Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/L9iaFcMg7PZGYQ4SUgi20d0lIcs.roa
File: L9iaFcMg7PZGYQ4SUgi20d0lIcs.roa (raw, json)
Hash identifier: Xg+6WV9PQHB8xJuLRDJiN8pMD5VMHHIyRSNVwwE6ZsY=
Subject key identifier: 2F:D8:9A:15:C3:20:EC:F6:46:61:0E:12:52:08:B6:D1:DD:25:21:CB
Certificate issuer: /CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Certificate serial: 0B2D01D6
Authority key identifier: 10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/L9iaFcMg7PZGYQ4SUgi20d0lIcs.roa
Signing time: Sat 01 Jan 2022 08:02:39 +0000
ROA not before: Sat 01 Jan 2022 08:02:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57948
IP address blocks: 185.70.44.0/24 maxlen: 24
185.70.45.0/24 maxlen: 24
185.70.46.0/24 maxlen: 24
185.70.47.0/24 maxlen: 24
91.236.244.0/24 maxlen: 24
91.236.245.0/24 maxlen: 24
171.25.229.0/24 maxlen: 24
2a05:2600::/32 maxlen: 32
2a05:2603::/32 maxlen: 32
2a05:2605::/32 maxlen: 32
2a05:2600::/29 maxlen: 29
2a05:2602::/32 maxlen: 32
2a05:2606::/32 maxlen: 32
2a05:2601::/32 maxlen: 32
2a05:2607::/32 maxlen: 32
2a05:2604::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 187498966 (0xb2d01d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=10a8c6e9308bb00083100171e00dbb6140f4f580
Validity
Not Before: Jan 1 08:02:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fd89a15c320ecf646610e125208b6d1dd2521cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:1c:69:ca:90:9b:3e:5c:e8:1a:d6:75:7a:0e:
65:0b:ae:35:69:d6:b4:46:54:62:23:b5:72:a3:51:
fd:31:ed:e2:4f:d9:99:e5:b6:1c:0e:b9:47:97:a4:
21:14:89:2d:71:a8:37:10:8b:2b:80:01:7d:fa:3d:
e6:09:63:61:d0:31:f6:53:2f:3f:b1:18:77:d6:cf:
4a:5b:66:2e:3d:cb:3d:ad:37:56:23:46:dc:6c:07:
b3:09:c8:c8:32:33:32:64:93:9d:12:4c:3c:ea:4a:
87:fc:0e:c2:f1:ed:bd:70:e6:98:ee:31:bc:ca:53:
7a:de:24:f6:1e:ee:19:96:62:81:55:12:fe:1f:7e:
49:54:7d:a4:24:c8:9a:1a:84:12:e1:b8:87:23:fd:
09:f6:4a:f5:b3:58:b7:ed:04:3f:9a:37:94:11:46:
f3:0f:b9:03:6d:6c:27:de:9a:4c:39:38:41:06:58:
71:b4:f5:7f:9a:88:5c:e0:5f:f7:76:22:c1:23:e8:
29:ad:14:f9:79:09:c7:f1:b5:28:6a:b6:fd:61:e9:
fb:d1:5b:a8:b7:0a:4d:bb:cf:fc:bd:d8:93:0b:9f:
57:d2:76:68:31:ab:14:59:36:51:c1:4c:8f:73:44:
ed:bf:ee:12:75:c8:c3:33:54:56:b6:ca:13:3f:fc:
ab:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D8:9A:15:C3:20:EC:F6:46:61:0E:12:52:08:B6:D1:DD:25:21:CB
X509v3 Authority Key Identifier:
keyid:10:A8:C6:E9:30:8B:B0:00:83:10:01:71:E0:0D:BB:61:40:F4:F5:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EKjG6TCLsACDEAFx4A27YUD09YA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/L9iaFcMg7PZGYQ4SUgi20d0lIcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/237947-70c2-4661-a36f-6b497b2c0b38/1/EKjG6TCLsACDEAFx4A27YUD09YA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.244.0/23
