Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/Lq_D5K9jP4PvdvZMyEWfdK-D_8I.roa
File: Lq_D5K9jP4PvdvZMyEWfdK-D_8I.roa (raw, json)
Hash identifier: Fg0aAfsMgPAuhMuwx2h5XnEAIaW8Jq2Cll17+OFsyuc=
Subject key identifier: 2E:AF:C3:E4:AF:63:3F:83:EF:76:F6:4C:C8:45:9F:74:AF:83:FF:C2
Certificate issuer: /CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Certificate serial: 0794F5E0
Authority key identifier: 4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/Lq_D5K9jP4PvdvZMyEWfdK-D_8I.roa
Signing time: Sat 01 Jan 2022 16:05:01 +0000
ROA not before: Sat 01 Jan 2022 16:05:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24995
IP address blocks: 185.194.188.0/22 maxlen: 24
193.201.60.0/22 maxlen: 24
94.199.160.0/22 maxlen: 22
94.199.160.0/21 maxlen: 24
2a02:680::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127202784 (0x794f5e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c911324e869bc4ca5ec8bad0d3ddff685441979
Validity
Not Before: Jan 1 16:05:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2eafc3e4af633f83ef76f64cc8459f74af83ffc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:91:e5:86:b3:08:ad:72:0d:6c:be:91:c0:
72:6d:a6:65:55:c5:21:95:45:58:50:89:d2:2e:ab:
ba:88:a2:73:92:1c:9f:31:6e:85:66:10:98:23:55:
f7:8e:27:46:94:2d:66:b7:13:b7:9f:35:52:ae:42:
1d:5d:59:47:ac:96:e7:3f:5f:e9:e4:2d:d3:2b:0d:
df:e4:e2:86:f0:40:47:86:cc:8e:3b:36:d6:14:77:
94:1f:c3:65:1f:9a:72:f1:4f:a5:54:4f:dd:03:c5:
c5:6e:37:21:0c:a3:95:44:53:c9:93:6b:39:78:22:
b5:04:d6:89:80:23:a8:1a:e5:c7:d9:47:46:8b:75:
0e:a6:52:a6:da:88:a2:8a:97:93:ac:aa:1b:52:49:
54:bd:74:e6:ff:7a:33:7d:97:83:5d:0c:c1:e2:54:
b2:10:a1:cd:98:ea:7d:88:91:e1:68:69:24:86:86:
60:c3:ca:66:bd:b8:37:ee:73:fb:85:07:39:82:ba:
0b:f6:37:fb:3f:64:8a:1a:81:a8:39:b4:36:85:38:
61:e6:4c:85:78:22:1b:2c:a2:94:48:c0:a3:79:fa:
00:6d:a4:f2:c9:e2:a4:2a:1d:8f:ac:f9:aa:da:20:
59:a6:91:ff:5d:0b:c1:d4:03:d3:95:c1:cc:9e:b6:
1c:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AF:C3:E4:AF:63:3F:83:EF:76:F6:4C:C8:45:9F:74:AF:83:FF:C2
X509v3 Authority Key Identifier:
keyid:4C:91:13:24:E8:69:BC:4C:A5:EC:8B:AD:0D:3D:DF:F6:85:44:19:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJETJOhpvEyl7IutDT3f9oVEGXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/Lq_D5K9jP4PvdvZMyEWfdK-D_8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/2b38b3-12f1-4242-adae-b7d1cac51e0c/1/TJETJOhpvEyl7IutDT3f9oVEGXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.160.0/21
185.194.188.0/22
193.201.60.0/22
IPv6:
2a02:680::/36
Signature Algorithm: sha256WithRSAEncryption
