Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/lWbB8CNRgM3TKTyIilV7yK4uNug.roa
File: lWbB8CNRgM3TKTyIilV7yK4uNug.roa (raw, json)
Hash identifier: r58JVlX303pklnD/lwU2fQurhg6esX54xGdZyLH1Ftw=
Subject key identifier: 95:66:C1:F0:23:51:80:CD:D3:29:3C:88:8A:55:7B:C8:AE:2E:36:E8
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 01840FB3CC5DBD09A224516C0ACF3AC117CD
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/lWbB8CNRgM3TKTyIilV7yK4uNug.roa
Signing time: Tue 25 Oct 2022 15:12:32 +0000
ROA not before: Tue 25 Oct 2022 15:12:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198440
IP address blocks: 185.102.148.0/22 maxlen: 22
37.48.224.0/24 maxlen: 24
37.48.229.0/24 maxlen: 24
37.48.230.0/24 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
188.74.64.0/19 maxlen: 24
217.168.248.0/21 maxlen: 21
2a05:87c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0f:b3:cc:5d:bd:09:a2:24:51:6c:0a:cf:3a:c1:17:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Oct 25 15:12:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9566c1f0235180cdd3293c888a557bc8ae2e36e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3d:27:e7:9a:93:db:be:06:70:85:b5:a8:5c:
44:f5:aa:6d:88:6b:ce:3e:b9:8b:04:f0:d7:c1:be:
1f:98:00:14:7d:d1:c2:de:bd:46:80:6e:0b:0f:97:
1f:48:1c:cf:d0:b0:1b:d8:cb:b7:fd:b9:5d:12:2b:
66:bb:4b:d3:d4:1a:81:52:60:93:5c:36:93:8f:9a:
ef:59:57:6c:5a:db:80:28:6c:33:d3:6f:9e:96:8e:
fc:31:8d:c6:38:5d:dc:00:ff:7b:2e:f8:41:9b:0a:
99:70:48:4d:70:16:24:bc:c2:a0:61:24:b9:b0:58:
04:c3:4e:4e:40:20:1f:10:a2:9f:c6:df:ae:38:49:
10:d7:75:42:60:f1:59:73:8c:21:ef:34:64:be:2e:
e2:a8:7b:55:a2:ec:b1:09:96:21:df:7e:8b:35:35:
b3:5e:66:66:7a:a7:ef:3c:a2:4c:68:f8:37:0a:9a:
39:d8:8f:60:ab:8a:e9:74:a8:f0:ba:73:a2:fd:f8:
ca:50:9c:9c:a1:9b:44:62:ac:99:39:c5:00:d1:f0:
58:b7:09:e6:a0:ff:47:0d:10:c1:5a:a8:27:4c:09:
d8:b0:f2:66:e0:dc:24:60:fe:5a:0c:2f:de:36:df:
0a:9a:9a:e4:57:02:60:54:72:bc:fc:ff:44:87:d5:
30:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:66:C1:F0:23:51:80:CD:D3:29:3C:88:8A:55:7B:C8:AE:2E:36:E8
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/lWbB8CNRgM3TKTyIilV7yK4uNug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.48.224.0/24
37.48.229.0-37.48.230.255
62.64.128.0-62.64.139.255
185.102.148.0/22
188.74.64.0/19
217.168.248.0/21
IPv6:
2a05:87c0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:29:75:57:54:b9:56:b4:10:34:df:2b:ce:7b:b7:7d:f8:de:
da:d2:b4:79:c3:60:c2:ff:a0:36:92:02:b9:f5:f5:cc:2b:e6:
02:8a:b1:7f:a6:1c:62:4b:95:03:8a:41:99:bc:92:4a:69:7c:
bd:c9:45:d3:44:3d:58:fa:13:2b:eb:21:d1:ba:5a:63:53:53:
3f:73:fc:10:4d:82:c8:a7:71:44:35:51:29:0d:11:66:84:42:
2c:27:73:e7:2e:2e:47:7b:c8:c7:94:5a:31:1d:88:8e:e1:cf:
cf:90:43:bd:d5:1b:57:6d:e7:41:72:cc:b6:44:02:52:2f:bf:
38:fa:15:ff:33:3b:97:b2:cc:5a:db:ce:0c:29:ae:c0:09:40:
93:54:12:90:b5:3e:ea:53:3e:16:09:65:e2:c1:25:a1:cf:42:
33:81:48:e8:60:95:c8:ec:09:c1:c5:37:ef:2e:a7:c4:fd:9f:
d5:9d:a4:2e:04:83:8a:17:16:d1:3d:ff:b2:63:9d:9c:39:f5:
a8:8b:16:6a:94:16:6c:ab:3e:d5:7f:1a:d7:e3:db:e1:ea:1d:
83:fd:7b:1e:f0:96:d4:41:c4:98:5d:c0:fe:b1:73:0c:e8:81:
24:4f:19:a1:0e:45:54:a8:3d:73:e0:73:d2:f9:00:1f:22:bf:
24:0f:2e:17
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYQPs8xdvQmiJFFsCs86wRfNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjIxMDI1MTUxMjMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY2YzFmMDIzNTE4MGNkZDMyOTNjODg4YTU1N2JjOGFlMmUzNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgj0n55qT274GcIW1qFxE9aptiGvO
PrmLBPDXwb4fmAAUfdHC3r1GgG4LD5cfSBzP0LAb2Mu3/bldEitmu0vT1BqBUmCT
XDaTj5rvWVdsWtuAKGwz02+elo78MY3GOF3cAP97LvhBmwqZcEhNcBYkvMKgYSS5
sFgEw05OQCAfEKKfxt+uOEkQ13VCYPFZc4wh7zRkvi7iqHtVouyxCZYh336LNTWz
XmZmeqfvPKJMaPg3Cpo52I9gq4rpdKjwunOi/fjKUJycoZtEYqyZOcUA0fBYtwnm
oP9HDRDBWqgnTAnYsPJm4NwkYP5aDC/eNt8KmprkVwJgVHK8/P9Eh9UwdQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFJVmwfAjUYDN0yk8iIpVe8iuLjboMB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvbFdiQjhDTlJnTTNUS1R5SWlsVjd5SzR1TnVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQAJTDgMAwD
BAAlMOUDBAAlMOYwDAMEBz5AgAMEAj5AiAMEArlmlAMEBbxKQAMEA9mo+DANBAIA
AjAHAwUDKgWHwDANBgkqhkiG9w0BAQsFAAOCAQEACil1V1S5VrQQNN8rznu3ffje
2tK0ecNgwv+gNpICufX1zCvmAoqxf6YcYkuVA4pBmbySSml8vclF00Q9WPoTK+sh
0bpaY1NTP3P8EE2CyKdxRDVRKQ0RZoRCLCdz5y4uR3vIx5RaMR2IjuHPz5BDvdUb
V23nQXLMtkQCUi+/OPoV/zM7l7LMWtvODCmuwAlAk1QSkLU+6lM+Fgll4sEloc9C
M4FI6GCVyOwJwcU37y6nxP2f1Z2kLgSDihcW0T3/smOdnDn1qIsWapQWbKs+1X8a
1+Pb4eodg/17HvCW1EHEmF3A/rFzDOiBJE8ZoQ5FVKg9c+Bz0vkAHyK/JA8uFw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:55 2024 by rpki-client on console-fra.rpki-client.org