Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LtefKujJcv6w6GEniMUBnLe6Vmk.roa
File: LtefKujJcv6w6GEniMUBnLe6Vmk.roa (raw, json)
Hash identifier: N3vJoQqOa9Jng6RUK/3j1/YKlmQCPIK8XD9a2mcFtsQ=
Subject key identifier: 2E:D7:9F:2A:E8:C9:72:FE:B0:E8:61:27:88:C5:01:9C:B7:BA:56:69
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01830219B4741F6F29D80F8CCFF6FCB94DDB
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LtefKujJcv6w6GEniMUBnLe6Vmk.roa
Signing time: Sat 03 Sep 2022 06:46:22 +0000
ROA not before: Sat 03 Sep 2022 06:46:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
46.38.150.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.20.0/23 maxlen: 23
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:02:19:b4:74:1f:6f:29:d8:0f:8c:cf:f6:fc:b9:4d:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Sep 3 06:46:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ed79f2ae8c972feb0e8612788c5019cb7ba5669
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:58:6c:bd:fd:9c:f8:dc:1f:7d:b4:d9:1f:17:
ed:ef:8f:34:f7:a3:36:ba:d2:b5:7b:10:0e:1a:c1:
f2:4d:6c:d8:9f:0d:26:a1:85:89:0f:1b:76:9e:19:
6f:87:e1:25:53:c4:5a:08:a6:53:5d:81:e7:27:71:
cc:69:21:2d:19:d4:6c:c3:49:95:95:65:63:5e:56:
57:00:58:5f:f6:b6:3b:69:68:59:5f:4b:62:a9:8c:
5a:f1:78:b6:59:99:cf:a6:84:fe:3a:60:d4:e2:43:
70:50:bf:61:0e:d2:e3:9b:57:fe:3a:e0:82:1e:95:
7d:fd:18:0a:4a:2f:23:84:b7:d8:1d:d5:ae:7e:ea:
56:b1:7e:4e:ac:f9:43:f1:2e:11:83:07:4e:ab:4d:
d0:9f:47:7c:23:3b:6e:87:60:ad:12:40:07:4b:84:
f7:16:b1:5d:c8:7b:65:c3:d5:5c:f9:9d:90:8b:c9:
19:74:60:39:e9:fd:97:3f:54:60:ad:97:ca:78:69:
8a:8c:53:35:23:c1:54:90:da:68:5a:ee:d5:26:74:
2a:f9:84:6a:a4:4a:ce:ed:13:15:bd:b6:2b:59:7d:
fa:ab:5d:07:06:fd:3d:ae:6e:4f:11:0c:cb:dc:15:
17:b0:2b:d5:04:64:c8:7d:21:78:ec:3c:2f:02:c7:
9b:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D7:9F:2A:E8:C9:72:FE:B0:E8:61:27:88:C5:01:9C:B7:BA:56:69
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/LtefKujJcv6w6GEniMUBnLe6Vmk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
46.38.150.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
33:22:76:51:cc:24:21:25:7d:cf:dd:5b:ff:ea:d0:8b:1e:c4:
b4:2b:2f:85:e5:cf:64:d3:2a:cc:26:92:77:56:7e:e6:d7:ac:
aa:53:0d:bb:23:9e:30:d1:56:a0:51:57:8d:cf:e6:52:17:1a:
18:5b:43:43:06:d1:0f:ad:37:da:50:33:71:b7:57:16:c6:60:
93:b1:ff:30:cc:da:2a:f7:08:dc:ff:dd:a7:3e:e1:c8:17:18:
81:c3:f7:20:4e:66:4e:35:24:2d:b0:19:7e:ef:94:44:73:3d:
ac:1a:e0:fd:29:27:5c:39:1a:70:4b:be:e4:3c:5f:d1:52:1e:
06:2a:25:04:12:95:aa:ab:c0:e7:18:d5:b3:42:e3:85:ff:00:
de:a9:cc:fb:d6:c5:40:50:87:29:dc:50:a8:88:7d:b9:b7:93:
91:df:ef:a7:ca:8d:34:90:2f:c2:bf:8e:ef:a0:9e:3b:74:ca:
b5:02:00:b1:39:ec:da:b4:52:3d:e0:d9:47:26:f7:41:30:74:
f2:27:25:d7:9d:2d:3c:aa:7b:73:f6:cd:5b:4c:59:dc:01:ec:
b9:da:e7:0b:8f:39:e2:1e:f4:5b:9d:39:71:8c:1d:ad:07:af:
d3:f7:f5:b1:c5:a7:42:e1:7b:f0:05:ee:65:24:b2:c3:b9:2e:
bc:6d:e9:c5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYMCGbR0H28p2A+Mz/b8uU3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjIwOTAzMDY0NjIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQ3OWYyYWU4Yzk3MmZlYjBlODYxMjc4OGM1MDE5Y2I3YmE1NjY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1hsvf2c+NwffbTZHxft748096M2
utK1exAOGsHyTWzYnw0moYWJDxt2nhlvh+ElU8RaCKZTXYHnJ3HMaSEtGdRsw0mV
lWVjXlZXAFhf9rY7aWhZX0tiqYxa8Xi2WZnPpoT+OmDU4kNwUL9hDtLjm1f+OuCC
HpV9/RgKSi8jhLfYHdWufupWsX5OrPlD8S4RgwdOq03Qn0d8Iztuh2CtEkAHS4T3
FrFdyHtlw9Vc+Z2Qi8kZdGA56f2XP1RgrZfKeGmKjFM1I8FUkNpoWu7VJnQq+YRq
pErO7RMVvbYrWX36q10HBv09rm5PEQzL3BUXsCvVBGTIfSF47DwvAsebZwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC7XnyroyXL+sOhhJ4jFAZy3ulZpMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvTHRlZkt1akpjdjZ3NkdFbmlNVUJuTGU2Vm1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALiaBAwQA
LiaDAwQALiaMAwQALiaWAwQF1BBAAwQF1FAAMA0EAgACMAcDBQMqAH2AMA0GCSqG
SIb3DQEBCwUAA4IBAQAzInZRzCQhJX3P3Vv/6tCLHsS0Ky+F5c9k0yrMJpJ3Vn7m
16yqUw27I54w0VagUVeNz+ZSFxoYW0NDBtEPrTfaUDNxt1cWxmCTsf8wzNoq9wjc
/92nPuHIFxiBw/cgTmZONSQtsBl+75REcz2sGuD9KSdcORpwS77kPF/RUh4GKiUE
EpWqq8DnGNWzQuOF/wDeqcz71sVAUIcp3FCoiH25t5OR3++nyo00kC/Cv47voJ47
dMq1AgCxOezatFI94NlHJvdBMHTyJyXXnS08qntz9s1bTFncAey52ucLjzniHvRb
nTlxjB2tB6/T9/WxxadC4XvwBe5lJLLDuS68benF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org