Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/lcYs1XF07QMNdFRdH0FeA36yaMs.roa
File: lcYs1XF07QMNdFRdH0FeA36yaMs.roa (raw, json)
Hash identifier: VYYLTLVcExQcfd64qk+/WSyKTCblw5EP6A0wu219X6o=
Subject key identifier: 95:C6:2C:D5:71:74:ED:03:0D:74:54:5D:1F:41:5E:03:7E:B2:68:CB
Certificate issuer: /CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Certificate serial: 0183F5D777570EC98AB9F8EE2A6269D137F9
Authority key identifier: EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/lcYs1XF07QMNdFRdH0FeA36yaMs.roa
Signing time: Thu 20 Oct 2022 14:41:22 +0000
ROA not before: Thu 20 Oct 2022 14:41:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31103
IP address blocks: 84.19.160.0/19 maxlen: 24
217.114.208.0/20 maxlen: 24
84.19.167.0/24 maxlen: 24
84.19.188.0/24 maxlen: 24
95.169.161.0/24 maxlen: 24
87.118.67.0/24 maxlen: 24
95.169.160.0/24 maxlen: 24
87.118.64.0/18 maxlen: 24
87.118.83.0/24 maxlen: 24
95.169.176.0/21 maxlen: 24
95.169.184.0/22 maxlen: 24
87.118.86.0/24 maxlen: 24
95.169.186.0/24 maxlen: 24
95.169.190.0/23 maxlen: 24
95.169.189.0/24 maxlen: 24
95.169.188.0/24 maxlen: 24
95.169.187.0/24 maxlen: 24
87.118.92.0/24 maxlen: 24
62.141.48.0/20 maxlen: 24
87.118.120.0/24 maxlen: 24
2001:1b60::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:d7:77:57:0e:c9:8a:b9:f8:ee:2a:62:69:d1:37:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eedde41f362e98ae37d1efc7caf3e7d3c1653ee2
Validity
Not Before: Oct 20 14:41:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95c62cd57174ed030d74545d1f415e037eb268cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:9d:35:88:4b:7c:75:82:7f:66:50:57:04:8e:
a4:80:da:e6:7c:4b:80:5c:68:69:17:a0:1e:b3:be:
1e:9a:75:9e:ad:86:bf:f3:c9:ee:70:91:4f:a8:fe:
2e:7a:c7:6e:1e:72:81:01:04:b1:68:d6:c3:f7:9e:
76:74:6c:9f:96:2e:66:d5:89:2e:20:3a:16:b8:b8:
62:95:00:9f:e3:83:c8:91:e7:6b:7d:4e:fc:15:25:
64:35:83:d3:49:e5:74:a1:73:50:c5:6f:67:a9:44:
e0:98:f2:bf:cf:65:a4:ba:50:bb:a2:a1:2d:f3:5d:
e3:90:7c:e8:21:6c:27:05:e0:9a:91:f8:df:7e:77:
2c:96:d6:e3:65:a5:8e:ee:26:92:98:2c:2e:a6:db:
7b:cb:08:ab:28:0b:b1:66:19:03:cb:4f:65:7d:cd:
0b:9e:28:3f:e6:27:a4:25:a6:86:75:a6:10:f7:7b:
0e:39:e5:88:1e:bb:f9:ea:fe:85:25:29:03:c8:76:
de:61:d9:22:ab:79:7e:ed:a5:c7:32:dc:fa:3a:1d:
1f:07:6c:8d:b1:7d:2e:ba:18:b3:12:53:66:82:f8:
66:d5:7a:d5:d5:ae:c7:59:c2:7e:97:56:dc:55:10:
35:41:22:87:0f:60:bd:a7:4b:b9:f4:07:7f:1a:36:
8b:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C6:2C:D5:71:74:ED:03:0D:74:54:5D:1F:41:5E:03:7E:B2:68:CB
X509v3 Authority Key Identifier:
keyid:EE:DD:E4:1F:36:2E:98:AE:37:D1:EF:C7:CA:F3:E7:D3:C1:65:3E:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7t3kHzYumK430e_HyvPn08FlPuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/lcYs1XF07QMNdFRdH0FeA36yaMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/626fa6-6eca-476e-a5af-afe63376c88f/1/7t3kHzYumK430e_HyvPn08FlPuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.141.48.0/20
