Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/61e440-62d4-43be-96d3-c529b6a3e71a/1/LgxYdAilxOBRah91db337P_lNnI.roa
File: LgxYdAilxOBRah91db337P_lNnI.roa (raw, json)
Hash identifier: 4vJL15YMrfLFirjs9eZLttaGfuxykihlhpiB8KQ0yTs=
Subject key identifier: 2E:0C:58:74:08:A5:C4:E0:51:6A:1F:75:75:BD:F7:EC:FF:E5:36:72
Certificate issuer: /CN=e0932fa9ea67db9100bf2ea93628fa4557d4c794
Certificate serial: 04213EC6
Authority key identifier: E0:93:2F:A9:EA:67:DB:91:00:BF:2E:A9:36:28:FA:45:57:D4:C7:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JMvqepn25EAvy6pNij6RVfUx5Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/61e440-62d4-43be-96d3-c529b6a3e71a/1/LgxYdAilxOBRah91db337P_lNnI.roa
Signing time: Sat 01 Jan 2022 06:04:31 +0000
ROA not before: Sat 01 Jan 2022 06:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34412
IP address blocks: 185.49.231.0/24 maxlen: 24
185.226.143.0/24 maxlen: 24
185.226.140.0/24 maxlen: 24
185.226.141.0/24 maxlen: 24
185.226.142.0/24 maxlen: 24
31.25.90.0/24 maxlen: 24
31.25.91.0/24 maxlen: 24
2a10:5740:1::/48 maxlen: 48
2a10:5740:2::/48 maxlen: 48
2a10:5740::/48 maxlen: 48
2a10:5740:3::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69287622 (0x4213ec6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0932fa9ea67db9100bf2ea93628fa4557d4c794
Validity
Not Before: Jan 1 06:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e0c587408a5c4e0516a1f7575bdf7ecffe53672
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b6:92:87:3c:a6:d5:38:37:86:8b:c8:75:13:
a8:70:ce:12:9b:24:0e:cf:8f:8c:9d:a3:fb:a3:f9:
06:01:11:9b:89:e5:53:d6:4a:42:a9:cc:9c:f9:d4:
a3:d7:63:0e:d4:15:85:00:2c:5e:a5:fe:a7:39:31:
92:e6:91:88:5b:7a:e6:22:94:82:2a:7c:c5:00:26:
16:48:ac:45:14:5d:99:63:3b:d6:dc:c3:bc:96:fd:
47:1a:7c:70:d5:19:ea:e8:a7:4e:61:4f:b7:26:75:
30:02:2c:94:aa:9c:3d:9a:cd:6d:1c:d7:91:41:8a:
f4:53:28:b5:9b:f1:e7:ae:f8:f4:24:5a:ab:e8:77:
36:ba:15:28:02:2c:7f:1b:e9:43:1e:c9:5c:fe:7b:
7a:1b:32:0c:42:e9:9f:c6:cd:bd:50:07:c0:00:04:
43:76:69:83:00:57:d3:5e:cf:a1:7f:c0:98:d0:de:
dd:20:0b:38:48:62:f6:ab:52:45:6e:d7:99:3b:90:
76:56:74:2f:12:37:d0:dc:db:4c:72:6c:89:00:cd:
ec:2a:8b:62:a4:6a:d2:ef:15:2c:c6:c5:67:0e:ff:
ff:93:ec:29:99:66:51:7d:cc:e7:fc:0f:57:0d:35:
fe:4b:2b:da:3f:4e:26:29:de:a7:c5:55:b8:0b:6b:
dc:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0C:58:74:08:A5:C4:E0:51:6A:1F:75:75:BD:F7:EC:FF:E5:36:72
X509v3 Authority Key Identifier:
keyid:E0:93:2F:A9:EA:67:DB:91:00:BF:2E:A9:36:28:FA:45:57:D4:C7:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JMvqepn25EAvy6pNij6RVfUx5Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/61e440-62d4-43be-96d3-c529b6a3e71a/1/LgxYdAilxOBRah91db337P_lNnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/61e440-62d4-43be-96d3-c529b6a3e71a/1/4JMvqepn25EAvy6pNij6RVfUx5Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.90.0/23
