Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/lbMPVUbxsHNUmwaAGNM-0cCa948.roa
File: lbMPVUbxsHNUmwaAGNM-0cCa948.roa (raw, json)
Hash identifier: nNzUhONOjUzYCt/wn5QGNRs57SdxW0Qz2UdtpXvJJDE=
Subject key identifier: 95:B3:0F:55:46:F1:B0:73:54:9B:06:80:18:D3:3E:D1:C0:9A:F7:8F
Certificate issuer: /CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Certificate serial: 0910CB97
Authority key identifier: A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/lbMPVUbxsHNUmwaAGNM-0cCa948.roa
Signing time: Sat 01 Jan 2022 11:03:27 +0000
ROA not before: Sat 01 Jan 2022 11:03:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44486
IP address blocks: 45.135.200.0/22 maxlen: 22
45.88.111.0/24 maxlen: 24
45.88.110.0/24 maxlen: 24
45.88.109.0/24 maxlen: 24
45.88.108.0/22 maxlen: 22
45.88.108.0/24 maxlen: 24
91.218.64.0/22 maxlen: 24
2a04:e8c0::/29 maxlen: 29
2a0c:75c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152095639 (0x910cb97)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a11966c5ab4ea0673cc41c786e0778394b8bdacf
Validity
Not Before: Jan 1 11:03:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95b30f5546f1b073549b068018d33ed1c09af78f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:29:95:86:52:f4:9c:90:5e:a6:3a:f0:15:f5:
b5:b7:03:14:53:89:50:18:a7:f8:9b:38:8b:01:c3:
da:d1:91:8c:20:ae:f3:fe:bd:c2:79:36:32:54:3a:
c9:e4:d4:88:62:e4:00:33:10:86:3c:13:bb:94:d5:
a5:d1:e0:8c:ca:6c:7b:df:78:89:7d:e0:26:b4:4e:
e7:e6:67:2c:c6:c2:05:0f:82:72:64:0a:aa:64:e3:
af:26:a5:f7:d6:34:3c:df:82:7e:53:1d:08:d3:46:
f4:ca:e4:ce:4a:8f:a5:00:a5:ea:39:ea:62:19:f4:
64:d2:88:d5:a7:65:cd:a0:15:5f:22:c2:22:e8:dd:
24:a4:34:53:b0:77:47:c6:30:fd:a0:d5:f3:39:21:
43:2f:12:40:aa:44:55:4c:c5:45:9c:e1:88:3b:d3:
ed:f0:c7:32:8b:fa:85:2a:ce:4c:39:23:21:10:2a:
73:cf:14:06:b7:be:c9:90:a6:cf:a7:a8:88:7e:b6:
0f:c7:8b:a9:e6:bf:48:ec:97:cf:50:52:fa:56:23:
32:92:63:c3:d8:e9:51:b8:a8:89:ce:cf:5f:35:c1:
9a:99:b6:4e:68:77:0a:af:5c:9f:f6:de:49:aa:d4:
59:b5:40:0f:70:3f:99:68:3e:8d:8f:a1:07:3d:af:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B3:0F:55:46:F1:B0:73:54:9B:06:80:18:D3:3E:D1:C0:9A:F7:8F
X509v3 Authority Key Identifier:
keyid:A1:19:66:C5:AB:4E:A0:67:3C:C4:1C:78:6E:07:78:39:4B:8B:DA:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oRlmxatOoGc8xBx4bgd4OUuL2s8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/lbMPVUbxsHNUmwaAGNM-0cCa948.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/120e32-793c-4e23-9dd8-4a75a14121bf/1/oRlmxatOoGc8xBx4bgd4OUuL2s8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.108.0/22
45.135.200.0/22
91.218.64.0/22
IPv6:
2a04:e8c0::/29
