Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/LHvUgVtbsE9evm8xLIhIUuwmezc.roa
File: LHvUgVtbsE9evm8xLIhIUuwmezc.roa (raw, json)
Hash identifier: pMRx4GtUW8treIhiKas22tlYZ6P7qA/SCb05mCdVgp0=
Subject key identifier: 2C:7B:D4:81:5B:5B:B0:4F:5E:BE:6F:31:2C:88:48:52:EC:26:7B:37
Certificate issuer: /CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Certificate serial: 05CCEDDA
Authority key identifier: 8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/LHvUgVtbsE9evm8xLIhIUuwmezc.roa
Signing time: Sat 01 Jan 2022 09:59:35 +0000
ROA not before: Sat 01 Jan 2022 09:59:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207198
IP address blocks: 213.194.192.0/20 maxlen: 20
185.163.40.0/22 maxlen: 22
213.194.208.0/22 maxlen: 22
2a0a:a800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97316314 (0x5ccedda)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a3fe0b9c630a33e171a0a5c793f340b43446932
Validity
Not Before: Jan 1 09:59:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c7bd4815b5bb04f5ebe6f312c884852ec267b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:78:cf:19:89:af:b6:d3:20:d8:d8:10:d8:c4:
4b:36:9e:04:d2:3a:1c:fe:29:7f:18:c3:bd:9c:a2:
93:c7:e1:55:d0:57:3a:69:f2:b3:17:9d:c8:49:17:
b7:b5:3b:7b:15:a1:85:72:29:81:7c:db:af:99:e2:
10:c2:70:1a:92:99:3b:24:21:84:2e:6a:63:78:57:
7e:ea:b1:22:25:7c:a7:36:2f:29:8d:95:7f:5c:88:
00:ff:68:06:70:a6:97:92:4f:cf:72:1c:21:73:26:
94:39:49:6b:66:d8:a6:0d:25:28:c5:27:60:cb:30:
5e:77:02:1a:e3:58:7f:06:f9:a4:cf:29:ab:5b:36:
e7:c3:1a:71:32:b8:0a:c4:00:1e:a0:53:61:08:dc:
ea:d6:3d:eb:95:94:1b:f1:5f:9d:cf:bd:ef:ca:99:
ce:b6:6a:7b:1b:a3:53:cd:44:4a:65:9b:66:f0:3b:
c5:0a:64:86:10:84:cf:31:70:ce:3f:5a:5d:14:02:
70:90:28:a6:b7:bc:6f:a2:72:da:54:51:55:6d:4d:
98:dd:68:0d:50:fe:be:c3:a1:de:75:f7:68:d6:5b:
99:f2:a3:74:f5:f7:c5:06:d9:65:d8:30:e0:44:8c:
84:f3:b3:d4:69:dd:d9:02:cd:d0:d4:c6:91:44:e9:
b0:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:7B:D4:81:5B:5B:B0:4F:5E:BE:6F:31:2C:88:48:52:EC:26:7B:37
X509v3 Authority Key Identifier:
keyid:8A:3F:E0:B9:C6:30:A3:3E:17:1A:0A:5C:79:3F:34:0B:43:44:69:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ij_gucYwoz4XGgpceT80C0NEaTI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/LHvUgVtbsE9evm8xLIhIUuwmezc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/f39a49-59ea-4c4f-98fc-53aab42f476e/1/ij_gucYwoz4XGgpceT80C0NEaTI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.40.0/22
213.194.192.0-213.194.211.255
IPv6:
2a0a:a800::/29
Signature Algorithm: sha256WithRSAEncryption
