Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/LD8WrglWRG0t2wslizYG0AY5mxY.roa
File: LD8WrglWRG0t2wslizYG0AY5mxY.roa (raw, json)
Hash identifier: +RsQf5pTFceBlWw7Frg2Kov5AoZixeXiW6o5t4cEJyg=
Subject key identifier: 2C:3F:16:AE:09:56:44:6D:2D:DB:0B:25:8B:36:06:D0:06:39:9B:16
Certificate issuer: /CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
Certificate serial: 0FBAAF5E
Authority key identifier: FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/LD8WrglWRG0t2wslizYG0AY5mxY.roa
Signing time: Sat 01 Jan 2022 06:06:00 +0000
ROA not before: Sat 01 Jan 2022 06:06:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39832
IP address blocks: 91.203.96.0/22 maxlen: 24
141.0.8.0/21 maxlen: 24
195.189.142.0/23 maxlen: 24
82.145.208.0/20 maxlen: 24
185.26.180.0/22 maxlen: 24
37.228.104.0/21 maxlen: 24
2001:4c28::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 263892830 (0xfbaaf5e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbed9439a4e4b2d32e4bee647f3b61055b169e3d
Validity
Not Before: Jan 1 06:06:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c3f16ae0956446d2ddb0b258b3606d006399b16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:c7:60:6b:9b:e4:7c:01:d6:33:47:3b:20:
05:21:84:b9:e9:cd:e1:b2:e9:4f:bb:65:d6:90:c8:
d1:85:12:08:9f:1d:34:97:d4:31:85:17:a3:f8:23:
bf:38:5d:03:cb:9b:e3:f1:59:8c:0f:7d:f9:82:0a:
e5:d4:88:3f:2e:5a:96:a1:79:62:4b:81:01:de:56:
00:32:72:cf:27:72:6e:8d:5f:67:d2:8d:e1:95:73:
bd:4d:4d:ed:cb:bb:84:5b:fe:66:55:80:8d:e7:2a:
10:45:b2:6e:00:b6:d8:c4:93:51:35:a1:dd:6f:39:
f2:43:36:be:1c:55:43:e3:8d:26:d9:bf:e2:66:25:
68:75:40:1c:2f:8f:f9:d9:fe:7f:41:e3:d6:f3:c6:
51:e5:47:8b:a7:85:98:e8:c9:c4:35:94:05:c0:7e:
25:0a:34:d1:c7:ba:5f:61:34:b1:05:84:a5:da:88:
24:81:bf:50:02:92:fa:ad:da:0a:6a:1c:0d:10:72:
22:fb:00:12:9e:78:57:6e:1c:d9:37:c5:2e:24:17:
1a:22:20:9d:b3:57:ca:e8:f7:2e:8a:45:0b:58:64:
cb:ee:33:f3:a9:9f:fc:af:26:cf:28:42:dd:57:93:
e3:b5:00:01:65:45:57:9e:21:2d:19:15:64:a9:bb:
a8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:3F:16:AE:09:56:44:6D:2D:DB:0B:25:8B:36:06:D0:06:39:9B:16
X509v3 Authority Key Identifier:
keyid:FB:ED:94:39:A4:E4:B2:D3:2E:4B:EE:64:7F:3B:61:05:5B:16:9E:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1--2UOaTkstMuS-5kfzthBVsWnj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/LD8WrglWRG0t2wslizYG0AY5mxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/d07c07-b962-4f4b-a3a0-b51b35def6de/1/1--2UOaTkstMuS-5kfzthBVsWnj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.104.0/21
82.145.208.0/20
91.203.96.0/22
141.0.8.0/21
185.26.180.0/22
195.189.142.0/23
IPv6:
2001:4c28::/32