2a0c:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
66:58:2e:02:5f:0f:53:b1:cf:81:ff:c7:ed:9f:6e:bb:46:40:
37:d9:58:98:a8:24:eb:49:c2:b1:ae:74:98:bc:b0:fc:4d:17:
3b:42:19:b4:f2:bc:78:e5:d7:06:69:36:a9:0d:3c:fc:48:78:
6f:d5:4c:bf:79:ec:15:9a:51:8c:b8:0c:a9:98:69:f5:22:be:
ac:7a:41:91:74:a3:6a:3f:40:40:17:b8:69:2e:94:bc:12:8a:
db:4c:57:3e:4f:23:f9:61:a8:03:c5:4b:54:7e:82:51:b7:e0:
21:3c:98:2b:65:64:17:b5:6f:34:14:e2:dc:32:c0:de:42:7d:
5e:00:5b:ee:51:7b:2b:05:ee:a9:5e:1b:a7:4c:a1:e5:ec:2f:
7c:ef:12:5c:1b:96:e2:ce:13:e5:7a:d5:fa:35:c2:c3:c3:72:
6a:91:6d:6b:1f:d4:cb:f2:0d:18:59:29:a1:8e:f9:4d:f5:e4:
ea:ea:f8:44:c5:69:62:4c:34:7d:82:d3:09:de:f8:1b:6a:35:
42:98:90:fd:e9:e0:68:67:c3:8d:00:29:14:c1:41:dc:4d:98:
e9:8b:6d:5c:d2:14:38:9f:7f:60:c6:ea:7f:1d:10:07:13:40:
3c:67:2a:00:cb:64:c3:a6:5e:aa:8d:c9:f9:1d:b1:32:60:46:
a7:50:59:bc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIECRDLlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MTE5NjZjNWFiNGVhMDY3M2NjNDFjNzg2ZTA3NzgzOTRiOGJkYWNmMB4XDTIyMDEw
MTExMDMyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTViMzBmNTU0NmYx
YjA3MzU0OWIwNjgwMThkMzNlZDFjMDlhZjc4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcplYZS9JyQXqY68BX1tbcDFFOJUBin+Js4iwHD2tGRjCCu
8/69wnk2MlQ6yeTUiGLkADMQhjwTu5TVpdHgjMpse994iX3gJrRO5+ZnLMbCBQ+C
cmQKqmTjryal99Y0PN+CflMdCNNG9MrkzkqPpQCl6jnqYhn0ZNKI1adlzaAVXyLC
IujdJKQ0U7B3R8Yw/aDV8zkhQy8SQKpEVUzFRZzhiDvT7fDHMov6hSrOTDkjIRAq
c88UBre+yZCmz6eoiH62D8eLqea/SOyXz1BS+lYjMpJjw9jpUbioic7PXzXBmpm2
Tmh3Cq9cn/beSarUWbVAD3A/mWg+jY+hBz2vst8CAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSVsw9VRvGwc1SbBoAY0z7RwJr3jzAfBgNVHSMEGDAWgBShGWbFq06gZzzE
HHhuB3g5S4vazzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29SbG14YXRPb0djOHhCeDRiZ2Q0T1V1TDJzOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjgvMTIwZTMyLTc5M2MtNGUyMy05ZGQ4LTRhNzVhMTQxMjFiZi8x
L2xiTVBWVWJ4c0hOVW13YUFHTk0tMGNDYTk0OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjgv
MTIwZTMyLTc5M2MtNGUyMy05ZGQ4LTRhNzVhMTQxMjFiZi8xL29SbG14YXRPb0dj
OHhCeDRiZ2Q0T1V1TDJzOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi1YbAMEAi2HyAMEAlvaQDAUBAIA
AjAOAwUDKgTowAMFAyoMdcAwDQYJKoZIhvcNAQELBQADggEBAGZYLgJfD1Oxz4H/
x+2fbrtGQDfZWJioJOtJwrGudJi8sPxNFztCGbTyvHjl1wZpNqkNPPxIeG/VTL95
7BWaUYy4DKmYafUivqx6QZF0o2o/QEAXuGkulLwSittMVz5PI/lhqAPFS1R+glG3
4CE8mCtlZBe1bzQU4twywN5CfV4AW+5ReysF7qleG6dMoeXsL3zvElwbluLOE+V6
1fo1wsPDcmqRbWsf1MvyDRhZKaGO+U315Orq+ETFaWJMNH2C0wne+BtqNUKYkP3p
4Ghnw40AKRTBQdxNmOmLbVzSFDiff2DG6n8dEAcTQDxnKgDLZMOmXqqNyfkdsTJg
RqdQWbw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:33 2024 by rpki-client on console-ams.rpki-client.org