Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/LxaQXf7YxPQpT4dpuxbmA0mSxTQ.roa
File: LxaQXf7YxPQpT4dpuxbmA0mSxTQ.roa (raw, json)
Hash identifier: pEd1EMJvKRWK8wRzvZrKtPjz/4Q1A7IbBKsbl7Qp8OI=
Subject key identifier: 2F:16:90:5D:FE:D8:C4:F4:29:4F:87:69:BB:16:E6:03:49:92:C5:34
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0183FB144218845FEF1E54B4B315CE83D4FA
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/LxaQXf7YxPQpT4dpuxbmA0mSxTQ.roa
Signing time: Fri 21 Oct 2022 15:05:52 +0000
ROA not before: Fri 21 Oct 2022 15:05:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202754
IP address blocks: 185.153.17.0/24 maxlen: 24
185.153.16.0/24 maxlen: 24
185.153.16.0/22 maxlen: 22
185.153.18.0/24 maxlen: 24
185.153.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fb:14:42:18:84:5f:ef:1e:54:b4:b3:15:ce:83:d4:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Oct 21 15:05:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f16905dfed8c4f4294f8769bb16e6034992c534
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:dd:5b:52:06:05:01:c4:f1:f2:7b:90:81:31:
fd:28:29:50:b3:1e:f3:52:cd:9e:e8:af:79:18:f6:
2a:34:b9:fb:95:80:b5:fe:c5:2b:90:f9:ba:3f:2f:
39:0f:2d:1b:21:5d:ef:c3:be:a0:c9:e1:8f:e1:7b:
cd:b0:70:ea:55:e7:0e:05:93:6e:68:13:be:a8:ae:
d3:e0:57:3f:9e:6a:52:a8:f7:af:8d:11:35:bb:b0:
7b:63:a3:90:09:8f:61:30:db:f0:51:59:b8:c3:9f:
f8:1f:61:4f:48:0b:af:c8:69:dc:15:4d:09:4d:c9:
d3:cf:4d:46:ff:c2:61:eb:8c:d7:29:b7:dc:d4:ee:
e4:27:c8:a9:00:cd:f0:42:aa:ab:d1:5a:42:c2:0f:
e8:62:7d:9a:80:b5:9a:b9:19:68:e9:3f:d5:94:1f:
32:e5:38:3e:f9:46:1c:ed:b1:c1:01:6c:5b:d1:c4:
05:67:a4:a7:a8:b9:a4:e5:6c:9d:c9:f4:ab:bc:72:
9f:51:41:35:34:bf:2d:1c:cd:c9:19:e8:4b:2e:2d:
bd:b5:15:44:ce:16:ff:50:47:d4:a1:c5:29:33:e7:
ef:59:f7:c9:12:09:ad:d3:a2:6c:e2:f5:ab:5d:bd:
f0:b6:de:8b:42:41:a5:c9:e2:a4:70:27:db:64:87:
2d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:16:90:5D:FE:D8:C4:F4:29:4F:87:69:BB:16:E6:03:49:92:C5:34
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/LxaQXf7YxPQpT4dpuxbmA0mSxTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.16.0/22
Signature Algorithm: sha256WithRSAEncryption
36:02:38:b0:36:fa:f8:c0:48:28:5e:04:7c:fd:ac:90:b4:db:
2c:1c:4d:d6:ae:61:4b:e6:61:ad:36:42:83:e8:1a:52:32:67:
a0:a0:02:24:93:71:1a:65:8c:15:50:0b:86:3b:ef:69:ce:3a:
87:b5:71:ea:68:47:c9:14:ea:7b:c8:8f:0c:d5:fe:e9:4d:97:
92:19:db:16:d3:37:21:b5:85:de:ed:12:f9:9b:5a:35:fd:f0:
3c:5d:dc:2a:2f:b7:73:be:3f:95:dd:50:c6:9b:f5:36:eb:2a:
b4:05:5a:b2:a3:ee:66:d2:d8:d5:91:52:0a:97:4f:00:a6:6a:
77:24:46:53:61:43:dc:0e:b2:f3:72:cd:f1:de:06:e3:9d:83:
49:28:38:18:f3:bf:2e:55:ca:a9:aa:b6:bd:28:79:e0:3a:3e:
08:aa:2f:58:92:bf:e1:54:a6:17:9d:ea:9c:74:f2:98:d8:b8:
b6:be:a7:12:5e:cd:b9:6c:48:80:49:cf:ec:fb:4a:b4:12:68:
c5:2d:99:ea:b0:66:e8:c4:73:36:da:43:9c:04:88:df:8c:e8:
4a:3d:08:4a:91:91:58:e0:7e:17:fa:4e:32:0c:84:02:cf:4a:
c0:f4:e3:43:b9:96:f2:07:8b:5c:f0:74:85:1c:cd:78:00:e6:
1f:0a:f2:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP7FEIYhF/vHlS0sxXOg9T6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YjMwMTExYjBiNzIwYTIwOWY3ODhjOGI5MGY2MDM4MGI0
NjVjMmUwHhcNMjIxMDIxMTUwNTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE2OTA1ZGZlZDhjNGY0Mjk0Zjg3NjliYjE2ZTYwMzQ5OTJjNTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAld1bUgYFAcTx8nuQgTH9KClQsx7z
Us2e6K95GPYqNLn7lYC1/sUrkPm6Py85Dy0bIV3vw76gyeGP4XvNsHDqVecOBZNu
aBO+qK7T4Fc/nmpSqPevjRE1u7B7Y6OQCY9hMNvwUVm4w5/4H2FPSAuvyGncFU0J
TcnTz01G/8Jh64zXKbfc1O7kJ8ipAM3wQqqr0VpCwg/oYn2agLWauRlo6T/VlB8y
5Tg++UYc7bHBAWxb0cQFZ6SnqLmk5WydyfSrvHKfUUE1NL8tHM3JGehLLi29tRVE
zhb/UEfUocUpM+fvWffJEgmt06Js4vWrXb3wtt6LQkGlyeKkcCfbZIctRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8WkF3+2MT0KU+HabsW5gNJksU0MB8GA1UdIwQY
MBaAFJWzARGwtyCiCfeIyLkPYDgLRlwuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmIt
OTE2NDZiZjAxNTNkLzEvTHhhUVhmN1l4UFFwVDRkcHV4Ym1BMG1TeFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wM2JmMjgtYzU1ZC00YzdhLTkxYmItOTE2NDZiZjAxNTNk
LzEvbGJNQkViQzNJS0lKOTRqSXVROWdPQXRHWEM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZkQMA0G
CSqGSIb3DQEBCwUAA4IBAQA2AjiwNvr4wEgoXgR8/ayQtNssHE3WrmFL5mGtNkKD
6BpSMmegoAIkk3EaZYwVUAuGO+9pzjqHtXHqaEfJFOp7yI8M1f7pTZeSGdsW0zch
tYXe7RL5m1o1/fA8XdwqL7dzvj+V3VDGm/U26yq0BVqyo+5m0tjVkVIKl08Apmp3
JEZTYUPcDrLzcs3x3gbjnYNJKDgY878uVcqpqra9KHngOj4Iqi9Ykr/hVKYXneqc
dPKY2Li2vqcSXs25bEiASc/s+0q0EmjFLZnqsGboxHM22kOcBIjfjOhKPQhKkZFY
4H4X+k4yDIQCz0rA9ONDuZbyB4tc8HSFHM14AOYfCvLL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:18 2024 by rpki-client on console-fra.rpki-client.org