Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lprAlsIJqkyk59xUGWGuHmAf1eo.roa
File: lprAlsIJqkyk59xUGWGuHmAf1eo.roa (raw, json)
Hash identifier: wA9MDjgUu2tQUa4/LXY++2L7NjUxENLujhqMoG/4cAM=
Subject key identifier: 96:9A:C0:96:C2:09:AA:4C:A4:E7:DC:54:19:61:AE:1E:60:1F:D5:EA
Certificate issuer: /CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Certificate serial: 03AD19FF
Authority key identifier: DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lprAlsIJqkyk59xUGWGuHmAf1eo.roa
Signing time: Sat 01 Jan 2022 05:55:39 +0000
ROA not before: Sat 01 Jan 2022 05:55:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205330
IP address blocks: 37.130.216.0/24 maxlen: 24
37.130.217.0/24 maxlen: 24
37.130.218.0/24 maxlen: 24
37.130.219.0/24 maxlen: 24
37.130.216.0/22 maxlen: 22
37.130.216.0/21 maxlen: 21
37.130.222.0/24 maxlen: 24
37.130.223.0/24 maxlen: 24
37.130.220.0/22 maxlen: 22
37.130.220.0/24 maxlen: 24
37.130.221.0/24 maxlen: 24
185.109.56.0/24 maxlen: 24
185.109.57.0/24 maxlen: 24
185.109.58.0/24 maxlen: 24
185.109.56.0/22 maxlen: 22
185.109.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61676031 (0x3ad19ff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Validity
Not Before: Jan 1 05:55:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=969ac096c209aa4ca4e7dc541961ae1e601fd5ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ff:36:6e:19:96:60:90:ee:55:d8:40:74:48:
66:5a:41:c0:0b:19:73:e2:14:75:e6:6c:30:e0:dc:
8e:d0:11:21:3c:6c:03:d8:91:20:16:ac:6c:ff:2c:
bf:82:d2:59:69:86:4e:49:f6:8f:a0:32:ac:b8:46:
37:9e:01:1a:de:1f:49:63:f6:41:83:cc:88:52:23:
7b:1c:b2:f7:78:4e:65:40:18:99:8e:3d:77:9f:5e:
5c:0e:09:07:9a:da:d3:6c:94:02:a5:bd:77:0d:5b:
ea:a8:a8:4e:96:41:cf:81:c2:e4:56:95:99:a3:98:
27:ec:76:86:03:f4:6c:e2:34:cb:d2:f8:89:f7:ec:
8d:a3:bd:70:43:c1:cb:bb:03:c3:44:53:e6:f5:01:
24:81:02:6b:ad:80:67:96:a8:dc:0e:b6:5d:cd:44:
ae:36:60:8e:a6:8d:b3:1b:35:a6:c0:c3:6b:f4:ab:
8e:ae:ae:0e:de:69:5d:d4:0c:e3:dc:22:56:94:b4:
7d:0a:97:2e:0f:75:0a:10:7f:be:cb:ab:a2:22:46:
2a:d0:0d:83:0f:c5:9a:ff:6b:ef:b4:0f:f8:a2:5f:
d6:61:c6:67:4d:d2:67:2a:64:7d:68:b1:b2:f7:18:
af:06:84:16:6a:ed:43:fb:6b:c3:98:40:2d:55:e8:
14:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:9A:C0:96:C2:09:AA:4C:A4:E7:DC:54:19:61:AE:1E:60:1F:D5:EA
X509v3 Authority Key Identifier:
keyid:DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/lprAlsIJqkyk59xUGWGuHmAf1eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/3F-syhTeCBdO9clskfHngl9C0Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.216.0/21
