Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/le_wIly1KzYvKNmlPb_LMvY56iY.roa
File: le_wIly1KzYvKNmlPb_LMvY56iY.roa (raw, json)
Hash identifier: 3a7qxEW0UHgaJ8n5kPKhtirePn8l3EF7pDTtCQFNOAo=
Subject key identifier: 95:EF:F0:22:5C:B5:2B:36:2F:28:D9:A5:3D:BF:CB:32:F6:39:EA:26
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 018606FF15CE2063D23C111F40A2E4CACBB7
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/le_wIly1KzYvKNmlPb_LMvY56iY.roa
Signing time: Tue 31 Jan 2023 08:43:45 +0000
ROA not before: Tue 31 Jan 2023 08:43:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208257
IP address blocks: 185.251.70.0/24 maxlen: 24
151.248.20.0/22 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:06:ff:15:ce:20:63:d2:3c:11:1f:40:a2:e4:ca:cb:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 31 08:43:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95eff0225cb52b362f28d9a53dbfcb32f639ea26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:52:76:3e:c0:8c:52:7b:fd:f1:79:d5:33:3c:
47:19:8a:6b:55:15:80:5b:14:6d:16:cc:6f:20:b3:
13:61:2e:6b:4b:dd:b5:f3:3c:2d:86:19:a7:db:9f:
65:9b:bd:22:4b:df:79:aa:36:41:55:12:15:a5:c9:
c7:a8:e3:dd:92:e0:45:a0:4d:61:b0:63:db:c9:04:
d7:08:f4:4a:7d:d8:c6:e5:73:7f:fe:36:f3:66:0f:
c4:29:de:67:4f:d6:69:ce:11:f5:b1:7c:9a:e1:1d:
8b:a2:a0:6c:74:5d:ae:cd:fa:1f:af:23:62:de:b6:
bd:79:17:d2:0d:a9:b8:b4:3b:f2:7a:3e:ee:ae:c5:
9e:16:13:bf:15:03:f6:e0:60:f4:ac:46:51:f7:a1:
65:4a:50:80:d0:56:14:b7:54:cb:0d:65:7a:22:d6:
72:ab:b8:18:9f:62:7f:7a:6f:4c:01:5c:3a:d3:9c:
02:23:d2:cb:74:3f:45:0e:1a:c1:c2:b9:e1:ed:92:
84:6d:15:76:eb:e7:6d:a2:fb:48:ef:c4:8f:8e:33:
70:80:43:41:f2:34:77:30:9b:36:78:ee:f1:b4:bc:
87:7e:ec:10:48:1d:0a:f7:38:29:dc:70:54:f7:b5:
3d:bd:d9:f8:94:31:d4:b2:c3:6f:b7:cc:3c:d2:b5:
cc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:EF:F0:22:5C:B5:2B:36:2F:28:D9:A5:3D:BF:CB:32:F6:39:EA:26
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/le_wIly1KzYvKNmlPb_LMvY56iY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.20.0/22
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
95:b3:a3:1e:f5:82:62:1f:d6:64:5c:1a:1c:70:67:7a:32:ba:
23:99:e6:73:af:4b:4f:32:4b:11:b4:44:7a:2f:cd:8f:4e:b3:
82:44:14:05:c5:d1:e3:56:83:a5:23:78:72:38:13:7c:51:79:
9e:8e:e9:cb:e5:bf:72:62:05:7b:6a:c1:b5:0a:a0:02:ef:a9:
8f:75:52:c8:5f:92:93:2c:da:95:8b:b6:5d:01:0d:e5:1e:f4:
45:b3:c8:2e:d5:02:b5:a5:61:f1:f1:c0:29:e3:59:6f:14:69:
59:1d:67:ab:2d:5b:8a:8a:27:a2:ee:b0:65:0c:7e:de:67:01:
5c:36:37:98:37:f9:87:55:54:1a:84:f6:28:6e:58:74:cd:5a:
c9:a8:6d:68:03:7c:66:4f:09:3a:40:ae:13:7e:5a:3b:25:15:
04:5c:2a:dd:98:9b:69:7d:cd:da:8c:9f:07:54:e9:7a:9b:ab:
cc:d6:a0:71:27:c8:ba:b8:13:73:b6:ac:1a:16:2d:4d:3f:86:
fb:8d:01:f2:32:d0:63:ea:c1:f8:94:b0:82:cd:16:98:3e:85:
46:96:a3:91:40:7b:c0:6d:a8:8e:ef:04:7d:02:11:62:f5:78:
48:8e:4b:46:e1:90:a2:55:e3:fd:77:08:72:e5:53:0a:66:25:
8b:d8:80:e0
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYYG/xXOIGPSPBEfQKLkysu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjMwMTMxMDg0MzQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWVmZjAyMjVjYjUyYjM2MmYyOGQ5YTUzZGJmY2IzMmY2MzllYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1J2PsCMUnv98XnVMzxHGYprVRWA
WxRtFsxvILMTYS5rS9218zwthhmn259lm70iS995qjZBVRIVpcnHqOPdkuBFoE1h
sGPbyQTXCPRKfdjG5XN//jbzZg/EKd5nT9ZpzhH1sXya4R2LoqBsdF2uzfofryNi
3ra9eRfSDam4tDvyej7ursWeFhO/FQP24GD0rEZR96FlSlCA0FYUt1TLDWV6ItZy
q7gYn2J/em9MAVw605wCI9LLdD9FDhrBwrnh7ZKEbRV26+dtovtI78SPjjNwgENB
8jR3MJs2eO7xtLyHfuwQSB0K9zgp3HBU97U9vdn4lDHUssNvt8w80rXMYwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJXv8CJctSs2LyjZpT2/yzL2OeomMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvbGVfd0lseTFLell2S05tbFBiX0xNdlk1NmlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCl/gUAwQA
uftGMBsEAgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQAD
ggEBAJWzox71gmIf1mRcGhxwZ3oyuiOZ5nOvS08ySxG0RHovzY9Os4JEFAXF0eNW
g6UjeHI4E3xReZ6O6cvlv3JiBXtqwbUKoALvqY91UshfkpMs2pWLtl0BDeUe9EWz
yC7VArWlYfHxwCnjWW8UaVkdZ6stW4qKJ6LusGUMft5nAVw2N5g3+YdVVBqE9ihu
WHTNWsmobWgDfGZPCTpArhN+WjslFQRcKt2Ym2l9zdqMnwdU6Xqbq8zWoHEnyLq4
E3O2rBoWLU0/hvuNAfIy0GPqwfiUsILNFpg+hUaWo5FAe8BtqI7vBH0CEWL1eEiO
S0bhkKJV4/13CHLlUwpmJYvYgOA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:02:25 2025 by rpki-client