Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/LA7wbxYmUXgan6l9A2EPZVep-u8.roa
File: LA7wbxYmUXgan6l9A2EPZVep-u8.roa (raw, json)
Hash identifier: nkT0xwjuKY2uDWgMgbSMxh+JKQUepcuXNlhi0chH9Fw=
Subject key identifier: 2C:0E:F0:6F:16:26:51:78:1A:9F:A9:7D:03:61:0F:65:57:A9:FA:EF
Certificate issuer: /CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Certificate serial: 051481DA
Authority key identifier: 7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/LA7wbxYmUXgan6l9A2EPZVep-u8.roa
Signing time: Sat 01 Jan 2022 07:54:06 +0000
ROA not before: Sat 01 Jan 2022 07:54:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201205
IP address blocks: 176.62.136.0/21 maxlen: 21
78.24.168.0/21 maxlen: 21
193.53.101.0/24 maxlen: 24
193.53.102.0/24 maxlen: 24
185.29.4.0/22 maxlen: 22
147.12.64.0/19 maxlen: 19
37.230.120.0/21 maxlen: 21
2a01:5c00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85230042 (0x51481da)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d02fa2c5ba2892045e7cd50a5adfd54d6dbb8c2
Validity
Not Before: Jan 1 07:54:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c0ef06f162651781a9fa97d03610f6557a9faef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:f2:5d:1e:8e:a4:7c:e0:4f:d7:86:7b:f1:
e9:4d:a2:b2:b8:f6:b0:fc:56:1f:90:c6:ce:69:99:
a4:20:fe:5f:79:8d:aa:71:70:40:88:b7:72:55:9c:
26:e4:59:f8:a1:fb:87:34:a9:e3:7a:f7:14:80:9e:
ef:e7:20:53:7a:26:d7:ed:83:6c:70:d3:9a:15:ce:
9b:40:ee:99:27:cb:75:73:cb:7b:ca:c3:f8:29:e8:
89:09:a7:ad:c3:1a:72:79:fd:18:9f:a2:5b:8c:53:
37:87:54:68:0a:bd:9f:04:b1:ad:31:ac:4d:d6:d1:
a3:85:c2:30:88:5c:50:3d:e5:a1:5d:77:61:d8:51:
2b:9a:1a:91:18:fd:15:e2:60:f9:2c:50:25:39:13:
0c:71:e9:cb:74:11:27:bd:c9:2b:3d:1d:f1:b2:1d:
df:98:b4:0c:2d:c9:a7:38:fb:bb:11:27:1d:6b:22:
81:e7:36:90:52:12:b7:cd:4d:e6:9b:d1:dc:62:50:
60:c4:5f:45:81:f1:e3:21:cc:90:7e:a2:9d:14:59:
9b:0d:71:9f:44:31:7f:c1:f3:6b:1f:64:66:fe:ee:
30:b3:72:55:24:ea:5d:d2:5a:1e:17:c9:25:09:f5:
6e:11:fb:80:b3:36:69:ed:40:ec:ce:00:1b:d8:09:
8f:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0E:F0:6F:16:26:51:78:1A:9F:A9:7D:03:61:0F:65:57:A9:FA:EF
X509v3 Authority Key Identifier:
keyid:7D:02:FA:2C:5B:A2:89:20:45:E7:CD:50:A5:AD:FD:54:D6:DB:B8:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQL6LFuiiSBF581Qpa39VNbbuMI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/LA7wbxYmUXgan6l9A2EPZVep-u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/cce20b-4d5a-48f8-b88e-81039f3cf3fd/1/fQL6LFuiiSBF581Qpa39VNbbuMI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.120.0/21
78.24.168.0/21
147.12.64.0/19
176.62.136.0/21
185.29.4.0/22
193.53.101.0-193.53.102.255
IPv6:
2a01:5c00::/32
