Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/lpOtJiYDv5HbWRFKypr3aiYuWsY.roa
File: lpOtJiYDv5HbWRFKypr3aiYuWsY.roa (raw, json)
Hash identifier: 9+QA7FX5dgHTIHIjnFnw5Pe75y6HoL2iji6udfWixsY=
Subject key identifier: 96:93:AD:26:26:03:BF:91:DB:59:11:4A:CA:9A:F7:6A:26:2E:5A:C6
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0184F20BF869C6C0D8620DFFCDC9B9EF25FA
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/lpOtJiYDv5HbWRFKypr3aiYuWsY.roa
Signing time: Thu 08 Dec 2022 14:03:01 +0000
ROA not before: Thu 08 Dec 2022 14:03:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47626
IP address blocks: 193.7.216.0/22 maxlen: 22
5.180.240.0/22 maxlen: 22
176.96.190.0/23 maxlen: 24
176.96.189.0/24 maxlen: 24
78.24.100.0/22 maxlen: 22
91.208.35.0/24 maxlen: 24
91.222.120.0/22 maxlen: 24
188.93.64.0/22 maxlen: 22
2a05:9c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:0b:f8:69:c6:c0:d8:62:0d:ff:cd:c9:b9:ef:25:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Dec 8 14:03:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9693ad262603bf91db59114aca9af76a262e5ac6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:e7:01:c3:76:2a:25:08:2a:53:e6:bc:78:a6:
04:44:91:f2:97:a4:4e:9d:56:e1:ab:52:e2:71:18:
fb:77:e9:90:63:ce:11:bd:f7:aa:51:23:40:e9:72:
e3:e6:28:df:5b:e5:74:eb:8b:fd:54:87:9d:6e:84:
1e:c0:62:74:34:ba:74:f0:93:8c:2f:26:a0:fe:f1:
24:b0:60:f1:59:10:8d:21:a7:6c:94:6d:ce:30:5f:
4f:a4:5b:39:53:31:f4:37:fd:60:81:32:e1:fa:04:
aa:fe:02:44:a3:61:9c:91:3f:48:6e:1f:54:bf:8a:
5c:ce:58:33:bc:48:e3:6a:db:4b:30:f9:42:ec:ff:
22:7b:28:f5:b5:ee:4c:5c:e4:bb:cb:7d:80:2c:96:
d6:a2:da:37:5c:60:ad:e9:58:12:eb:f6:ed:8b:9d:
34:f6:bc:8d:2d:16:7f:af:22:f0:5f:4c:98:57:e5:
9a:8b:bb:7f:7e:8e:43:d3:bf:e1:12:01:33:9b:36:
a0:8e:98:16:41:e2:f9:1d:b9:cf:52:21:c6:19:24:
a0:f5:2f:61:97:61:e2:23:22:1c:d1:ad:7d:79:79:
c9:6d:ca:4b:d5:5c:46:dd:6a:a6:1b:c5:fd:59:43:
94:e4:d4:c2:bc:ca:a9:02:7a:0f:17:2c:fe:c4:34:
93:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:93:AD:26:26:03:BF:91:DB:59:11:4A:CA:9A:F7:6A:26:2E:5A:C6
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/lpOtJiYDv5HbWRFKypr3aiYuWsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.240.0/22
78.24.100.0/22
91.208.35.0/24
91.222.120.0/22
176.96.189.0-176.96.191.255
188.93.64.0/22
193.7.216.0/22
IPv6:
2a05:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
88:c2:b6:0a:11:6a:7f:b4:60:71:58:68:ed:b1:c7:66:bc:27:
