Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/lhDCSJ649uuJ9y7Vos-mz9-2ALk.roa
File: lhDCSJ649uuJ9y7Vos-mz9-2ALk.roa (raw, json)
Hash identifier: yPlSSSaV5Gdw5l5c3OSrz+gIE38u9F0q/+5+NbsZREw=
Subject key identifier: 96:10:C2:48:9E:B8:F6:EB:89:F7:2E:D5:A2:CF:A6:CF:DF:B6:00:B9
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 09D2ABF3
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/lhDCSJ649uuJ9y7Vos-mz9-2ALk.roa
Signing time: Sat 01 Jan 2022 11:58:49 +0000
ROA not before: Sat 01 Jan 2022 11:58:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30848
IP address blocks: 185.135.103.0/24 maxlen: 24
85.116.130.0/23 maxlen: 23
85.116.128.0/23 maxlen: 23
185.89.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164801523 (0x9d2abf3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jan 1 11:58:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9610c2489eb8f6eb89f72ed5a2cfa6cfdfb600b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ba:74:17:13:df:11:74:23:79:d9:80:db:2a:
ad:2f:cd:ad:f3:30:3e:42:ff:fb:eb:7f:e3:fc:51:
12:ab:1e:f9:ae:6d:06:56:8b:46:38:dc:74:b2:02:
70:cf:0e:18:df:1d:15:51:e9:ea:dc:2c:3d:f7:ee:
06:e2:a3:d1:3d:26:c6:28:70:3c:e9:09:58:4a:91:
12:c1:28:9c:a9:c3:86:8c:b8:53:1d:38:80:4f:42:
3f:2c:d3:2c:87:32:de:86:3c:69:9e:97:46:1a:a8:
e1:96:b8:ab:66:25:14:17:91:93:fd:6c:64:ae:0d:
73:98:57:01:f8:90:ed:2e:ed:78:d4:e5:93:c2:42:
22:43:ec:b8:bd:f9:ff:9e:bd:18:48:91:4f:92:ca:
f6:80:59:e7:65:06:ee:d3:23:f1:3e:f3:6c:6a:a5:
aa:c5:ef:7d:ff:18:df:a7:a7:1d:4a:ab:8d:b5:48:
ab:78:d3:f7:98:76:44:d3:53:75:d0:e3:81:db:ec:
5d:01:b7:1a:ab:42:d8:c0:43:3a:c0:68:a9:da:3c:
29:ad:57:7a:0a:9a:e3:e4:b9:c7:30:68:74:0d:c2:
1c:2a:3f:64:ec:a7:f9:dc:c1:3d:f0:79:c1:7e:05:
ca:e3:c6:62:21:22:5e:39:04:f5:f3:fb:25:34:1f:
ba:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:10:C2:48:9E:B8:F6:EB:89:F7:2E:D5:A2:CF:A6:CF:DF:B6:00:B9
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/lhDCSJ649uuJ9y7Vos-mz9-2ALk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.128.0/22
185.89.220.0/23
185.135.103.0/24
Signature Algorithm: sha256WithRSAEncryption
75:0c:0b:04:7b:c7:28:fa:f0:74:d8:07:dc:d3:42:2b:46:1f:
c0:98:b5:5a:15:32:32:4c:9f:3a:63:86:fe:e8:b6:9e:a0:74:
8b:84:0f:b5:ca:e6:e8:ed:19:21:f9:a6:90:db:87:14:44:3c:
18:c2:08:eb:eb:a3:9a:ed:99:e2:19:61:f8:78:6c:68:00:d5:
66:8d:22:41:8d:b8:ff:fb:97:3e:19:75:1e:8b:e7:96:d6:b6:
be:9e:c9:c4:ae:6c:e2:c3:ce:0b:a6:27:e6:12:31:2a:55:89:
a3:7d:88:ef:59:14:21:ff:4a:bf:02:38:e9:d5:7c:aa:53:e0:
8e:f1:75:c5:be:a7:30:2d:8e:a0:95:cb:cf:ea:6e:99:b0:c6:
b6:ca:ed:d3:d7:d5:02:80:fd:92:9e:26:2e:36:9e:5b:05:f8:
41:9a:9e:7e:cb:a7:92:e0:96:48:b0:b6:4c:47:3f:14:a2:94:
01:28:e9:73:18:f5:33:cb:68:74:63:e7:40:68:2b:cd:d7:03:
d9:a9:c3:2b:d2:d6:bc:6e:4b:33:a9:7d:d6:26:5a:33:35:11:
c3:69:6f:01:06:16:55:40:34:37:e0:8d:98:30:99:16:ca:e8:
87:76:36:dc:d9:f7:09:9f:29:34:e2:f3:90:51:29:35:a6:e4:
86:67:86:fb
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIECdKr8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Yjk3NjI3NTU0N2I3NWRmMmIwNGM0ZjliMjkxYzA3MTBjNTA3NzQwMB4XDTIyMDEw
MTExNTg0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYxMGMyNDg5ZWI4
ZjZlYjg5ZjcyZWQ1YTJjZmE2Y2ZkZmI2MDBiOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI66dBcT3xF0I3nZgNsqrS/NrfMwPkL/++t/4/xREqse+a5t
BlaLRjjcdLICcM8OGN8dFVHp6twsPffuBuKj0T0mxihwPOkJWEqREsEonKnDhoy4
Ux04gE9CPyzTLIcy3oY8aZ6XRhqo4Za4q2YlFBeRk/1sZK4Nc5hXAfiQ7S7teNTl
k8JCIkPsuL35/569GEiRT5LK9oBZ52UG7tMj8T7zbGqlqsXvff8Y36enHUqrjbVI
q3jT95h2RNNTddDjgdvsXQG3GqtC2MBDOsBoqdo8Ka1Xegqa4+S5xzBodA3CHCo/
ZOyn+dzBPfB5wX4FyuPGYiEiXjkE9fP7JTQfuuMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSWEMJInrj264n3LtWiz6bP37YAuTAfBgNVHSMEGDAWgBQrl2J1VHt13ysE
xPmykcBxDFB3QDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s1ZGlkVlI3ZGQ4ckJNVDVzcEhBY1F4UWQwQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDIvNThmNDVmLThiMDctNGU2YS05NTQ4LWQ1YjBmOTFkOTdjMi8x
L2xoRENTSjY0OXV1Sjl5N1Zvcy1tejktMkFMay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDIv
NThmNDVmLThiMDctNGU2YS05NTQ4LWQ1YjBmOTFkOTdjMi8xL0s1ZGlkVlI3ZGQ4
ckJNVDVzcEhBY1F4UWQwQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlV0gAMEAblZ3AMEALmHZzANBgkq
hkiG9w0BAQsFAAOCAQEAdQwLBHvHKPrwdNgH3NNCK0YfwJi1WhUyMkyfOmOG/ui2
nqB0i4QPtcrm6O0ZIfmmkNuHFEQ8GMII6+ujmu2Z4hlh+HhsaADVZo0iQY24//uX
Phl1Hovnlta2vp7JxK5s4sPOC6Yn5hIxKlWJo32I71kUIf9KvwI46dV8qlPgjvF1
xb6nMC2OoJXLz+pumbDGtsrt09fVAoD9kp4mLjaeWwX4QZqefsunkuCWSLC2TEc/
FKKUASjpcxj1M8todGPnQGgrzdcD2anDK9LWvG5LM6l91iZaMzURw2lvAQYWVUA0
N+CNmDCZFsroh3Y23Nn3CZ8pNOLzkFEpNabkhmeG+w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:25 2024 by rpki-client on console-ams.rpki-client.org