Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/LxMj2phBmGe0mBfgtXzCDGFKEDM.roa
File: LxMj2phBmGe0mBfgtXzCDGFKEDM.roa (raw, json)
Hash identifier: fgUqj9LqzHJmDu36ZJXPrt8YuTCNooTc/t29icNZJ1Q=
Subject key identifier: 2F:13:23:DA:98:41:98:67:B4:98:17:E0:B5:7C:C2:0C:61:4A:10:33
Certificate issuer: /CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Certificate serial: 01825AEB8F2E868C1280FE0D11EDE8F5806D
Authority key identifier: B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/LxMj2phBmGe0mBfgtXzCDGFKEDM.roa
Signing time: Mon 01 Aug 2022 19:39:23 +0000
ROA not before: Mon 01 Aug 2022 19:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199775
IP address blocks: 185.95.108.0/22 maxlen: 24
185.6.152.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5a:eb:8f:2e:86:8c:12:80:fe:0d:11:ed:e8:f5:80:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b75a0566d0b63a1f862d83458e4f2ea6fd8f7d21
Validity
Not Before: Aug 1 19:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f1323da98419867b49817e0b57cc20c614a1033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:1c:8f:f7:63:3e:9a:33:57:30:21:46:09:a4:
a3:25:92:1c:87:44:63:24:e3:7e:e3:7d:7b:4d:2b:
e1:e2:94:af:d2:74:5c:d1:19:66:b4:39:58:da:d8:
59:d2:95:06:1f:57:53:9e:47:53:bd:1d:76:f3:45:
b2:a4:cf:e7:c0:63:4e:3b:b3:a2:26:c2:74:6f:74:
4f:c3:81:15:f3:73:35:b3:2f:37:0e:84:89:2c:f8:
66:6f:61:4a:ba:d5:cf:58:eb:a8:f2:00:34:2d:67:
3f:c6:1f:a1:df:e5:e6:21:3c:0f:c2:6c:6c:48:66:
8d:07:d7:b8:cb:c0:b1:4a:ba:fe:77:bf:ca:23:7a:
f0:6f:8a:e3:89:6b:dc:40:af:6e:46:d0:24:c7:c9:
d8:ec:92:d7:e0:f3:cc:b7:a1:fc:5f:88:56:3c:c5:
46:24:0d:b5:57:53:59:f6:7d:dd:b6:4b:ab:db:14:
94:3d:5e:d3:7d:51:d7:66:24:97:76:1a:48:99:c5:
84:63:13:9a:dc:f4:fb:09:29:cd:5a:32:cf:d4:1b:
40:be:82:2e:17:7f:27:6f:8e:46:b2:84:bc:fa:c3:
66:9c:77:e2:6e:5f:d6:69:97:02:e0:af:dc:d9:3b:
4a:2f:30:49:11:97:ec:70:78:2a:f2:72:b0:6b:45:
50:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:13:23:DA:98:41:98:67:B4:98:17:E0:B5:7C:C2:0C:61:4A:10:33
X509v3 Authority Key Identifier:
keyid:B7:5A:05:66:D0:B6:3A:1F:86:2D:83:45:8E:4F:2E:A6:FD:8F:7D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1oFZtC2Oh-GLYNFjk8upv2PfSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/LxMj2phBmGe0mBfgtXzCDGFKEDM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/103570-1cf6-42ac-81d4-83f601c3fb59/1/t1oFZtC2Oh-GLYNFjk8upv2PfSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.152.0/22
185.95.108.0/22