9a:ab:55:d5:99:62:5b:dd:ac:19:05:69:35:37:27:de:82:ec:
f7:8e:77:62:48:01:2b:17:f6:97:c2:89:87:c5:12:19:36:80:
3d:0f:9b:09:a2:a2:97:22:88:a8:13:eb:fc:d2:e6:b6:f0:e4:
c2:12:25:47:87:24:36:dd:f9:37:dd:ea:c8:14:20:a8:c6:0e:
dd:fb:a4:f5:ab:be:02:31:0a:98:73:df:c9:f0:4d:5c:af:b5:
44:33:2f:3b:20:ca:2c:2e:c4:2b:f4:d5:ad:68:e3:da:de:22:
cb:5b:15:47:c1:ad:d7:eb:bb:32:78:c1:44:71:2d:f5:12:11:
65:2f:0e:1e:a4:c4:d4:1f:89:f8:33:2e:90:55:1f:71:fc:6e:
bc:48:55:99:f0:51:65:24:25:d1:83:3f:b5:c7:c7:31:39:5d:
37:56:0d:e3:fa:de:3f:e9:24:0f:92:10:0e:2d:4d:cc:31:8d:
84:5a:71:b3:6c:4c:ac:e6:0b:8b:e8:55:33:f6:fd:49:2f:c7:
ac:ea:5a:1e:89:c7:40:db:a9:b5:0f:9b:81:09:e5:29:80:83:
03:c8:23:80:ff:00:0e:51:91:96:30:d5:e1:80:cb:bd:ee:d7:
21:8f:3f:36
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYTyC/hpxsDYYg3/zcm57yX6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNWI2ZDE1OTZhYzA1MDFhNzFhMzkzNDQ3MDUxYTYyZmYx
ZGRhMTYwHhcNMjIxMjA4MTQwMzAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjkzYWQyNjI2MDNiZjkxZGI1OTExNGFjYTlhZjc2YTI2MmU1YWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh+cBw3YqJQgqU+a8eKYERJHyl6RO
nVbhq1LicRj7d+mQY84RvfeqUSNA6XLj5ijfW+V064v9VIedboQewGJ0NLp08JOM
Lyag/vEksGDxWRCNIadslG3OMF9PpFs5UzH0N/1ggTLh+gSq/gJEo2GckT9Ibh9U
v4pczlgzvEjjattLMPlC7P8ieyj1te5MXOS7y32ALJbWoto3XGCt6VgS6/bti500
9ryNLRZ/ryLwX0yYV+Wai7t/fo5D07/hEgEzmzagjpgWQeL5HbnPUiHGGSSg9S9h
l2HiIyIc0a19eXnJbcpL1VxG3WqmG8X9WUOU5NTCvMqpAnoPFyz+xDSTywIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJaTrSYmA7+R21kRSsqa92omLlrGMB8GA1UdIwQY
MBaAFAFbbRWWrAUBpxo5NEcFGmL/HdoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgt
ZmVlOGYzNzkwNTY3LzEvbHBPdEppWUR2NUhiV1JGS3lwcjNhaVl1V3NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81MmE4OGYtZTlhMi00ODUxLTkxNDgtZmVlOGYzNzkwNTY3
LzEvQVZ0dEZaYXNCUUduR2prMFJ3VWFZdjhkMmhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQCBbTwAwQC
ThhkAwQAW9AjAwQCW954MAwDBACwYL0DBAawYIADBAK8XUADBALBB9gwDQQCAAIw
BwMFAyoFnAAwDQYJKoZIhvcNAQELBQADggEBAIjCtgoRan+0YHFYaO2xx2a8J5qr
VdWZYlvdrBkFaTU3J96C7PeOd2JIASsX9pfCiYfFEhk2gD0PmwmiopciiKgT6/zS
5rbw5MISJUeHJDbd+Tfd6sgUIKjGDt37pPWrvgIxCphz38nwTVyvtUQzLzsgyiwu
xCv01a1o49reIstbFUfBrdfruzJ4wURxLfUSEWUvDh6kxNQfifgzLpBVH3H8brxI
VZnwUWUkJdGDP7XHxzE5XTdWDeP63j/pJA+SEA4tTcwxjYRacbNsTKzmC4voVTP2
/Ukvx6zqWh6Jx0DbqbUPm4EJ5SmAgwPII4D/AA5RkZYw1eGAy73u1yGPPzY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:00:47 2023 by rpki-client on console-ams.rpki-client.org