71:83:e2:9e:04:e2:0a:17:f6:2d:07:48:70:3e:1e:2d:8c:be:
38:33:09:b3:33:79:c0:58:6c:56:7c:8c:e4:d6:3e:19:ce:7b:
7b:f1:20:53:8f:8b:47:bc:45:61:7a:3c:38:06:f6:fe:a3:0a:
7e:86:bd:93:da:bb:d3:b4:82:48:fa:67:45:4c:3e:c6:e2:c3:
19:65:87:f7:94:02:23:86:c6:90:ad:dd:e6:4c:8e:dd:a7:aa:
77:50:61:d5:53:ce:d6:7e:4b:88:ca:1a:51:4a:ed:38:37:bb:
8d:55:a9:fb:07:8c:2f:08:f6:cd:c7:fb:28:0c:62:fd:6e:b5:
c5:ff:78:f6:61:f8:96:75:bf:79:85:e0:25:96:67:22:67:e2:
1c:69:8b:2c:9e:ae:3b:49:c1:eb:d3:59:b5:ab:9e:4d:f2:4d:
4a:df:90:ba:9e:b7:07:4d:bc:73:3d:95:eb:32:57:54:9a:39:
49:bf:dc:ce:5e:37:b3:11:0b:15:53:f4:40:b4:dc:41:c2:bf:
af:b2:dc:17:ef:46:9c:4e:24:2b:37:95:ef:04:ec:2f:3b:18:
ea:39:c7:56:d1:36:d1:66:af:f8:27:20:52:92:7c:17:b0:71:
45:ad:14:01:67:af:ba:74:a1:01:c5:ed:77:df:5a:81:db:ad:
b7:69:37:a7
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEB5T14DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
YzkxMTMyNGU4NjliYzRjYTVlYzhiYWQwZDNkZGZmNjg1NDQxOTc5MB4XDTIyMDEw
MTE2MDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVhZmMzZTRhZjYz
M2Y4M2VmNzZmNjRjYzg0NTlmNzRhZjgzZmZjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKvokeWGswitcg1svpHAcm2mZVXFIZVFWFCJ0i6ruoiic5Ic
nzFuhWYQmCNV944nRpQtZrcTt581Uq5CHV1ZR6yW5z9f6eQt0ysN3+TihvBAR4bM
jjs21hR3lB/DZR+acvFPpVRP3QPFxW43IQyjlURTyZNrOXgitQTWiYAjqBrlx9lH
Rot1DqZSptqIooqXk6yqG1JJVL105v96M32Xg10MweJUshChzZjqfYiR4WhpJIaG
YMPKZr24N+5z+4UHOYK6C/Y3+z9kihqBqDm0NoU4YeZMhXgiGyyilEjAo3n6AG2k
8snipCodj6z5qtogWaaR/10LwdQD05XBzJ62HPsCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQur8Pkr2M/g+929kzIRZ90r4P/wjAfBgNVHSMEGDAWgBRMkRMk6Gm8TKXs
i60NPd/2hUQZeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RKRVRKT2hwdkV5bDdJdXREVDNmOW9WRUdYay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzkvMmIzOGIzLTEyZjEtNDI0Mi1hZGFlLWI3ZDFjYWM1MWUwYy8x
L0xxX0Q1SzlqUDRQdmR2Wk15RVdmZEstRF84SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzkv
MmIzOGIzLTEyZjEtNDI0Mi1hZGFlLWI3ZDFjYWM1MWUwYy8xL1RKRVRKT2hwdkV5
bDdJdXREVDNmOW9WRUdYay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEA17HoAMEArnCvAMEAsHJPDAOBAIA
AjAIAwYEKgIGgAAwDQYJKoZIhvcNAQELBQADggEBAHGD4p4E4goX9i0HSHA+Hi2M
vjgzCbMzecBYbFZ8jOTWPhnOe3vxIFOPi0e8RWF6PDgG9v6jCn6GvZPau9O0gkj6
Z0VMPsbiwxllh/eUAiOGxpCt3eZMjt2nqndQYdVTztZ+S4jKGlFK7Tg3u41VqfsH
jC8I9s3H+ygMYv1utcX/ePZh+JZ1v3mF4CWWZyJn4hxpiyyerjtJwevTWbWrnk3y
TUrfkLqetwdNvHM9lesyV1SaOUm/3M5eN7MRCxVT9EC03EHCv6+y3BfvRpxOJCs3
le8E7C87GOo5x1bRNtFmr/gnIFKSfBewcUWtFAFnr7p0oQHF7XffWoHbrbdpN6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org