Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LkElhc662Qa4m90AZup7XwXDiBs.roa
File: LkElhc662Qa4m90AZup7XwXDiBs.roa (raw, json)
Hash identifier: i7tYlT+aFmseWMVphmf33dIJKKUP/+wUYF7gwWBASbE=
Subject key identifier: 2E:41:25:85:CE:BA:D9:06:B8:9B:DD:00:66:EA:7B:5F:05:C3:88:1B
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 0182D05C352376425655ECA7B6A5437B9CA5
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LkElhc662Qa4m90AZup7XwXDiBs.roa
Signing time: Wed 24 Aug 2022 14:58:00 +0000
ROA not before: Wed 24 Aug 2022 14:58:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61138
IP address blocks: 80.71.230.0/24 maxlen: 24
80.71.228.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d0:5c:35:23:76:42:56:55:ec:a7:b6:a5:43:7b:9c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Aug 24 14:58:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e412585cebad906b89bdd0066ea7b5f05c3881b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:24:5c:de:06:b4:b4:6e:0d:19:b3:65:80:0e:
31:aa:48:87:ba:68:59:66:07:a7:fd:4c:40:fb:44:
80:2b:88:b3:66:9d:24:10:00:fd:fe:40:e3:e8:d7:
47:d8:d7:eb:e2:59:d8:51:26:c8:29:8f:9a:57:88:
a4:cf:bc:b7:90:fe:6f:c6:3d:9b:43:dc:c0:73:38:
dd:61:b0:de:81:5a:5b:9f:d2:3b:75:57:66:7f:73:
61:25:df:dc:1b:c0:37:c8:8b:8b:9b:f8:c6:91:fb:
34:ed:f9:1b:78:18:bc:5d:61:ec:c0:53:61:ac:03:
f1:4d:2e:4e:5f:54:3c:d9:ec:56:bf:ab:eb:2d:17:
5d:bd:ee:52:c6:91:5d:02:2d:dc:a5:ce:77:68:e0:
37:78:b5:2f:82:92:47:cd:97:5d:8f:ff:75:51:36:
64:a6:39:e1:79:0b:55:3d:85:0b:89:41:0c:65:58:
83:e6:f0:5f:96:1c:8b:01:1b:cd:0d:3f:aa:37:87:
ab:6a:51:3e:a3:dd:bd:06:b6:65:b5:17:46:a3:e6:
76:b3:1d:2f:1a:9f:62:86:ef:3b:20:f9:79:17:e7:
5b:f0:2d:46:f9:c8:70:e4:8b:0f:b0:68:c1:b8:4d:
24:2b:c2:fa:99:22:e7:41:61:48:11:94:f0:1a:b0:
73:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:41:25:85:CE:BA:D9:06:B8:9B:DD:00:66:EA:7B:5F:05:C3:88:1B
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/LkElhc662Qa4m90AZup7XwXDiBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.228.0/24
80.71.230.0/24
Signature Algorithm: sha256WithRSAEncryption
90:d7:22:bf:90:1f:03:42:d7:83:1f:2e:8a:e5:2a:2a:d0:e0:
eb:29:2f:23:e1:34:05:b0:93:7f:3c:e7:a9:6d:d5:eb:43:2e:
70:4e:65:db:60:ed:fe:a4:4e:d3:2f:33:6e:af:ef:41:71:94:
20:85:89:e2:ed:fa:ef:62:cf:34:3f:ae:23:14:34:7e:fe:6e:
58:7c:4a:0b:ed:59:fe:bf:a7:9c:b6:3b:f1:60:e5:29:40:a3:
f3:8a:48:bd:90:fe:c1:f7:c7:10:ef:64:17:ae:89:12:10:5f:
e5:ef:64:af:b6:de:5b:52:c4:f4:c4:d8:0c:35:3e:16:99:7f:
74:ce:8e:eb:ab:af:6e:82:c3:a5:e5:6a:b7:70:f2:18:ce:ad:
79:43:a4:ee:4b:42:c8:9a:d1:09:5c:6c:cf:3f:07:bd:55:38:
4e:c1:89:34:d3:99:b7:06:68:bf:3e:ce:36:cb:0d:de:f6:86:
38:f8:4b:4e:7d:74:13:16:73:b6:ff:10:99:8b:ca:43:fd:16:
61:32:33:de:b1:19:1a:a6:5a:68:ba:96:91:03:4d:af:89:71:
5b:de:01:9c:71:2c:0d:8b:a4:d6:65:7b:da:ac:64:7d:bd:50:
9e:2d:6d:ba:d4:7e:14:83:2e:1c:ea:09:51:b0:54:56:a8:25:
ed:60:94:65
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYLQXDUjdkJWVeyntqVDe5ylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjIwODI0MTQ1ODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQxMjU4NWNlYmFkOTA2Yjg5YmRkMDA2NmVhN2I1ZjA1YzM4ODFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyRc3ga0tG4NGbNlgA4xqkiHumhZ
Zgen/UxA+0SAK4izZp0kEAD9/kDj6NdH2Nfr4lnYUSbIKY+aV4ikz7y3kP5vxj2b
Q9zAczjdYbDegVpbn9I7dVdmf3NhJd/cG8A3yIuLm/jGkfs07fkbeBi8XWHswFNh
rAPxTS5OX1Q82exWv6vrLRddve5SxpFdAi3cpc53aOA3eLUvgpJHzZddj/91UTZk
pjnheQtVPYULiUEMZViD5vBflhyLARvNDT+qN4eralE+o929BrZltRdGo+Z2sx0v
Gp9ihu87IPl5F+db8C1G+chw5IsPsGjBuE0kK8L6mSLnQWFIEZTwGrBzMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFC5BJYXOutkGuJvdAGbqe18Fw4gbMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvTGtFbGhjNjYyUWE0bTkwQVp1cDdYd1hEaUJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEfkAwQA
UEfmMA0GCSqGSIb3DQEBCwUAA4IBAQCQ1yK/kB8DQteDHy6K5Soq0ODrKS8j4TQF
sJN/POepbdXrQy5wTmXbYO3+pE7TLzNur+9BcZQghYni7frvYs80P64jFDR+/m5Y
fEoL7Vn+v6ectjvxYOUpQKPziki9kP7B98cQ72QXrokSEF/l72Svtt5bUsT0xNgM
NT4WmX90zo7rq69ugsOl5Wq3cPIYzq15Q6TuS0LImtEJXGzPPwe9VThOwYk005m3
Bmi/Ps42yw3e9oY4+EtOfXQTFnO2/xCZi8pD/RZhMjPesRkaplpoupaRA02viXFb
3gGccSwNi6TWZXvarGR9vVCeLW261H4Ugy4c6glRsFRWqCXtYJRl
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org