Signature Algorithm: sha256WithRSAEncryption
31:c2:94:05:1a:3a:d3:2b:ad:88:a8:87:33:a4:15:50:12:40:
76:63:c4:05:92:e7:66:ad:f0:84:b7:ac:c4:96:94:e7:4f:8c:
09:7a:f2:cf:f9:62:6d:61:6b:a2:46:24:8b:cb:10:b1:6d:80:
d8:7d:61:7c:7a:04:c3:ae:80:05:d9:ff:c1:47:79:a6:d3:75:
11:06:59:cd:01:bf:50:b3:47:1f:a2:88:6d:92:ba:ad:e5:f0:
fd:00:d3:f3:e0:b9:24:3f:4a:f2:cb:e2:93:00:2d:32:12:b9:
4f:77:73:c1:54:54:c9:7a:2a:c9:ea:49:6b:17:1d:89:54:8a:
68:c9:3a:a6:53:45:d6:04:d9:69:61:bf:a6:5d:84:77:da:a7:
5c:10:ec:19:c9:ce:77:9b:cb:67:50:09:81:16:f3:5e:80:e7:
3f:e4:e1:5d:6d:99:70:80:56:0f:94:6f:76:2a:0e:8e:fe:8a:
e1:41:4b:d0:09:db:32:10:e8:39:25:6c:88:35:b5:81:b1:23:
5c:18:59:4c:0d:4c:d6:79:e1:20:40:bf:70:35:a8:0e:b7:ff:
84:50:57:99:e3:41:41:26:3d:3f:7b:df:b8:a5:8c:43:f2:44:
d7:c9:94:9b:d1:9a:eb:8e:3c:20:d1:b4:e7:48:4e:a1:e6:79:
72:9f:63:60
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYJa648uhowSgP4NEe3o9YBtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NWEwNTY2ZDBiNjNhMWY4NjJkODM0NThlNGYyZWE2ZmQ4
ZjdkMjEwHhcNMjIwODAxMTkzOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjEzMjNkYTk4NDE5ODY3YjQ5ODE3ZTBiNTdjYzIwYzYxNGExMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxyP92M+mjNXMCFGCaSjJZIch0Rj
JON+4317TSvh4pSv0nRc0RlmtDlY2thZ0pUGH1dTnkdTvR1280WypM/nwGNOO7Oi
JsJ0b3RPw4EV83M1sy83DoSJLPhmb2FKutXPWOuo8gA0LWc/xh+h3+XmITwPwmxs
SGaNB9e4y8CxSrr+d7/KI3rwb4rjiWvcQK9uRtAkx8nY7JLX4PPMt6H8X4hWPMVG
JA21V1NZ9n3dtkur2xSUPV7TfVHXZiSXdhpImcWEYxOa3PT7CSnNWjLP1BtAvoIu
F38nb45GsoS8+sNmnHfibl/WaZcC4K/c2TtKLzBJEZfscHgq8nKwa0VQCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC8TI9qYQZhntJgX4LV8wgxhShAzMB8GA1UdIwQY
MBaAFLdaBWbQtjofhi2DRY5PLqb9j30hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQt
ODNmNjAxYzNmYjU5LzEvTHhNajJwaEJtR2UwbUJmZ3RYekNER0ZLRURNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8xMDM1NzAtMWNmNi00MmFjLTgxZDQtODNmNjAxYzNmYjU5
LzEvdDFvRlp0QzJPaC1HTFlORmprOHVwdjJQZlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuQaYAwQC
uV9sMA0GCSqGSIb3DQEBCwUAA4IBAQAxwpQFGjrTK62IqIczpBVQEkB2Y8QFkudm
rfCEt6zElpTnT4wJevLP+WJtYWuiRiSLyxCxbYDYfWF8egTDroAF2f/BR3mm03UR
BlnNAb9Qs0cfoohtkrqt5fD9ANPz4LkkP0ryy+KTAC0yErlPd3PBVFTJeirJ6klr
Fx2JVIpoyTqmU0XWBNlpYb+mXYR32qdcEOwZyc53m8tnUAmBFvNegOc/5OFdbZlw
gFYPlG92Kg6O/orhQUvQCdsyEOg5JWyINbWBsSNcGFlMDUzWeeEgQL9wNagOt/+E
UFeZ40FBJj0/e9+4pYxD8kTXyZSb0Zrrjjwg0bTnSE6h5nlyn2Ng
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:08 2023 by rpki-client on console-fra.rpki-client.org