Signature Algorithm: sha256WithRSAEncryption
23:78:bb:9f:b2:fc:90:58:4a:99:8a:14:6a:ee:a6:9d:06:2a:
c0:d2:8a:e7:06:56:e4:be:ac:00:b4:2e:e6:a5:19:fd:5f:15:
a1:e5:89:be:d9:6d:91:08:4e:2e:cd:d3:5e:30:7b:82:d7:58:
75:ba:65:b7:8e:b9:2c:db:d3:0b:b4:ef:84:05:d0:bf:0a:2f:
73:6b:3d:ff:c1:74:5a:41:84:f6:68:2b:c7:78:56:f8:ef:27:
01:0d:08:0c:4f:b0:33:2d:e9:a0:ac:31:9b:ee:e6:75:ea:92:
d3:4b:bd:6f:f0:99:f6:4e:df:7f:d0:9f:79:59:32:41:90:3a:
11:e0:40:ba:78:76:aa:6e:59:cd:f4:e5:9f:fa:35:6e:4f:ea:
a3:24:e4:e1:78:57:24:13:d8:2d:1d:a7:1f:c6:0e:0d:97:5f:
5a:43:7e:6a:fb:60:d9:c5:e7:3d:04:83:c5:5b:ab:ab:a8:30:
64:1e:6c:d5:08:c8:2c:e2:40:c6:f6:71:19:39:46:af:1b:e2:
69:b2:35:98:ca:93:e4:13:3b:36:84:f1:d3:ca:b8:4e:4c:74:
5b:fc:65:6e:7d:ca:8b:75:2a:c8:14:aa:e7:e8:34:48:e8:cc:
27:6d:91:05:57:5a:97:06:c4:13:4e:f7:28:c3:6f:1d:b8:d5:
53:5e:ca:d8
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgIEBRSB2jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDAyZmEyYzViYTI4OTIwNDVlN2NkNTBhNWFkZmQ1NGQ2ZGJiOGMyMB4XDTIyMDEw
MTA3NTQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmMwZWYwNmYxNjI2
NTE3ODFhOWZhOTdkMDM2MTBmNjU1N2E5ZmFlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJHI8l0ejqR84E/Xhnvx6U2isrj2sPxWH5DGzmmZpCD+X3mN
qnFwQIi3clWcJuRZ+KH7hzSp43r3FICe7+cgU3om1+2DbHDTmhXOm0DumSfLdXPL
e8rD+CnoiQmnrcMacnn9GJ+iW4xTN4dUaAq9nwSxrTGsTdbRo4XCMIhcUD3loV13
YdhRK5oakRj9FeJg+SxQJTkTDHHpy3QRJ73JKz0d8bId35i0DC3Jpzj7uxEnHWsi
gec2kFISt81N5pvR3GJQYMRfRYHx4yHMkH6inRRZmw1xn0Qxf8Hzax9kZv7uMLNy
VSTqXdJaHhfJJQn1bhH7gLM2ae1A7M4AG9gJj3kCAwEAAaOCAj4wggI6MB0GA1Ud
DgQWBBQsDvBvFiZReBqfqX0DYQ9lV6n67zAfBgNVHSMEGDAWgBR9AvosW6KJIEXn
zVClrf1U1tu4wjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZRTDZMRnVpaVNCRjU4MVFwYTM5Vk5iYnVNSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGQvY2NlMjBiLTRkNWEtNDhmOC1iODhlLTgxMDM5ZjNjZjNmZC8x
L0xBN3dieFltVVhnYW42bDlBMkVQWlZlcC11OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGQv
Y2NlMjBiLTRkNWEtNDhmOC1iODhlLTgxMDM5ZjNjZjNmZC8xL2ZRTDZMRnVpaVNC
RjU4MVFwYTM5Vk5iYnVNSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBU
BggrBgEFBQcBBwEB/wRFMEMwMgQCAAEwLAMEAyXmeAMEA04YqAMEBZMMQAMEA7A+
iAMEArkdBDAMAwQAwTVlAwQAwTVmMA0EAgACMAcDBQAqAVwAMA0GCSqGSIb3DQEB
CwUAA4IBAQAjeLufsvyQWEqZihRq7qadBirA0ornBlbkvqwAtC7mpRn9XxWh5Ym+
2W2RCE4uzdNeMHuC11h1umW3jrks29MLtO+EBdC/Ci9zaz3/wXRaQYT2aCvHeFb4
7ycBDQgMT7AzLemgrDGb7uZ16pLTS71v8Jn2Tt9/0J95WTJBkDoR4EC6eHaqblnN
9OWf+jVuT+qjJOTheFckE9gtHacfxg4Nl19aQ35q+2DZxec9BIPFW6urqDBkHmzV
CMgs4kDG9nEZOUavG+JpsjWYypPkEzs2hPHTyrhOTHRb/GVufcqLdSrIFKrn6DRI
6MwnbZEFV1qXBsQTTvcow28duNVTXsrY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:06 2024 by rpki-client on console-ams.rpki-client.org