Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/lZCpaYxhalVjltk69ExOmEj2boQ.roa
File: lZCpaYxhalVjltk69ExOmEj2boQ.roa (raw, json)
Hash identifier: tVpsvfVHLLx+0QduBs27TwP2lVpri44WYdOgka69uzM=
Subject key identifier: 95:90:A9:69:8C:61:6A:55:63:96:D9:3A:F4:4C:4E:98:48:F6:6E:84
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 05123E0A
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/lZCpaYxhalVjltk69ExOmEj2boQ.roa
Signing time: Fri 01 Jul 2022 05:36:04 +0000
ROA not before: Fri 01 Jul 2022 05:36:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 22
195.114.0.0/23 maxlen: 23
91.199.22.0/24 maxlen: 24
178.250.40.0/21 maxlen: 21
194.169.227.0/24 maxlen: 24
185.208.164.0/24 maxlen: 24
185.123.160.0/22 maxlen: 22
185.243.52.0/22 maxlen: 22
195.242.116.0/23 maxlen: 23
195.78.66.0/23 maxlen: 23
193.218.152.0/22 maxlen: 22
195.2.254.0/23 maxlen: 23
2a02:1778::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85081610 (0x5123e0a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Jul 1 05:36:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9590a9698c616a556396d93af44c4e9848f66e84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:2d:71:dd:ed:bb:01:af:50:3f:00:a6:42:b8:
a5:dc:ff:0a:2e:54:a8:e4:14:2c:01:e6:aa:45:a5:
21:9e:ed:be:33:58:c1:13:d8:38:88:9c:7f:98:19:
79:ef:f6:03:38:20:6d:66:f7:12:14:98:6b:98:1b:
e5:89:da:c5:9b:9b:0e:54:23:d2:38:37:76:f7:73:
59:a4:05:1a:27:63:f4:b5:72:b0:0c:dc:99:5e:1d:
76:de:87:fd:17:8b:4e:52:39:d5:c9:2e:19:e7:12:
f6:32:33:d1:a8:cb:57:7a:50:e2:bf:58:36:3c:54:
5a:33:ef:be:73:e3:d4:75:d5:82:dd:8f:d0:0e:cf:
0b:95:9f:75:6a:6b:88:7d:04:9a:3e:13:3c:29:b7:
2b:e3:27:22:b8:15:3e:f2:13:7f:d0:5f:b6:ab:72:
99:3c:14:da:01:69:c8:6e:87:0d:b8:22:9b:f7:59:
9d:2d:b9:33:c2:3a:96:83:01:a9:c5:27:8e:e9:34:
f6:2f:5b:fb:58:cb:e1:06:e9:d6:df:41:5a:72:8c:
54:44:2f:be:ff:bc:e2:51:42:ec:df:68:08:0e:10:
57:be:76:9d:27:50:82:33:38:80:32:55:05:41:34:
4f:8d:7d:ed:f3:41:18:55:fe:a8:f2:fe:df:ef:14:
ad:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:90:A9:69:8C:61:6A:55:63:96:D9:3A:F4:4C:4E:98:48:F6:6E:84
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/lZCpaYxhalVjltk69ExOmEj2boQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
178.250.40.0/21
185.123.160.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.78.66.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
07:8e:3d:eb:4e:a5:14:cd:bc:cb:fd:6b:63:44:cd:1f:96:0c:
c5:b3:1b:b2:37:e5:d0:c1:f7:fa:d2:e0:c8:87:8b:ce:d0:95:
