Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa
File: lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa (raw, json)
Hash identifier: uzRCKbzCKbkNkJahYevezekrNov02J6xB3qbJBJNLAQ=
Subject key identifier: 94:DF:8E:14:3F:23:90:5A:8D:FB:1F:57:0E:E2:B8:C2:D2:24:04:B8
Certificate issuer: /CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Certificate serial: 012B98F5
Authority key identifier: 2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa
Signing time: Sat 01 Jan 2022 06:05:13 +0000
ROA not before: Sat 01 Jan 2022 06:05:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50056
IP address blocks: 94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19634421 (0x12b98f5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d119754fc14ffe7968a6516bd49bdb25633b887
Validity
Not Before: Jan 1 06:05:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94df8e143f23905a8dfb1f570ee2b8c2d22404b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:7f:9a:e2:71:5a:e4:78:85:57:2d:b9:e0:
21:e0:21:3d:92:da:42:29:e3:0b:c2:1b:75:a2:4a:
06:4d:b5:97:5f:09:71:45:58:2b:44:3f:40:14:7a:
56:48:17:aa:1a:6b:16:09:c0:df:0f:44:1e:ae:57:
e7:46:e5:4f:ba:0b:d3:de:88:03:d1:89:0a:58:c9:
82:fe:db:c6:39:12:98:35:e0:e0:7d:90:76:4b:35:
ce:b1:54:bc:df:bc:aa:b1:83:ca:8a:f0:02:2f:fd:
3e:83:ae:bd:06:5a:8a:67:e3:8e:f5:d7:23:16:08:
1e:ce:75:85:71:1a:23:42:75:74:5f:72:7f:39:05:
32:98:34:c7:9d:15:f7:1c:63:7e:ba:98:30:e9:9b:
ac:cc:4c:a0:d5:aa:b8:4d:d3:84:80:68:de:c6:28:
db:59:e4:0c:c0:86:86:b0:19:9e:75:19:a4:ae:cb:
51:a7:57:a0:c4:b1:ea:e9:26:e4:dd:c2:4b:1f:1f:
61:e9:d9:c8:86:d4:47:57:16:7f:4d:cc:8a:1d:f4:
4b:7d:80:1b:3f:cf:8f:72:a5:2c:71:5f:19:b0:45:
67:0a:93:78:25:1e:e0:0b:57:fa:c0:da:7b:f6:39:
dd:1f:a7:8a:62:4d:f5:87:e4:43:a5:fd:57:c3:2a:
22:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DF:8E:14:3F:23:90:5A:8D:FB:1F:57:0E:E2:B8:C2:D2:24:04:B8
X509v3 Authority Key Identifier:
keyid:2D:11:97:54:FC:14:FF:E7:96:8A:65:16:BD:49:BD:B2:56:33:B8:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRGXVPwU_-eWimUWvUm9slYzuIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/lN-OFD8jkFqN-x9XDuK4wtIkBLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0771e1-39af-4353-947f-01facc747c24/1/LRGXVPwU_-eWimUWvUm9slYzuIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.28.67.0-31.28.68.255
31.28.80.0-31.28.86.255
94.126.43.0/24
94.126.47.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:98:c3:5e:1f:82:cf:1f:c1:f6:f4:07:8f:5b:1b:60:a6:cf:
