Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ltTybvnyVmgxeNy8S8pW0gA5Uss.roa
File: ltTybvnyVmgxeNy8S8pW0gA5Uss.roa (raw, json)
Hash identifier: iFAbBusjY0dXDmjHldNluqw4gzbQObtktbVGZKTZ5HA=
Subject key identifier: 96:D4:F2:6E:F9:F2:56:68:31:78:DC:BC:4B:CA:56:D2:00:39:52:CB
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0182D8E43317F0FB23C46D278D15220AD7C0
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ltTybvnyVmgxeNy8S8pW0gA5Uss.roa
Signing time: Fri 26 Aug 2022 06:43:30 +0000
ROA not before: Fri 26 Aug 2022 06:43:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58057
IP address blocks: 45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
194.50.94.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
194.50.111.0/24 maxlen: 24
193.58.239.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a0c:3b80::/29 maxlen: 48
2a0e:97c7:400::/38 maxlen: 48
2001:7f8:119::/48 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a10:cc40:1c0::/44 maxlen: 44
2a0f:e404:102::/48 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a0e:b107:1786::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:e4:33:17:f0:fb:23:c4:6d:27:8d:15:22:0a:d7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Aug 26 06:43:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96d4f26ef9f256683178dcbc4bca56d2003952cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4f:27:32:ea:fb:7d:d2:c5:e8:a7:40:a6:b8:
ea:86:5e:ff:fb:43:80:0f:68:2e:f0:00:15:83:0c:
4d:fd:9f:73:2e:8f:cb:74:5f:1a:67:f4:d0:0b:ea:
21:97:09:3c:df:a2:22:d1:a0:b6:48:25:08:90:fa:
e0:33:87:ee:0d:60:a8:bc:0c:41:1f:7a:89:94:c8:
6a:c5:1b:3d:76:72:ea:6c:84:f9:e3:95:bc:4d:8e:
83:e2:e4:d4:2d:30:77:cc:39:28:36:53:b2:b2:39:
48:cf:f6:de:b9:f5:58:2c:22:7d:29:96:70:1e:21:
51:ed:40:8c:dc:9d:61:27:ef:9d:e9:07:93:05:95:
93:05:fc:b8:9d:1c:d8:3d:15:59:34:67:b6:67:52:
84:79:c0:24:77:14:f4:45:84:f5:9e:a5:45:49:a0:
27:66:a2:db:72:a0:fd:53:e5:0a:90:c6:b3:ea:ec:
06:ef:c2:bb:c6:97:6c:fa:64:a9:57:71:70:ce:07:
c6:21:43:d0:8d:d1:a7:74:70:ac:ce:c3:ed:01:96:
0d:7d:17:ed:bc:72:26:36:ed:2a:2c:d5:63:65:a5:
dc:c6:bf:db:1d:0b:3a:e7:31:de:20:b4:fb:30:84:
c5:e3:35:7d:76:d3:26:16:d4:bd:5a:8f:b2:c0:86:
6a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D4:F2:6E:F9:F2:56:68:31:78:DC:BC:4B:CA:56:D2:00:39:52:CB
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ltTybvnyVmgxeNy8S8pW0gA5Uss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.136.0/22
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
193.58.239.0/24
194.50.92.0/24
194.50.94.0/24
194.50.111.0/24
IPv6:
2001:7f8:119::/48
2a09:4c0::/29