30:82:9e:9e:d7:87:19:22:87:96:ba:89:ef:fd:ad:7e:29:dc:
ea:68:f5:c9:06:4f:0f:6f:3a:2c:0a:56:44:d8:a1:98:eb:f1:
d9:08:2d:53:53:9f:87:b0:27:d4:9d:f8:03:12:a4:2c:a3:e4:
3f:4d:5a:a5:e8:d5:c1:66:41:53:a8:b3:ec:b4:c8:5c:67:3b:
f0:e0:9e:f8:ad:e2:ca:f5:de:23:40:e0:7f:6d:78:f3:bc:4b:
47:48:1a:ec:2b:90:67:c9:3d:af:5b:6d:15:bd:de:2a:7b:f0:
21:bb:c2:5b:83:f9:27:4f:5c:a4:14:39:25:80:9c:ed:b0:eb:
50:85:60:a2:bf:d9:0c:65:e2:b4:41:68:2f:99:0a:83:8b:19:
be:cc:84:4d:8a:cd:80:06:0a:cc:1f:35:90:89:80:c9:68:bf:
f6:02:9a:7f:41:61:c8:c9:11:15:14:25:6b:f1:c3:d8:b2:ad:
db:66:c4:b4:4a:e3:54:8c:6e:e4:bc:1a:76:1a:2b:e6:fb:d3:
23:15:23:d3:00:c8:92:95:ee:88:11:ee:a6:84:a4:24:6e:68:
41:21:a5:58
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEBRI+CjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE1YWE5MThjYmZlYjNlMTI5OTdmMzM4OTBmZWIyNTg5MDdiMzQzMB4XDTIyMDcw
MTA1MzYwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTU5MGE5Njk4YzYx
NmE1NTYzOTZkOTNhZjQ0YzRlOTg0OGY2NmU4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIYtcd3tuwGvUD8ApkK4pdz/Ci5UqOQULAHmqkWlIZ7tvjNY
wRPYOIicf5gZee/2AzggbWb3EhSYa5gb5YnaxZubDlQj0jg3dvdzWaQFGidj9LVy
sAzcmV4ddt6H/ReLTlI51ckuGecS9jIz0ajLV3pQ4r9YNjxUWjPvvnPj1HXVgt2P
0A7PC5WfdWpriH0Emj4TPCm3K+MnIrgVPvITf9BftqtymTwU2gFpyG6HDbgim/dZ
nS25M8I6loMBqcUnjuk09i9b+1jL4Qbp1t9BWnKMVEQvvv+84lFC7N9oCA4QV752
nSdQgjM4gDJVBUE0T4197fNBGFX+qPL+3+8UrcECAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBSVkKlpjGFqVWOW2Tr0TE6YSPZuhDAfBgNVHSMEGDAWgBQmpaqRjL/rPhKZ
fzOJD+sliQezQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxV3FrWXlfNno0U21YOHppUV9ySllrSHMwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8x
L2xaQ3BhWXhoYWxWamx0azY5RXhPbUVqMmJvUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8xL0pxV3FrWXlfNno0
U21YOHppUV9ySllrSHMwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAFvHFgMEA7L6KAMEArl7oAMEArnM
2AMEALnQpAMEArnzNAMEAsHamAMEAMKp4wMEAcMC/gMEAcNOQgMEAcNyAAMEAcPy
dDANBAIAAjAHAwUAKgIXeDANBgkqhkiG9w0BAQsFAAOCAQEAB449606lFM28y/1r
Y0TNH5YMxbMbsjfl0MH3+tLgyIeLztCVMIKenteHGSKHlrqJ7/2tfinc6mj1yQZP
D286LApWRNihmOvx2QgtU1Ofh7An1J34AxKkLKPkP01apejVwWZBU6iz7LTIXGc7
8OCe+K3iyvXeI0Dgf21487xLR0ga7CuQZ8k9r1ttFb3eKnvwIbvCW4P5J09cpBQ5
JYCc7bDrUIVgor/ZDGXitEFoL5kKg4sZvsyETYrNgAYKzB81kImAyWi/9gKaf0Fh
yMkRFRQla/HD2LKt22bEtErjVIxu5Lwadhor5vvTIxUj0wDIkpXuiBHupoSkJG5o
QSGlWA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:03 2023 by rpki-client on console-fra.rpki-client.org