Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/l1v1gZ433r6-Jv4MjWOqxnQkz2s.roa
File: l1v1gZ433r6-Jv4MjWOqxnQkz2s.roa (raw, json)
Hash identifier: kXFu6OxTsNwY//v9cjusIBEcmjVdP7asK3wkKmZzlyM=
Subject key identifier: 97:5B:F5:81:9E:37:DE:BE:BE:26:FE:0C:8D:63:AA:C6:74:24:CF:6B
Certificate issuer: /CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Certificate serial: 08A34F0E
Authority key identifier: B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/l1v1gZ433r6-Jv4MjWOqxnQkz2s.roa
Signing time: Thu 30 Jun 2022 08:40:02 +0000
ROA not before: Thu 30 Jun 2022 08:40:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206120
IP address blocks: 194.147.172.0/24 maxlen: 24
194.147.228.0/24 maxlen: 24
194.147.227.0/24 maxlen: 24
185.195.249.0/24 maxlen: 24
185.195.248.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144920334 (0x8a34f0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d5ec1516ee6dc19d1e5c3998cb7e7a646f715a
Validity
Not Before: Jun 30 08:40:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=975bf5819e37debebe26fe0c8d63aac67424cf6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a2:f0:0e:e0:2f:6f:d7:d5:e1:07:30:8e:3a:
be:01:58:e8:a8:6e:4c:65:0f:2f:58:d9:dc:19:b7:
60:24:c7:ff:d1:7b:9a:6e:d4:f5:df:2a:f0:4c:9e:
af:08:81:cb:3a:a5:9a:20:9d:60:58:32:b1:ac:9f:
c6:7a:9f:6c:48:ae:58:51:84:83:1d:c1:77:ae:c5:
77:4c:2c:49:1a:e9:87:32:6c:19:1e:7c:dc:14:77:
fc:bc:9f:76:94:8a:5f:34:7a:5f:be:b3:bf:12:86:
e7:f0:98:4a:aa:3a:77:97:21:f1:34:0b:5a:a1:8c:
b6:16:3e:d0:32:17:fb:e9:06:0b:5c:8a:dc:c5:a5:
ca:95:21:fd:90:55:79:65:65:01:45:a6:32:ba:99:
4d:05:74:81:40:6c:55:9b:2b:8c:13:fa:22:d0:f5:
b0:37:ba:a1:d6:c7:0d:a0:cf:76:a7:3b:66:c5:d9:
56:2d:b5:ce:42:15:d9:59:f0:8d:23:2a:e6:ac:88:
75:28:47:9d:00:26:11:b4:9a:dd:29:bf:fe:a3:d4:
9b:39:ad:c4:b2:09:ad:ca:69:7d:61:9e:be:30:fd:
de:1a:28:5c:2f:b7:a1:99:d1:0a:0a:f5:c7:28:5f:
ab:f8:1d:79:ef:fb:b5:cf:63:f7:6e:4b:e4:3d:2e:
f0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:5B:F5:81:9E:37:DE:BE:BE:26:FE:0C:8D:63:AA:C6:74:24:CF:6B
X509v3 Authority Key Identifier:
keyid:B3:D5:EC:15:16:EE:6D:C1:9D:1E:5C:39:98:CB:7E:7A:64:6F:71:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9XsFRbubcGdHlw5mMt-emRvcVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/l1v1gZ433r6-Jv4MjWOqxnQkz2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/3ad7cc-3c08-4b72-870a-6c305a6dbab9/1/s9XsFRbubcGdHlw5mMt-emRvcVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.248.0/22
194.147.172.0/24
194.147.227.0-194.147.228.255
Signature Algorithm: sha256WithRSAEncryption
