Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/Lfke10Wgdcu4f7sNYtuuBfwjTm8.roa
File: Lfke10Wgdcu4f7sNYtuuBfwjTm8.roa (raw, json)
Hash identifier: p6FE1D+NsMtAMX//3qwX0AL6HTnr1sw0MqwBkQaNjvk=
Subject key identifier: 2D:F9:1E:D7:45:A0:75:CB:B8:7F:BB:0D:62:DB:AE:05:FC:23:4E:6F
Certificate issuer: /CN=b79220a805e4378547e43bac731ce86fe01145c7
Certificate serial: 0A8CB232
Authority key identifier: B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/Lfke10Wgdcu4f7sNYtuuBfwjTm8.roa
Signing time: Sat 01 Jan 2022 13:02:40 +0000
ROA not before: Sat 01 Jan 2022 13:02:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9121
IP address blocks: 83.66.0.0/16 maxlen: 24
62.29.0.0/17 maxlen: 24
31.200.0.0/17 maxlen: 24
213.243.0.0/18 maxlen: 24
94.120.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 176992818 (0xa8cb232)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b79220a805e4378547e43bac731ce86fe01145c7
Validity
Not Before: Jan 1 13:02:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2df91ed745a075cbb87fbb0d62dbae05fc234e6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7b:5c:49:14:2a:ef:d1:05:87:d3:dc:48:e7:
35:a9:b2:b7:6d:6d:0a:50:43:57:a5:c1:29:bb:74:
ab:6f:bc:5e:13:b4:08:fd:b1:c9:67:cf:a8:f9:64:
59:c0:3c:48:4e:eb:9d:4b:bc:57:c6:cc:e7:4f:14:
d1:d3:e3:bf:8c:a1:85:92:cb:a5:34:73:2c:0d:fc:
b9:81:32:3e:09:97:f2:7b:02:40:98:a5:73:d8:5f:
50:17:a7:a2:fe:f4:6c:dc:d6:70:b2:9e:39:dd:50:
83:1d:13:9e:39:5c:25:6d:c6:85:24:d6:6c:be:69:
1b:a8:11:df:dd:ee:49:32:32:80:13:78:f3:89:08:
80:e1:26:5f:58:5d:45:e9:6e:86:f9:7d:05:9b:2e:
b2:fb:62:05:6f:e7:b3:71:4c:41:e9:16:0b:5e:a7:
9a:85:17:28:30:9d:45:8e:f7:b7:db:cf:c4:67:b1:
32:7a:ee:6a:43:7b:48:db:77:0e:86:41:a5:5c:c3:
4a:bb:60:78:a8:f3:9d:ce:6a:f4:89:30:1e:00:c5:
dc:1b:dd:88:36:6d:c8:af:48:3f:b2:4f:81:96:9c:
85:0c:70:af:59:de:4b:05:d9:89:13:3a:45:40:7e:
50:4e:df:50:52:3b:33:d4:62:02:af:e3:f4:12:43:
90:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F9:1E:D7:45:A0:75:CB:B8:7F:BB:0D:62:DB:AE:05:FC:23:4E:6F
X509v3 Authority Key Identifier:
keyid:B7:92:20:A8:05:E4:37:85:47:E4:3B:AC:73:1C:E8:6F:E0:11:45:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t5IgqAXkN4VH5Duscxzob-ARRcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/Lfke10Wgdcu4f7sNYtuuBfwjTm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/e7f884-cf7b-491c-9ed9-423afc2b68b8/1/t5IgqAXkN4VH5Duscxzob-ARRcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.200.0.0/17
62.29.0.0/17
83.66.0.0/16
94.120.0.0/14
213.243.0.0/18
Signature Algorithm: sha256WithRSAEncryption