2a0c:3b80::/29
2a0e:97c0:170::/48
2a0e:97c0:260::/44
2a0e:97c7:400::/38
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0f:e404:102::/48
2a10:cc40:1c0::/44
Signature Algorithm: sha256WithRSAEncryption
03:68:64:bf:0d:41:c5:c4:c0:51:95:e8:27:5a:f6:5a:74:58:
8d:d8:52:5e:30:e9:b1:1b:30:c6:ce:08:38:de:83:2f:6b:99:
45:fa:64:00:f7:93:07:90:55:51:a6:4b:86:37:91:0d:d4:22:
79:c5:60:0f:d1:05:4b:73:d4:7b:6d:9d:b3:92:bb:d1:2d:ea:
3a:11:95:f3:83:ff:af:0d:36:a7:e0:f0:74:0c:bf:3d:00:3e:
9b:a2:26:c5:29:d6:5b:4d:4f:e1:2e:42:ee:89:82:4d:c2:49:
dd:80:8a:07:1a:e5:a5:b3:02:70:d8:24:ef:7c:54:5c:d4:f8:
3e:9f:a0:77:e9:e5:27:00:5b:e9:b4:a0:65:8a:b7:86:07:c9:
e1:a9:73:06:8a:66:00:1d:44:41:81:b8:df:6a:03:fe:47:a9:
ec:35:48:5c:0e:20:17:19:7e:6b:76:28:37:39:94:16:7f:6e:
95:ed:20:42:5d:87:33:85:bb:9b:36:a3:6f:88:06:cc:e3:cd:
d1:29:31:56:63:22:e8:4d:fb:ec:22:a6:bb:0e:0d:b4:aa:49:
ef:c4:bb:02:9b:e6:eb:13:6d:62:70:90:04:38:8e:e9:cb:b1:
42:e4:47:50:0c:d0:0b:56:48:6b:af:f1:88:ba:07:1c:09:26:
85:e1:34:87
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAYLY5DMX8PsjxG0njRUiCtfAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIwODI2MDY0MzMwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmQ0ZjI2ZWY5ZjI1NjY4MzE3OGRjYmM0YmNhNTZkMjAwMzk1MmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArE8nMur7fdLF6KdAprjqhl7/+0OA
D2gu8AAVgwxN/Z9zLo/LdF8aZ/TQC+ohlwk836Ii0aC2SCUIkPrgM4fuDWCovAxB
H3qJlMhqxRs9dnLqbIT545W8TY6D4uTULTB3zDkoNlOysjlIz/beufVYLCJ9KZZw
HiFR7UCM3J1hJ++d6QeTBZWTBfy4nRzYPRVZNGe2Z1KEecAkdxT0RYT1nqVFSaAn
ZqLbcqD9U+UKkMaz6uwG78K7xpds+mSpV3FwzgfGIUPQjdGndHCszsPtAZYNfRft
vHImNu0qLNVjZaXcxr/bHQs65zHeILT7MITF4zV9dtMmFtS9Wo+ywIZqiQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFJbU8m758lZoMXjcvEvKVtIAOVLLMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvbHRUeWJ2bnlWbWd4ZU55OFM4cFcwZ0E1VXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjA2BAIAATAwAwQCLYiI
AwQAVcrLAwQAXrF6AwQCixxgAwQAwTrvAwQAwjJcAwQAwjJeAwQAwjJvMGQEAgAC
MF4DBwAgAQf4ARkDBQMqCQTAAwUDKgw7gAMHACoOl8ABcAMHBCoOl8ACYAMGAioO
l8cEAwcAKg6xBwnyAwcAKg6xBxFlAwcAKg6xBxeGAwcAKg/kBAECAwcEKhDMQAHA
MA0GCSqGSIb3DQEBCwUAA4IBAQADaGS/DUHFxMBRlegnWvZadFiN2FJeMOmxGzDG
zgg43oMva5lF+mQA95MHkFVRpkuGN5EN1CJ5xWAP0QVLc9R7bZ2zkrvRLeo6EZXz
g/+vDTan4PB0DL89AD6boibFKdZbTU/hLkLuiYJNwkndgIoHGuWlswJw2CTvfFRc
1Pg+n6B36eUnAFvptKBlireGB8nhqXMGimYAHURBgbjfagP+R6nsNUhcDiAXGX5r
dig3OZQWf26V7SBCXYczhbubNqNviAbM483RKTFWYyLoTfvsIqa7Dg20qknvxLsC
m+brE21icJAEOI7py7FC5EdQDNALVkhrr/GIugccCSaF4TSH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:19 2023 by rpki-client on console-fra.rpki-client.org