185.109.56.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:f5:61:ad:54:c1:68:5c:2c:9a:9e:74:83:e4:b9:ff:dc:49:
43:7a:13:1e:b2:f3:64:3f:31:47:be:8a:92:53:4d:bb:65:16:
ae:fe:e7:2a:0e:f7:6f:2d:e9:3a:da:8f:b9:b4:c5:9a:ef:4a:
24:dc:12:75:ea:a3:01:3b:f5:a1:02:46:dc:13:36:33:23:64:
15:7a:66:de:ea:c5:b0:88:90:b0:72:10:d5:67:c7:a6:88:15:
78:0a:42:41:3c:95:53:63:23:1d:b8:21:ff:ca:18:ae:e2:56:
30:98:c3:64:de:12:cc:54:a9:75:4d:14:32:95:51:3e:08:52:
7d:a1:01:c9:cd:0e:80:0e:b0:e2:c9:b0:71:b1:d1:a3:1e:fd:
6c:f5:e7:d6:02:c0:51:2d:9b:28:7c:bd:d9:f9:bf:9c:12:0a:
18:d3:26:9f:be:af:5d:7a:7d:fd:57:50:2e:8e:95:aa:ad:f6:
51:6c:c8:54:31:96:c5:2a:31:76:63:73:e2:bd:a9:7c:17:ea:
95:14:55:16:46:dc:15:bd:5d:3c:f9:01:df:5d:1e:b1:f6:65:
47:c6:17:5e:f2:fe:ff:6a:0a:0c:a0:3b:cc:e1:0d:ff:38:2e:
08:fb:bb:6e:71:41:24:1f:a0:21:7d:91:0f:60:aa:73:90:9a:
17:32:2d:5e
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA60Z/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzVmYWNjYTE0ZGUwODE3NGVmNWM5NmM5MWYxZTc4MjVmNDJkMDdiMB4XDTIyMDEw
MTA1NTUzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY5YWMwOTZjMjA5
YWE0Y2E0ZTdkYzU0MTk2MWFlMWU2MDFmZDVlYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj/Nm4ZlmCQ7lXYQHRIZlpBwAsZc+IUdeZsMODcjtARITxs
A9iRIBasbP8sv4LSWWmGTkn2j6AyrLhGN54BGt4fSWP2QYPMiFIjexyy93hOZUAY
mY49d59eXA4JB5ra02yUAqW9dw1b6qioTpZBz4HC5FaVmaOYJ+x2hgP0bOI0y9L4
iffsjaO9cEPBy7sDw0RT5vUBJIECa62AZ5ao3A62Xc1ErjZgjqaNsxs1psDDa/Sr
jq6uDt5pXdQM49wiVpS0fQqXLg91ChB/vsuroiJGKtANgw/Fmv9r77QP+KJf1mHG
Z03SZypkfWixsvcYrwaEFmrtQ/trw5hALVXoFJUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSWmsCWwgmqTKTn3FQZYa4eYB/V6jAfBgNVHSMEGDAWgBTcX6zKFN4IF071
yWyR8eeCX0LQezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNGLXN5aFRlQ0JkTzljbHNrZkhuZ2w5QzBIcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTEvMDg5M2YxLWZmYjQtNDZiMy1iZjI3LWE3MDE2OTgwYzg2Zi8x
L2xwckFsc0lKcWt5azU5eFVHV0d1SG1BZjFlby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTEv
MDg5M2YxLWZmYjQtNDZiMy1iZjI3LWE3MDE2OTgwYzg2Zi8xLzNGLXN5aFRlQ0Jk
TzljbHNrZkhuZ2w5QzBIcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAyWC2AMEArltODANBgkqhkiG9w0B
AQsFAAOCAQEAsPVhrVTBaFwsmp50g+S5/9xJQ3oTHrLzZD8xR76KklNNu2UWrv7n
Kg73by3pOtqPubTFmu9KJNwSdeqjATv1oQJG3BM2MyNkFXpm3urFsIiQsHIQ1WfH
pogVeApCQTyVU2MjHbgh/8oYruJWMJjDZN4SzFSpdU0UMpVRPghSfaEByc0OgA6w
4smwcbHRox79bPXn1gLAUS2bKHy92fm/nBIKGNMmn76vXXp9/VdQLo6Vqq32UWzI
VDGWxSoxdmNz4r2pfBfqlRRVFkbcFb1dPPkB310esfZlR8YXXvL+/2oKDKA7zOEN
/zguCPu7bnFBJB+gIX2RD2Cqc5CaFzItXg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:55 2025 by rpki-client