ab:7f:8c:31:ce:b0:cf:72:20:a6:d9:7c:a4:4f:06:04:88:dc:
d2:5b:2d:f5:77:4a:21:a2:c6:f6:32:7a:cd:a5:12:be:16:e6:
7a:1e:af:25:cb:5d:fd:69:42:9c:ca:ab:09:46:9b:25:5d:da:
e9:fa:a4:4d:13:7b:9c:20:69:77:5d:62:83:19:f8:8d:0a:b4:
01:5e:ce:6a:30:75:87:bf:94:a0:7b:9a:81:d8:11:cb:0f:9d:
d0:e6:62:d2:39:0e:f5:7f:07:e4:da:7b:a9:13:76:79:6b:82:
4f:03:75:fe:f9:67:8f:9d:30:fe:b7:74:4f:1a:cb:7c:dc:20:
0e:c4:70:38:c7:3f:51:ca:3c:73:66:9d:91:8f:c2:d3:a4:81:
48:b1:90:ba:a4:bb:b8:61:59:d8:f6:77:34:a1:b1:f6:c2:e4:
b0:f4:a8:8b:20:56:27:ab:49:2a:3c:b1:3d:7d:b1:de:0d:14:
dd:38:2c:3c:1e:c9:1b:7b:3b:0f:dc:9f:75:16:ce:42:49:f5:
6f:66:71:3c:0f:d8:c2:87:c7:b0:43:61:9e:58:b9:39:01:90:
5f:9f:0c:f6:16:84:28:c1:40:1d:36:30:3c:08:28:97:85:f8:
d1:be:12:44:23:77:36:00:5b:4c:dc:16:45:2d:35:a7:90:98:
74:d7:bb:51
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIECoyyMjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzkyMjBhODA1ZTQzNzg1NDdlNDNiYWM3MzFjZTg2ZmUwMTE0NWM3MB4XDTIyMDEw
MTEzMDI0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRmOTFlZDc0NWEw
NzVjYmI4N2ZiYjBkNjJkYmFlMDVmYzIzNGU2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALh7XEkUKu/RBYfT3EjnNamyt21tClBDV6XBKbt0q2+8XhO0
CP2xyWfPqPlkWcA8SE7rnUu8V8bM508U0dPjv4yhhZLLpTRzLA38uYEyPgmX8nsC
QJilc9hfUBenov70bNzWcLKeOd1Qgx0TnjlcJW3GhSTWbL5pG6gR393uSTIygBN4
84kIgOEmX1hdReluhvl9BZsusvtiBW/ns3FMQekWC16nmoUXKDCdRY73t9vPxGex
MnruakN7SNt3DoZBpVzDSrtgeKjznc5q9IkwHgDF3BvdiDZtyK9IP7JPgZachQxw
r1neSwXZiRM6RUB+UE7fUFI7M9RiAq/j9BJDkOMCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBQt+R7XRaB1y7h/uw1i264F/CNObzAfBgNVHSMEGDAWgBS3kiCoBeQ3hUfk
O6xzHOhv4BFFxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Q1SWdxQVhrTjRWSDVEdXNjeHpvYi1BUlJjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmEvZTdmODg0LWNmN2ItNDkxYy05ZWQ5LTQyM2FmYzJiNjhiOC8x
L0xma2UxMFdnZGN1NGY3c05ZdHV1QmZ3alRtOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmEv
ZTdmODg0LWNmN2ItNDkxYy05ZWQ5LTQyM2FmYzJiNjhiOC8xL3Q1SWdxQVhrTjRW
SDVEdXNjeHpvYi1BUlJjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwIgQCAAEwHAMEBx/IAAMEBz4dAAMDAFNCAwMCXngD
BAbV8wAwDQYJKoZIhvcNAQELBQADggEBAKt/jDHOsM9yIKbZfKRPBgSI3NJbLfV3
SiGixvYyes2lEr4W5noeryXLXf1pQpzKqwlGmyVd2un6pE0Te5wgaXddYoMZ+I0K
tAFezmowdYe/lKB7moHYEcsPndDmYtI5DvV/B+Tae6kTdnlrgk8Ddf75Z4+dMP63
dE8ay3zcIA7EcDjHP1HKPHNmnZGPwtOkgUixkLqku7hhWdj2dzShsfbC5LD0qIsg
VierSSo8sT19sd4NFN04LDweyRt7Ow/cn3UWzkJJ9W9mcTwP2MKHx7BDYZ5YuTkB
kF+fDPYWhCjBQB02MDwIKJeF+NG+EkQjdzYAW0zcFkUtNaeQmHTXu1E=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:27 2023 by rpki-client on console-fra.rpki-client.org