25:51:cb:8b:e2:28:93:31:5e:85:5a:00:a7:a4:60:77:f8:5c:
02:3e:ca:ec:dd:01:5b:f8:12:4c:34:14:ff:72:51:43:bf:78:
3d:d0:a4:a5:df:25:17:df:8f:bb:c1:5e:89:45:73:8f:35:a2:
05:4f:2f:73:7b:a0:9e:aa:1d:58:c1:46:93:ce:0c:e2:e6:1d:
8c:43:6d:7a:98:4c:82:39:c7:3f:38:b0:53:de:8f:15:db:ce:
c0:5c:68:14:eb:74:26:69:39:ce:08:3f:74:a3:cc:b8:32:16:
9a:ec:5e:d3:f8:30:1a:fb:e8:46:9f:23:58:75:b0:c9:50:b3:
72:14:8b:e0:69:a0:58:d7:92:86:d9:4d:96:64:94:0c:57:e3:
32:f8:ac:4e:fa:03:d4:31:ea:d7:64:9c:a3:77:1e:d4:8a:a7:
46:fe:f9:5d:5e:73:73:70:0a:80:0e:04:a0:19:b8:49:28:e8:
35:4e:bd:8c:a0:fe:06:1f:4e:bb:d2:aa:6f:cf:f1:14:f5:4a:
22:a1:1b:8a:3c:86:a2:c7:b7:07:8d:82:8b:26:5a:e4:9d:d7:
ba:1d:cd:fd:73:7d:d8:50:b9:0b:a9:d8:24:7d:47:b9:8a:5b:
7e:9c:65:99:d3:25:58:cb:d2:eb:6d:4f:c9:41:87:96:37:8e:
25:30:ba:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIECKNPDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2Q1ZWMxNTE2ZWU2ZGMxOWQxZTVjMzk5OGNiN2U3YTY0NmY3MTVhMB4XDTIyMDYz
MDA4NDAwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTc1YmY1ODE5ZTM3
ZGViZWJlMjZmZTBjOGQ2M2FhYzY3NDI0Y2Y2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJKi8A7gL2/X1eEHMI46vgFY6KhuTGUPL1jZ3Bm3YCTH/9F7
mm7U9d8q8EyerwiByzqlmiCdYFgysayfxnqfbEiuWFGEgx3Bd67Fd0wsSRrphzJs
GR583BR3/LyfdpSKXzR6X76zvxKG5/CYSqo6d5ch8TQLWqGMthY+0DIX++kGC1yK
3MWlypUh/ZBVeWVlAUWmMrqZTQV0gUBsVZsrjBP6ItD1sDe6odbHDaDPdqc7ZsXZ
Vi21zkIV2VnwjSMq5qyIdShHnQAmEbSa3Sm//qPUmzmtxLIJrcppfWGevjD93hoo
XC+3oZnRCgr1xyhfq/gdee/7tc9j925L5D0u8CcCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBSXW/WBnjfevr4m/gyNY6rGdCTPazAfBgNVHSMEGDAWgBSz1ewVFu5twZ0e
XDmYy356ZG9xWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M5WHNGUmJ1YmNHZEhsdzVtTXQtZW1SdmNWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTkvM2FkN2NjLTNjMDgtNGI3Mi04NzBhLTZjMzA1YTZkYmFiOS8x
L2wxdjFnWjQzM3I2LUp2NE1qV09xeG5Ra3oycy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTkv
M2FkN2NjLTNjMDgtNGI3Mi04NzBhLTZjMzA1YTZkYmFiOS8xL3M5WHNGUmJ1YmNH
ZEhsdzVtTXQtZW1SdmNWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEArnD+AMEAMKTrDAMAwQAwpPjAwQA
wpPkMA0GCSqGSIb3DQEBCwUAA4IBAQAlUcuL4iiTMV6FWgCnpGB3+FwCPsrs3QFb
+BJMNBT/clFDv3g90KSl3yUX34+7wV6JRXOPNaIFTy9ze6Ceqh1YwUaTzgzi5h2M
Q216mEyCOcc/OLBT3o8V287AXGgU63QmaTnOCD90o8y4Mhaa7F7T+DAa++hGnyNY
dbDJULNyFIvgaaBY15KG2U2WZJQMV+My+KxO+gPUMerXZJyjdx7UiqdG/vldXnNz
cAqADgSgGbhJKOg1Tr2MoP4GH0670qpvz/EU9UoioRuKPIaix7cHjYKLJlrknde6
Hc39c33YULkLqdgkfUe5ilt+nGWZ0yVYy9LrbU/JQYeWN44lMLqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:45 2024 by rpki-client on console-fra.rpki-client.org