171.25.229.0/24
185.70.44.0/22
IPv6:
2a05:2600::/29
Signature Algorithm: sha256WithRSAEncryption
3d:cc:1a:ad:a8:b7:53:aa:23:f5:d5:f8:12:e0:5b:6d:7a:99:
93:3a:d7:7f:a7:46:44:c6:9e:f0:92:6d:a7:8e:60:c2:fd:8d:
6b:30:3f:7c:86:78:cb:12:ff:54:31:1e:8f:d3:45:f2:49:5f:
37:ab:c9:0f:44:41:48:e7:6b:69:b2:7f:b7:bd:71:8b:0c:30:
61:d8:b4:61:92:29:dc:98:7e:84:57:2b:dd:85:ba:c3:fb:3e:
6b:ff:21:05:36:38:1f:58:62:b1:ec:04:41:26:64:70:d6:13:
4f:9f:98:7b:4b:41:42:d8:d7:61:a7:53:be:50:15:b1:a9:c6:
c4:35:19:09:d8:55:58:00:66:df:07:3e:0b:98:f8:ef:c2:83:
82:07:27:a8:5c:e3:53:e6:8f:52:be:2c:04:88:de:24:ab:61:
27:6f:c3:55:d3:aa:39:08:3d:a6:eb:99:a5:5d:5f:1c:4c:5c:
38:25:6c:52:64:ba:f8:2c:e6:5b:90:5b:d0:5a:62:96:42:69:
99:65:da:4a:27:c5:ec:51:f1:bf:df:85:c9:a5:36:59:d6:14:
43:56:4c:97:5a:10:b6:29:5f:ec:1d:f0:1f:8b:3b:10:72:3c:
df:55:0c:eb:b0:ae:02:1a:a2:fe:92:16:9e:bc:ac:b0:5f:a9:
88:dd:6a:e8
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECy0B1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
MGE4YzZlOTMwOGJiMDAwODMxMDAxNzFlMDBkYmI2MTQwZjRmNTgwMB4XDTIyMDEw
MTA4MDIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZkODlhMTVjMzIw
ZWNmNjQ2NjEwZTEyNTIwOGI2ZDFkZDI1MjFjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPUcacqQmz5c6BrWdXoOZQuuNWnWtEZUYiO1cqNR/THt4k/Z
meW2HA65R5ekIRSJLXGoNxCLK4ABffo95gljYdAx9lMvP7EYd9bPSltmLj3LPa03
ViNG3GwHswnIyDIzMmSTnRJMPOpKh/wOwvHtvXDmmO4xvMpTet4k9h7uGZZigVUS
/h9+SVR9pCTImhqEEuG4hyP9CfZK9bNYt+0EP5o3lBFG8w+5A21sJ96aTDk4QQZY
cbT1f5qIXOBf93YiwSPoKa0U+XkJx/G1KGq2/WHp+9FbqLcKTbvP/L3YkwufV9J2
aDGrFFk2UcFMj3NE7b/uEnXIwzNUVrbKEz/8q5cCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQv2JoVwyDs9kZhDhJSCLbR3SUhyzAfBgNVHSMEGDAWgBQQqMbpMIuwAIMQ
AXHgDbthQPT1gDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0VLakc2VENMc0FDREVBRng0QTI3WVVEMDlZQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODEvMjM3OTQ3LTcwYzItNDY2MS1hMzZmLTZiNDk3YjJjMGIzOC8x
L0w5aWFGY01nN1BaR1lRNFNVZ2kyMGQwbEljcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEv
MjM3OTQ3LTcwYzItNDY2MS1hMzZmLTZiNDk3YjJjMGIzOC8xL0VLakc2VENMc0FD
REVBRng0QTI3WVVEMDlZQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAVvs9AMEAKsZ5QMEArlGLDANBAIA
AjAHAwUDKgUmADANBgkqhkiG9w0BAQsFAAOCAQEAPcwarai3U6oj9dX4EuBbbXqZ
kzrXf6dGRMae8JJtp45gwv2NazA/fIZ4yxL/VDEej9NF8klfN6vJD0RBSOdrabJ/
t71xiwwwYdi0YZIp3Jh+hFcr3YW6w/s+a/8hBTY4H1hisewEQSZkcNYTT5+Ye0tB
QtjXYadTvlAVsanGxDUZCdhVWABm3wc+C5j478KDggcnqFzjU+aPUr4sBIjeJKth
J2/DVdOqOQg9puuZpV1fHExcOCVsUmS6+CzmW5Bb0FpilkJpmWXaSifF7FHxv9+F
yaU2WdYUQ1ZMl1oQtilf7B3wH4s7EHI831UM67CuAhqi/pIWnryssF+piN1q6A==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:16 2023 by rpki-client on console-ams.rpki-client.org