185.49.231.0/24
185.226.140.0/22
IPv6:
2a10:5740::/46
Signature Algorithm: sha256WithRSAEncryption
34:bb:d8:eb:f0:e0:69:68:1c:cb:a7:c6:8d:63:34:56:88:e2:
06:61:31:a4:66:77:05:65:56:41:a3:47:22:1c:c7:2d:cb:c4:
6a:29:8a:9e:e8:a8:54:4f:25:8e:df:7a:1a:a1:1b:72:ad:61:
f6:06:2f:0f:50:98:f4:2d:5e:f9:35:51:ad:82:dd:ac:a8:9e:
c8:ae:91:ec:ae:e5:03:2c:ec:29:9f:5c:a3:65:e9:a3:d7:49:
8f:f4:0e:6a:3b:ae:dd:0f:81:50:55:35:8b:e8:e0:cd:95:35:
86:a9:cf:ce:20:84:27:6b:f3:b6:b0:4d:aa:36:eb:26:a4:d2:
76:a7:c8:32:06:7e:ae:c6:8d:a7:b0:9e:7f:97:f8:b8:0f:63:
05:93:38:d9:98:69:8b:9e:7b:8c:7f:34:b8:b9:4c:10:8c:1d:
dd:70:c8:83:4b:28:92:d2:f9:ec:0a:78:56:89:fd:4c:07:e7:
89:81:52:cf:8e:e0:15:74:2b:5b:d6:4f:5c:44:4f:e6:fb:dc:
18:2a:3a:8b:78:0f:13:3a:a3:65:24:c1:36:bb:e2:74:4a:bc:
e7:d7:03:17:f9:c9:1e:bf:f1:a9:f8:a0:d5:b6:8c:a1:10:94:
b0:90:95:7d:89:96:c1:08:f3:cb:28:ba:b6:da:6e:01:49:2c:
d4:a3:97:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBCE+xjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MDkzMmZhOWVhNjdkYjkxMDBiZjJlYTkzNjI4ZmE0NTU3ZDRjNzk0MB4XDTIyMDEw
MTA2MDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUwYzU4NzQwOGE1
YzRlMDUxNmExZjc1NzViZGY3ZWNmZmU1MzY3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ22koc8ptU4N4aLyHUTqHDOEpskDs+PjJ2j+6P5BgERm4nl
U9ZKQqnMnPnUo9djDtQVhQAsXqX+pzkxkuaRiFt65iKUgip8xQAmFkisRRRdmWM7
1tzDvJb9Rxp8cNUZ6uinTmFPtyZ1MAIslKqcPZrNbRzXkUGK9FMotZvx56749CRa
q+h3NroVKAIsfxvpQx7JXP57ehsyDELpn8bNvVAHwAAEQ3ZpgwBX017PoX/AmNDe
3SALOEhi9qtSRW7XmTuQdlZ0LxI30NzbTHJsiQDN7CqLYqRq0u8VLMbFZw7//5Ps
KZlmUX3M5/wPVw01/ksr2j9OJinep8VVuAtr3C8CAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQuDFh0CKXE4FFqH3V1vffs/+U2cjAfBgNVHSMEGDAWgBTgky+p6mfbkQC/
Lqk2KPpFV9THlDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRKTXZxZXBuMjVFQXZ5NnBOaWo2UlZmVXg1US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNjFlNDQwLTYyZDQtNDNiZS05NmQzLWM1MjliNmEzZTcxYS8x
L0xneFlkQWlseE9CUmFoOTFkYjMzN1BfbE5uSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NjFlNDQwLTYyZDQtNDNiZS05NmQzLWM1MjliNmEzZTcxYS8xLzRKTXZxZXBuMjVF
QXZ5NnBOaWo2UlZmVXg1US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAR8ZWgMEALkx5wMEArnijDAPBAIA
AjAJAwcCKhBXQAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA0u9jr8OBpaBzLp8aNYzRW
iOIGYTGkZncFZVZBo0ciHMcty8RqKYqe6KhUTyWO33oaoRtyrWH2Bi8PUJj0LV75
NVGtgt2sqJ7IrpHsruUDLOwpn1yjZemj10mP9A5qO67dD4FQVTWL6ODNlTWGqc/O
IIQna/O2sE2qNusmpNJ2p8gyBn6uxo2nsJ5/l/i4D2MFkzjZmGmLnnuMfzS4uUwQ
jB3dcMiDSyiS0vnsCnhWif1MB+eJgVLPjuAVdCtb1k9cRE/m+9wYKjqLeA8TOqNl
JME2u+J0Srzn1wMX+ckev/Gp+KDVtoyhEJSwkJV9iZbBCPPLKLq22m4BSSzUo5ct
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:49 2023 by rpki-client on console-ams.rpki-client.org