84.19.160.0/19
87.118.64.0/18
95.169.160.0/23
95.169.176.0/20
217.114.208.0/20
IPv6:
2001:1b60::/29
Signature Algorithm: sha256WithRSAEncryption
31:b7:b0:fb:d3:7f:68:b6:e8:b9:58:7d:94:ce:8e:49:5d:56:
3b:b9:2c:b8:4b:9b:a4:71:8f:be:74:95:8c:06:da:52:26:19:
f4:b7:71:34:45:97:22:aa:ac:77:8d:ec:07:00:2c:c8:df:1a:
39:51:42:f2:5e:ca:c2:c4:5e:ca:ab:eb:d7:19:36:6a:98:3f:
59:9d:10:ad:1a:68:52:5e:9f:a4:9a:a6:7a:2f:4d:cb:ba:9e:
28:7f:6b:dc:7f:5b:ec:d1:96:c4:10:7c:4c:23:d8:77:0c:57:
34:fc:44:6e:74:75:bb:20:9a:4a:f7:4d:b3:cc:4f:26:0f:94:
f1:92:f8:7e:c6:68:0b:05:03:55:eb:df:61:36:6e:da:49:7d:
6a:5d:b4:c9:18:cb:3f:a7:4b:22:2b:5b:47:6a:de:e5:9a:7c:
e1:a8:45:a4:0f:fe:45:bc:a5:1b:f4:8a:ff:06:24:1c:28:1d:
b4:f1:2e:79:9a:4d:83:26:07:e8:47:61:fb:c4:91:d9:f2:3f:
96:06:7d:dc:eb:c9:44:00:31:a5:c0:f4:c0:8c:de:8d:2d:4c:
e2:9d:28:44:09:d7:64:f5:62:93:f5:20:02:47:e5:e9:bd:bf:
6e:11:81:11:39:b0:70:9f:e3:7e:a8:da:a0:cb:75:d0:b3:f1:
f8:f6:6f:a0
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYP113dXDsmKufjuKmJp0Tf5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlZGRlNDFmMzYyZTk4YWUzN2QxZWZjN2NhZjNlN2QzYzE2
NTNlZTIwHhcNMjIxMDIwMTQ0MTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWM2MmNkNTcxNzRlZDAzMGQ3NDU0NWQxZjQxNWUwMzdlYjI2OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkp01iEt8dYJ/ZlBXBI6kgNrmfEuA
XGhpF6Aes74emnWerYa/88nucJFPqP4uesduHnKBAQSxaNbD9552dGyfli5m1Yku
IDoWuLhilQCf44PIkedrfU78FSVkNYPTSeV0oXNQxW9nqUTgmPK/z2WkulC7oqEt
813jkHzoIWwnBeCakfjffncsltbjZaWO7iaSmCwuptt7ywirKAuxZhkDy09lfc0L
nig/5iekJaaGdaYQ93sOOeWIHrv56v6FJSkDyHbeYdkiq3l+7aXHMtz6Oh0fB2yN
sX0uuhizElNmgvhm1XrV1a7HWcJ+l1bcVRA1QSKHD2C9p0u59Ad/GjaLhwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJXGLNVxdO0DDXRUXR9BXgN+smjLMB8GA1UdIwQY
MBaAFO7d5B82LpiuN9Hvx8rz59PBZT7iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYt
YWZlNjMzNzZjODhmLzEvbGNZczFYRjA3UU1OZEZSZEgwRmVBMzZ5YU1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My82MjZmYTYtNmVjYS00NzZlLWE1YWYtYWZlNjMzNzZjODhm
LzEvN3Qza0h6WXVtSzQzMGVfSHl2UG4wOEZsUHVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEPo0wAwQF
VBOgAwQGV3ZAAwQBX6mgAwQEX6mwAwQE2XLQMA0EAgACMAcDBQMgARtgMA0GCSqG
SIb3DQEBCwUAA4IBAQAxt7D7039otui5WH2Uzo5JXVY7uSy4S5ukcY++dJWMBtpS
Jhn0t3E0RZciqqx3jewHACzI3xo5UULyXsrCxF7Kq+vXGTZqmD9ZnRCtGmhSXp+k
mqZ6L03Lup4of2vcf1vs0ZbEEHxMI9h3DFc0/ERudHW7IJpK902zzE8mD5Txkvh+
xmgLBQNV699hNm7aSX1qXbTJGMs/p0siK1tHat7lmnzhqEWkD/5FvKUb9Ir/BiQc
KB208S55mk2DJgfoR2H7xJHZ8j+WBn3c68lEADGlwPTAjN6NLUzinShECddk9WKT
9SACR+Xpvb9uEYERObBwn+N+qNqgy3XQs/H49m+g
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:12 2023 by rpki-client on console-fra.rpki-client.org