Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LI9EIGJDZKOZgMv7wJcG9cpNP6s.roa
File: LI9EIGJDZKOZgMv7wJcG9cpNP6s.roa (raw, json)
Hash identifier: AXiU1w6k3b6eaj50X6G9ayBitdMeMO3T8yg+XaZJyd4=
Subject key identifier: 2C:8F:44:20:62:43:64:A3:99:80:CB:FB:C0:97:06:F5:CA:4D:3F:AB
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 0184A01F4BB99FEB2E347F3C40C682E271D9
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LI9EIGJDZKOZgMv7wJcG9cpNP6s.roa
Signing time: Tue 22 Nov 2022 16:15:16 +0000
ROA not before: Tue 22 Nov 2022 16:15:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39150
IP address blocks: 95.85.83.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.85.83.0/25 maxlen: 25
91.196.139.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.136.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
93.179.69.0/24 maxlen: 24
93.179.66.0/24 maxlen: 24
95.181.213.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a0:1f:4b:b9:9f:eb:2e:34:7f:3c:40:c6:82:e2:71:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Nov 22 16:15:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c8f4420624364a39980cbfbc09706f5ca4d3fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:09:e0:71:90:67:b0:b5:1d:05:a9:1f:67:ad:
6b:b7:31:21:ba:72:ea:63:28:09:8d:cd:d4:46:81:
b8:d9:af:fe:1f:c7:d4:2a:fc:0b:a5:f4:3b:3d:7e:
a7:f1:c7:a6:ca:19:07:f8:96:64:8c:df:35:e6:93:
21:50:8b:a0:12:68:72:ed:6c:18:93:30:50:2a:ea:
21:b0:5a:13:43:a3:5e:fe:66:bd:79:44:fb:d1:c8:
d4:b2:df:89:94:23:4d:5c:29:1f:4e:a0:dd:a5:22:
f4:3d:eb:eb:07:f8:4f:64:56:ca:db:8b:30:d8:9e:
27:35:dc:27:d8:a0:54:37:c7:7d:0d:1b:8a:dc:87:
a3:74:57:69:0c:55:c2:06:8f:70:3b:fb:82:e9:d2:
71:48:98:f9:f3:5f:0a:4c:6b:b4:c8:76:22:d7:c1:
e5:86:b4:10:f8:54:d8:7d:7f:e0:fe:2d:93:94:b6:
f4:59:18:32:41:70:8b:f9:94:45:93:58:7c:e5:2e:
fe:9a:e2:70:d7:d2:a7:9a:99:a1:89:8c:62:54:03:
79:22:f1:54:64:08:cf:d6:e6:40:70:e6:31:9e:af:
42:89:52:cd:8f:5f:62:5e:64:51:62:d7:ca:4c:54:
96:f8:7a:cc:51:2f:7b:36:19:b5:4c:a2:d2:e7:32:
fa:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:8F:44:20:62:43:64:A3:99:80:CB:FB:C0:97:06:F5:CA:4D:3F:AB
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/LI9EIGJDZKOZgMv7wJcG9cpNP6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.66.0/24
93.179.69.0/24
95.85.83.0/24
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/32
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
b4:13:4a:02:bf:e4:b9:6a:fa:d9:e8:c1:0f:07:1b:51:22:10:
8f:38:5e:a8:2e:c4:e5:ba:b4:f8:0a:b2:ee:0f:8e:e8:e6:27:
95:2d:e6:7f:ca:33:84:6f:ea:95:0b:b5:54:cb:ae:ff:0f:33:
dc:ce:bc:73:04:85:da:85:aa:24:02:3d:58:7b:87:53:46:ce:
50:3d:e3:21:36:ec:f3:8e:2f:07:05:9f:3d:62:cb:67:63:02:
dd:8d:a7:a7:6d:92:b7:ec:71:34:3d:1c:3b:86:1a:ab:4d:2b:
f6:12:2f:6a:20:c8:a5:5b:b1:98:51:ca:e6:e0:03:54:49:ab:
a3:01:fa:d1:dd:af:19:6f:84:8b:ab:b4:ef:c6:f6:79:6c:58:
5c:a6:5c:a3:22:82:10:07:a7:46:1b:5a:30:f3:b8:f8:37:a8:
ea:c3:c1:7f:93:aa:a5:61:26:c8:ea:73:0d:33:09:38:84:40:
b9:d5:5c:b2:77:92:20:87:50:3b:12:2f:a7:59:02:2c:d0:fd:
7f:62:30:d5:9c:98:39:9c:85:5b:f7:6c:b1:3d:b9:0d:a4:1c:
84:ef:8c:8d:58:f2:fe:72:40:50:05:17:74:cf:85:d7:8a:b2:
87:79:2d:82:47:c2:a2:ff:25:35:90:c0:68:8e:ad:10:40:01:
cb:d7:ce:83
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYSgH0u5n+suNH88QMaC4nHZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjIxMTIyMTYxNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzhmNDQyMDYyNDM2NGEzOTk4MGNiZmJjMDk3MDZmNWNhNGQzZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqwngcZBnsLUdBakfZ61rtzEhunLq
YygJjc3URoG42a/+H8fUKvwLpfQ7PX6n8cemyhkH+JZkjN815pMhUIugEmhy7WwY
kzBQKuohsFoTQ6Ne/ma9eUT70cjUst+JlCNNXCkfTqDdpSL0PevrB/hPZFbK24sw
2J4nNdwn2KBUN8d9DRuK3IejdFdpDFXCBo9wO/uC6dJxSJj5818KTGu0yHYi18Hl
hrQQ+FTYfX/g/i2TlLb0WRgyQXCL+ZRFk1h85S7+muJw19KnmpmhiYxiVAN5IvFU
ZAjP1uZAcOYxnq9CiVLNj19iXmRRYtfKTFSW+HrMUS97Nhm1TKLS5zL6LQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFCyPRCBiQ2SjmYDL+8CXBvXKTT+rMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvTEk5RUlHSkRaS09aZ012N3dKY0c5Y3BOUDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQCW8SIAwQA
XbNCAwQAXbNFAwQAX1VTAwQAX7XVAwQAbcSFAwQAw7YIMBQEAgACMA4DBQAqBIaA
AwUAKgnVwDANBgkqhkiG9w0BAQsFAAOCAQEAtBNKAr/kuWr62ejBDwcbUSIQjzhe
qC7E5bq0+Aqy7g+O6OYnlS3mf8ozhG/qlQu1VMuu/w8z3M68cwSF2oWqJAI9WHuH
U0bOUD3jITbs844vBwWfPWLLZ2MC3Y2np22St+xxND0cO4Yaq00r9hIvaiDIpVux
mFHK5uADVEmrowH60d2vGW+Ei6u078b2eWxYXKZcoyKCEAenRhtaMPO4+Deo6sPB
f5OqpWEmyOpzDTMJOIRAudVcsneSIIdQOxIvp1kCLND9f2Iw1ZyYOZyFW/dssT25
DaQchO+MjVjy/nJAUAUXdM+F14qyh3ktgkfCov8lNZDAaI6tEEABy9fOgw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:48 2023 by rpki-client on console-ams.rpki-client.org