Signature Algorithm: sha256WithRSAEncryption
02:66:c3:57:22:d7:1f:0b:9a:33:61:55:dc:0a:93:e1:47:a4:
ce:72:80:e1:ae:5b:cb:ec:5b:84:6b:6a:cf:7f:b3:e3:51:87:
de:cb:67:4f:1b:3b:68:dc:c9:9b:a8:69:b6:27:0d:9c:5d:fe:
d6:5a:6d:0d:83:01:59:e8:40:99:90:cd:54:4e:2d:bc:19:45:
69:0d:0f:ff:47:dc:13:9c:65:d9:92:69:52:fb:1f:4b:2f:ac:
e3:f4:59:ba:b9:ae:46:75:3f:e8:7e:1b:94:3e:6b:70:39:dc:
9d:34:24:43:93:68:6f:e3:49:5d:46:85:7c:d0:57:d9:56:75:
7f:26:b0:bc:e6:04:2c:5b:d7:96:85:ff:54:a6:b2:9c:cd:45:
5c:df:26:48:df:ba:ca:c4:9f:32:ba:de:6a:b6:a8:7c:5c:af:
cf:51:4b:c0:92:69:f7:fe:d1:1d:33:00:fe:c7:bf:4f:22:cd:
b6:57:52:7e:df:95:73:7f:e5:00:ab:97:cb:ee:b7:29:01:e4:
3d:4d:60:32:c7:8a:8f:d6:35:de:0f:22:eb:7f:fa:44:20:e0:
fa:01:57:b0:4f:98:45:0a:b8:59:bb:44:50:f5:3f:68:a3:5d:
12:60:aa:63:cd:5c:63:db:6a:60:9d:88:24:80:a3:ab:c7:44:
b2:1c:54:b1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIED7qvXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
YmVkOTQzOWE0ZTRiMmQzMmU0YmVlNjQ3ZjNiNjEwNTViMTY5ZTNkMB4XDTIyMDEw
MTA2MDYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmMzZjE2YWUwOTU2
NDQ2ZDJkZGIwYjI1OGIzNjA2ZDAwNjM5OWIxNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+rx2Brm+R8AdYzRzsgBSGEuenN4bLpT7tl1pDI0YUSCJ8d
NJfUMYUXo/gjvzhdA8ub4/FZjA99+YIK5dSIPy5alqF5YkuBAd5WADJyzydybo1f
Z9KN4ZVzvU1N7cu7hFv+ZlWAjecqEEWybgC22MSTUTWh3W858kM2vhxVQ+ONJtm/
4mYlaHVAHC+P+dn+f0Hj1vPGUeVHi6eFmOjJxDWUBcB+JQo00ce6X2E0sQWEpdqI
JIG/UAKS+q3aCmocDRByIvsAEp54V24c2TfFLiQXGiIgnbNXyuj3LopFC1hky+4z
86mf/K8mzyhC3VeT47UAAWVFV54hLRkVZKm7qLsCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBQsPxauCVZEbS3bCyWLNgbQBjmbFjAfBgNVHSMEGDAWgBT77ZQ5pOSy0y5L
7mR/O2EFWxaePTAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtLTJVT2FUa3N0TXVTLTVrZnp0aEJWc1duajAuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzkwL2QwN2MwNy1iOTYyLTRmNGItYTNhMC1iNTFiMzVkZWY2ZGUv
MS9MRDhXcmdsV1JHMHQyd3NsaXpZRzBBWTVteFkucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzkw
L2QwN2MwNy1iOTYyLTRmNGItYTNhMC1iNTFiMzVkZWY2ZGUvMS8xLS0yVU9hVGtz
dE11Uy01a2Z6dGhCVnNXbmowLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJeRoAwQEUpHQAwQCW8tgAwQD
jQAIAwQCuRq0AwQBw72OMA0EAgACMAcDBQAgAUwoMA0GCSqGSIb3DQEBCwUAA4IB
AQACZsNXItcfC5ozYVXcCpPhR6TOcoDhrlvL7FuEa2rPf7PjUYfey2dPGzto3Mmb
qGm2Jw2cXf7WWm0NgwFZ6ECZkM1UTi28GUVpDQ//R9wTnGXZkmlS+x9LL6zj9Fm6
ua5GdT/ofhuUPmtwOdydNCRDk2hv40ldRoV80FfZVnV/JrC85gQsW9eWhf9UprKc
zUVc3yZI37rKxJ8yut5qtqh8XK/PUUvAkmn3/tEdMwD+x79PIs22V1J+35Vzf+UA
q5fL7rcpAeQ9TWAyx4qP1jXeDyLrf/pEIOD6AVewT5hFCrhZu0RQ9T9oo10SYKpj
zVxj22pgnYgkgKOrx0SyHFSx
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:53 2024 by rpki-client on console-ams.rpki-client.org