Validity
Not Before: Mar 16 19:02:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d5a49a1ae6e3a59f8afca3715f3908d13e8670d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0e:cb:7b:23:4b:2d:60:4e:15:78:e4:11:da:
ad:be:dd:0f:9d:e7:2f:63:bc:65:47:90:e2:68:84:
c5:3e:e1:15:c0:ec:49:76:34:55:be:c8:38:16:8b:
89:35:e8:73:4f:d1:d4:f2:7b:33:a8:09:e4:b6:be:
38:ea:a2:72:3f:a9:02:ea:7f:83:1f:fc:8a:82:46:
ff:03:f8:61:de:c9:4d:b3:13:03:d3:b7:14:c3:f6:
e3:b0:c5:76:b7:40:68:f7:f5:8d:cc:92:73:29:1a:
74:b0:a8:c8:d7:c5:88:f8:6b:40:01:d1:41:41:97:
34:72:68:05:68:28:6a:90:bf:c5:15:27:5e:6d:c3:
bb:50:ee:36:6a:38:a0:d1:94:0e:83:15:74:f4:4f:
af:7f:0e:d3:35:6a:0d:0f:a7:f1:d9:72:79:0c:20:
e8:b0:55:a5:83:ec:f1:11:e2:19:69:7b:76:7f:00:
ef:44:3d:d8:07:77:29:9c:51:ac:4e:ca:d2:98:48:
b4:ea:7a:47:fa:85:e1:6b:e2:86:a4:59:15:d6:16:
32:d4:f5:19:63:00:b5:32:c8:48:f5:75:2b:09:c5:
89:f4:9d:0f:6c:45:6e:0f:0a:34:7a:ab:28:0f:df:
c7:37:75:4d:f6:a6:f5:fa:10:fe:ee:52:32:f3:41:
9b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:5A:49:A1:AE:6E:3A:59:F8:AF:CA:37:15:F3:90:8D:13:E8:67:0D
X509v3 Authority Key Identifier:
keyid:83:BF:36:EB:18:EF:9A:57:C5:FB:60:3A:DA:40:0F:E6:B6:68:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g7826xjvmlfF-2A62kAP5rZojm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/LVpJoa5uOln4r8o3FfOQjRPoZw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77d51-ee1c-47a9-90bc-e0d2a1b6e8ac/1/g7826xjvmlfF-2A62kAP5rZojm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.24.0/21
80.242.96.0/20
185.14.16.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:15:63:af:0b:6b:9f:bf:e4:97:a1:24:87:37:53:01:a8:ae:
df:9a:bc:81:31:aa:9d:d8:bf:2b:4d:54:92:fa:a5:72:fb:69:
2e:2d:0b:e9:84:3b:c6:58:b9:00:64:b6:f2:7a:36:47:25:a9:
54:11:05:d0:60:2d:75:f2:47:70:2b:41:17:d5:20:4f:44:0a:
78:66:4a:29:ec:be:19:e5:7e:e7:75:95:b0:d2:ad:ee:74:6f:
ea:b2:52:90:14:bb:6e:32:a8:89:c6:4f:dc:5d:af:91:a4:83:
81:60:a1:4e:ec:1c:d4:3a:ca:1f:83:58:2b:b4:12:82:84:d6:
2d:9a:88:0c:33:ac:b7:18:10:11:23:fa:77:5d:a1:de:47:ae:
67:da:06:90:71:e7:bf:50:f2:4a:7b:26:1b:2b:fd:58:b0:b2:
7e:86:85:ae:6c:f6:c7:40:70:82:3e:6a:22:68:35:ed:f9:ab:
fd:ac:27:0d:32:9c:5b:ae:07:19:47:23:9d:76:52:5a:1c:8e:
af:e7:82:e3:71:2d:ac:92:d8:e3:50:7a:e1:bb:a0:48:15:0f:
86:43:44:da:8e:6f:c4:7b:a3:55:1f:c7:20:6b:a8:6c:7c:9e:
c6:45:3b:2d:40:cb:90:70:4a:86:cf:46:86:dc:89:7e:9e:b3:
95:6e:12:e4
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAuVThjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
M2JmMzZlYjE4ZWY5YTU3YzVmYjYwM2FkYTQwMGZlNmI2Njg4ZTZlMB4XDTIyMDMx
NjE5MDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ1YTQ5YTFhZTZl
M2E1OWY4YWZjYTM3MTVmMzkwOGQxM2U4NjcwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL8Oy3sjSy1gThV45BHarb7dD53nL2O8ZUeQ4miExT7hFcDs
SXY0Vb7IOBaLiTXoc0/R1PJ7M6gJ5La+OOqicj+pAup/gx/8ioJG/wP4Yd7JTbMT
A9O3FMP247DFdrdAaPf1jcyScykadLCoyNfFiPhrQAHRQUGXNHJoBWgoapC/xRUn
Xm3Du1DuNmo4oNGUDoMVdPRPr38O0zVqDQ+n8dlyeQwg6LBVpYPs8RHiGWl7dn8A
70Q92Ad3KZxRrE7K0phItOp6R/qF4WvihqRZFdYWMtT1GWMAtTLISPV1KwnFifSd
D2xFbg8KNHqrKA/fxzd1Tfam9foQ/u5SMvNBm0cCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQtWkmhrm46WfivyjcV85CNE+hnDTAfBgNVHSMEGDAWgBSDvzbrGO+aV8X7
YDraQA/mtmiObjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2c3ODI2eGp2bWxmRi0yQTYya0FQNXJab2ptNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvZjc3ZDUxLWVlMWMtNDdhOS05MGJjLWUwZDJhMWI2ZThhYy8x
L0xWcEpvYTV1T2xuNHI4bzNGZk9RalJQb1p3MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
Zjc3ZDUxLWVlMWMtNDdhOS05MGJjLWUwZDJhMWI2ZThhYy8xL2c3ODI2eGp2bWxm
Ri0yQTYya0FQNXJab2ptNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAx8DGAMEBFDyYAMEArkOEDANBgkq
hkiG9w0BAQsFAAOCAQEACxVjrwtrn7/kl6EkhzdTAaiu35q8gTGqndi/K01Ukvql
cvtpLi0L6YQ7xli5AGS28no2RyWpVBEF0GAtdfJHcCtBF9UgT0QKeGZKKey+GeV+
53WVsNKt7nRv6rJSkBS7bjKoicZP3F2vkaSDgWChTuwc1DrKH4NYK7QSgoTWLZqI
DDOstxgQESP6d12h3keuZ9oGkHHnv1DySnsmGyv9WLCyfoaFrmz2x0Bwgj5qImg1
7fmr/awnDTKcW64HGUcjnXZSWhyOr+eC43EtrJLY41B64bugSBUPhkNE2o5vxHuj
VR/HIGuobHyexkU7LUDLkHBKhs9GhtyJfp6zlW4S5A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:01 2024 by rpki-client on console-ams.rpki-client.org