24:5d:6f:56:27:b5:7b:0e:0e:9d:6e:72:f5:c3:5b:65:fe:28:
27:ea:15:2d:0d:0c:ce:dd:0e:b6:26:95:29:cc:b8:1e:ac:d4:
e7:d8:24:69:7d:0f:46:73:8b:87:4f:64:a2:fd:68:bf:fb:c8:
4a:f6:d9:81:19:9e:7c:e6:9f:d8:a8:4e:34:6c:06:e3:b9:89:
9d:ee:e4:99:7f:67:b7:37:dc:0e:64:2c:b5:1e:27:32:74:ff:
a7:7a:ae:d5:5a:72:9c:ef:31:59:33:21:46:9a:1c:41:5c:53:
b5:7c:5d:57:0f:1e:2e:fc:6a:08:ae:61:17:97:ff:d3:fc:0c:
ed:43:b3:13:50:86:17:bd:3e:43:6d:1e:4e:3f:94:b7:bf:f7:
be:2f:a4:24:25:85:15:5a:40:3f:1d:b4:ad:0d:e4:d5:31:c4:
d4:26:3a:b4:dc:0e:eb:bb:fd:5e:9b:c5:4c:cd:73:48:63:b2:
b2:e3:69:c8:34:a2:a7:3c:2e:9b:ce:4a:c5:9d:e3:39:0c:99:
e6:0f:a8:be:c0:e1:20:66:8c:81:65:46:83:27:8d:a7:82:67:
46:1b:cb:a1:57:b8:71:5e:f1:69:cd:b3:05:1a:c1:e6:90:b1:
c1:ea:95:8f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEASuY9TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDExOTc1NGZjMTRmZmU3OTY4YTY1MTZiZDQ5YmRiMjU2MzNiODg3MB4XDTIyMDEw
MTA2MDUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRkZjhlMTQzZjIz
OTA1YThkZmIxZjU3MGVlMmI4YzJkMjI0MDRiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMDHf5ricVrkeIVXLbngIeAhPZLaQinjC8IbdaJKBk21l18J
cUVYK0Q/QBR6VkgXqhprFgnA3w9EHq5X50blT7oL096IA9GJCljJgv7bxjkSmDXg
4H2Qdks1zrFUvN+8qrGDyorwAi/9PoOuvQZaimfjjvXXIxYIHs51hXEaI0J1dF9y
fzkFMpg0x50V9xxjfrqYMOmbrMxMoNWquE3ThIBo3sYo21nkDMCGhrAZnnUZpK7L
UadXoMSx6ukm5N3CSx8fYenZyIbUR1cWf03Mih30S32AGz/Pj3KlLHFfGbBFZwqT
eCUe4AtX+sDae/Y53R+nimJN9YfkQ6X9V8MqIv0CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSU344UPyOQWo37H1cO4rjC0iQEuDAfBgNVHSMEGDAWgBQtEZdU/BT/55aK
ZRa9Sb2yVjO4hzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSR1hWUHdVXy1lV2ltVVd2VW05c2xZenVJYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzUvMDc3MWUxLTM5YWYtNDM1My05NDdmLTAxZmFjYzc0N2MyNC8x
L2xOLU9GRDhqa0ZxTi14OVhEdUs0d3RJa0JMZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzUv
MDc3MWUxLTM5YWYtNDM1My05NDdmLTAxZmFjYzc0N2MyNC8xL0xSR1hWUHdVXy1l
V2ltVVd2VW05c2xZenVJYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQAHxxDAwQAHxxEMAwDBAQfHFAD
BAAfHFYDBABefisDBABefi8wDQYJKoZIhvcNAQELBQADggEBAD2Yw14fgs8fwfb0
B49bG2CmzyRdb1YntXsODp1ucvXDW2X+KCfqFS0NDM7dDrYmlSnMuB6s1OfYJGl9
D0Zzi4dPZKL9aL/7yEr22YEZnnzmn9ioTjRsBuO5iZ3u5Jl/Z7c33A5kLLUeJzJ0
/6d6rtVacpzvMVkzIUaaHEFcU7V8XVcPHi78agiuYReX/9P8DO1DsxNQhhe9PkNt
Hk4/lLe/974vpCQlhRVaQD8dtK0N5NUxxNQmOrTcDuu7/V6bxUzNc0hjsrLjacg0
oqc8LpvOSsWd4zkMmeYPqL7A4SBmjIFlRoMnjaeCZ0Yby6FXuHFe8WnNswUaweaQ
scHqlY8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:28 2024 by rpki-client on console-ams.rpki-client.org