Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/kLtZvrjs5LiqG5RczlBB5fngfQE.roa
File: kLtZvrjs5LiqG5RczlBB5fngfQE.roa (raw, json)
Hash identifier: 6eW2CqfO9iNUhvs/ylwxd0bGzMZp3Q5Ii95yuN+qbtw=
Subject key identifier: 90:BB:59:BE:B8:EC:E4:B8:AA:1B:94:5C:CE:50:41:E5:F9:E0:7D:01
Certificate issuer: /CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426
Certificate serial: 0F2FE64A
Authority key identifier: D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/kLtZvrjs5LiqG5RczlBB5fngfQE.roa
Signing time: Sat 01 Jan 2022 07:01:11 +0000
ROA not before: Sat 01 Jan 2022 07:01:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206102
IP address blocks: 152.89.136.0/24 maxlen: 24
152.89.139.0/24 maxlen: 24
152.89.138.0/24 maxlen: 24
152.89.137.0/24 maxlen: 24
185.195.97.0/24 maxlen: 24
185.195.96.0/24 maxlen: 24
185.195.96.0/23 maxlen: 23
185.195.98.0/23 maxlen: 23
185.195.98.0/24 maxlen: 24
185.195.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254797386 (0xf2fe64a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f90449509ebf9e3b0f42c1cdc22e3ef4007426
Validity
Not Before: Jan 1 07:01:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=90bb59beb8ece4b8aa1b945cce5041e5f9e07d01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:de:92:30:6f:83:12:33:a2:88:05:ad:23:06:
76:8e:7f:b9:20:0f:36:84:65:20:db:76:f2:6e:3f:
ec:e6:69:32:9a:cf:4c:92:31:45:d5:c6:09:12:80:
73:90:70:5f:4d:a5:03:9d:52:81:48:f1:a5:97:30:
f0:a4:7f:29:49:ec:6e:bd:b1:70:00:69:df:11:89:
44:88:12:59:76:24:89:96:10:71:95:e7:68:95:89:
20:ef:45:65:ee:16:e2:f6:ec:92:70:d6:74:37:e4:
7d:19:f4:5b:62:3f:88:94:8b:6a:c4:2f:43:64:2f:
78:b9:0a:f8:f5:c0:02:c8:32:b7:9b:19:91:68:a9:
54:05:c2:ed:df:27:11:8a:23:a1:20:24:70:68:c1:
0e:b1:f5:da:a3:58:bb:f5:ea:f2:65:23:c1:7b:46:
0b:73:a3:56:77:6e:1b:d4:5e:2d:a8:7d:b0:95:06:
3b:4c:ab:0b:60:11:68:81:da:fd:a5:f9:28:1a:17:
91:c8:0d:dc:b6:c8:d3:3b:78:0f:e5:c2:2d:53:eb:
0a:4f:e3:07:c8:0b:72:0a:4c:84:a5:fe:a0:ce:45:
b3:93:e5:b9:b7:b6:58:47:81:41:bb:99:fe:1f:83:
de:ff:46:53:38:45:fa:16:7c:5a:bf:2b:aa:86:be:
c1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BB:59:BE:B8:EC:E4:B8:AA:1B:94:5C:CE:50:41:E5:F9:E0:7D:01
X509v3 Authority Key Identifier:
keyid:D9:F9:04:49:50:9E:BF:9E:3B:0F:42:C1:CD:C2:2E:3E:F4:00:74:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fkESVCev547D0LBzcIuPvQAdCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/kLtZvrjs5LiqG5RczlBB5fngfQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/9c5cef-d4e4-44e1-abf5-bb48828c9f05/1/2fkESVCev547D0LBzcIuPvQAdCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.136.0/22