a6:76:d2:9c:94:ab:06:84:14:62:2e:5e:cc:47:6f:42:95:58:
66:b6:ba:ca:5d:4b:b3:e3:37:20:36:2f:72:e8:fc:19:59:c3:
8a:1d:8b:24:1f:76:59:97:bd:19:d1:be:62:0e:1e:a5:a7:34:
9d:aa:9a:9b:11:6b:71:c6:a4:a3:c1:86:c7:7e:64:7e:a9:2d:
71:3b:d4:13:b7:42:12:f8:21:b2:07:8f:e3:c4:59:a5:e2:eb:
ed:8b:bd:4d:37:dc:9e:11:d4:9d:8a:78:fb:8a:e0:e5:e6:8c:
0c:73:45:98:d1:01:52:2d:ae:cf:34:36:6a:2f:8f:3c:88:bd:
f8:21:90:51:30:75:24:19:48:76:d5:b7:f7:04:49:92:fa:16:
42:ae:c5:92:34:79:fb:ce:51:f7:34:ef:55:6b:86:1d:0f:c0:
d7:01:bf:eb:4d:e0:12:68:04:c4:dd:1e:18:85:d8:f8:18:ab:
5a:38:a5:4b:b7:66:96:45:1c:b0:09:ed:15:63:51:23:94:21:
fb:db:f1:fb:36:9f:f2:56:e3:9c:e1:fa:af:ff:bb:2f:63:1d:
d4:02:1d:b1:d4:74:ad:ce:1e:44:19:6d:2a:4a:a4:4b:94:e4:
7e:bb:10:e6:58:13:b8:d3:be:1f:75:5b:4a:c6:9e:11:ed:1f:
6f:42:33:0a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBczt2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTNmZTBiOWM2MzBhMzNlMTcxYTBhNWM3OTNmMzQwYjQzNDQ2OTMyMB4XDTIyMDEw
MTA5NTkzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3YmQ0ODE1YjVi
YjA0ZjVlYmU2ZjMxMmM4ODQ4NTJlYzI2N2IzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZ4zxmJr7bTINjYENjESzaeBNI6HP4pfxjDvZyik8fhVdBX
OmnysxedyEkXt7U7exWhhXIpgXzbr5niEMJwGpKZOyQhhC5qY3hXfuqxIiV8pzYv
KY2Vf1yIAP9oBnCml5JPz3IcIXMmlDlJa2bYpg0lKMUnYMswXncCGuNYfwb5pM8p
q1s258MacTK4CsQAHqBTYQjc6tY965WUG/Ffnc+978qZzrZqexujU81ESmWbZvA7
xQpkhhCEzzFwzj9aXRQCcJAopre8b6Jy2lRRVW1NmN1oDVD+vsOh3nX3aNZbmfKj
dPX3xQbZZdgw4ESMhPOz1Gnd2QLN0NTGkUTpsAkCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQse9SBW1uwT16+bzEsiEhS7CZ7NzAfBgNVHSMEGDAWgBSKP+C5xjCjPhca
Clx5PzQLQ0RpMjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lqX2d1Y1l3b3o0WEdncGNlVDgwQzBORWFUSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2IvZjM5YTQ5LTU5ZWEtNGM0Zi05OGZjLTUzYWFiNDJmNDc2ZS8x
L0xIdlVnVnRic0U5ZXZtOHhMSWhJVXV3bWV6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Iv
ZjM5YTQ5LTU5ZWEtNGM0Zi05OGZjLTUzYWFiNDJmNDc2ZS8xL2lqX2d1Y1l3b3o0
WEdncGNlVDgwQzBORWFUSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGgQCAAEwFAMEArmjKDAMAwQG1cLAAwQC1cLQMA0E
AgACMAcDBQMqCqgAMA0GCSqGSIb3DQEBCwUAA4IBAQCmdtKclKsGhBRiLl7MR29C
lVhmtrrKXUuz4zcgNi9y6PwZWcOKHYskH3ZZl70Z0b5iDh6lpzSdqpqbEWtxxqSj
wYbHfmR+qS1xO9QTt0IS+CGyB4/jxFml4uvti71NN9yeEdSdinj7iuDl5owMc0WY
0QFSLa7PNDZqL488iL34IZBRMHUkGUh21bf3BEmS+hZCrsWSNHn7zlH3NO9Va4Yd
D8DXAb/rTeASaATE3R4Yhdj4GKtaOKVLt2aWRRywCe0VY1EjlCH72/H7Np/yVuOc
4fqv/7svYx3UAh2x1HStzh5EGW0qSqRLlOR+uxDmWBO4074fdVtKxp4R7R9vQjMK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:07 2024 by rpki-client on console-ams.rpki-client.org