185.195.96.0/22
Signature Algorithm: sha256WithRSAEncryption
12:34:00:8c:ec:c8:77:99:2b:49:a6:8c:6f:b5:1c:71:57:6d:
d0:94:d0:96:7e:a5:a7:3c:89:49:0b:ad:b6:09:c0:cb:ac:ed:
e1:54:a1:b6:73:9c:4f:ff:54:69:33:5b:1d:da:f1:4b:ca:6f:
fc:7b:f1:e9:64:aa:8a:88:21:08:62:6b:03:9b:4f:98:e4:2b:
f9:36:2b:4e:7b:5e:2c:3f:b9:c0:60:d3:3c:c5:15:12:0f:5f:
6b:b5:0a:8d:a6:df:8d:71:a5:59:6e:8a:e4:a4:57:62:2a:19:
1b:17:a8:0a:6f:12:89:73:ca:5a:cb:84:4b:1e:66:9b:d0:38:
ff:f8:aa:24:ab:4b:54:c3:90:a8:81:38:87:4f:44:e5:6d:a7:
bf:fe:e8:d8:e6:6c:9e:b2:f8:ac:51:f6:ca:33:a6:8a:1b:16:
5c:0b:a3:7c:ed:1b:8d:ec:b5:87:5e:63:94:1b:f4:16:a7:77:
71:84:42:0e:89:ef:92:5d:a8:cf:76:2c:1e:cf:bb:11:74:8a:
72:8c:dc:6a:34:62:f3:d7:1d:d4:5f:d0:77:3f:31:c9:f2:86:
05:33:cc:27:3e:2e:38:68:d3:57:73:78:c4:5c:9a:c8:86:23:
d0:f0:f2:45:fa:c8:76:b1:64:e6:91:59:55:4d:93:53:3a:f0:
04:12:88:dc
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDy/mSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
OWY5MDQ0OTUwOWViZjllM2IwZjQyYzFjZGMyMmUzZWY0MDA3NDI2MB4XDTIyMDEw
MTA3MDExMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTBiYjU5YmViOGVj
ZTRiOGFhMWI5NDVjY2U1MDQxZTVmOWUwN2QwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKfekjBvgxIzoogFrSMGdo5/uSAPNoRlINt28m4/7OZpMprP
TJIxRdXGCRKAc5BwX02lA51SgUjxpZcw8KR/KUnsbr2xcABp3xGJRIgSWXYkiZYQ
cZXnaJWJIO9FZe4W4vbsknDWdDfkfRn0W2I/iJSLasQvQ2QveLkK+PXAAsgyt5sZ
kWipVAXC7d8nEYojoSAkcGjBDrH12qNYu/Xq8mUjwXtGC3OjVnduG9ReLah9sJUG
O0yrC2ARaIHa/aX5KBoXkcgN3LbI0zt4D+XCLVPrCk/jB8gLcgpMhKX+oM5Fs5Pl
ube2WEeBQbuZ/h+D3v9GUzhF+hZ8Wr8rqoa+wecCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSQu1m+uOzkuKoblFzOUEHl+eB9ATAfBgNVHSMEGDAWgBTZ+QRJUJ6/njsP
QsHNwi4+9AB0JjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJma0VTVkNldjU0N0QwTEJ6Y0l1UHZRQWRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvOWM1Y2VmLWQ0ZTQtNDRlMS1hYmY1LWJiNDg4MjhjOWYwNS8x
L2tMdFp2cmpzNUxpcUc1UmN6bEJCNWZuZ2ZRRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
OWM1Y2VmLWQ0ZTQtNDRlMS1hYmY1LWJiNDg4MjhjOWYwNS8xLzJma0VTVkNldjU0
N0QwTEJ6Y0l1UHZRQWRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAphZiAMEArnDYDANBgkqhkiG9w0B
AQsFAAOCAQEAEjQAjOzId5krSaaMb7UccVdt0JTQln6lpzyJSQuttgnAy6zt4VSh
tnOcT/9UaTNbHdrxS8pv/Hvx6WSqioghCGJrA5tPmOQr+TYrTnteLD+5wGDTPMUV
Eg9fa7UKjabfjXGlWW6K5KRXYioZGxeoCm8SiXPKWsuESx5mm9A4//iqJKtLVMOQ
qIE4h09E5W2nv/7o2OZsnrL4rFH2yjOmihsWXAujfO0bjey1h15jlBv0Fqd3cYRC
Donvkl2oz3YsHs+7EXSKcozcajRi89cd1F/Qdz8xyfKGBTPMJz4uOGjTV3N4xFya
yIYj0PDyRfrIdrFk5pFZVU2TUzrwBBKI3A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:47 2023 by rpki-client on console-fra.rpki-client.org