Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LhJ3VQEG7P2dSx2DqF92rGeoFqU.roa
File: LhJ3VQEG7P2dSx2DqF92rGeoFqU.roa (raw, json)
Hash identifier: cZgspZMp8Ok4whCHbsiGqQAlcLZFMpgZAbyS0O4Pi3o=
Subject key identifier: 2E:12:77:55:01:06:EC:FD:9D:4B:1D:83:A8:5F:76:AC:67:A8:16:A5
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 35140BC6
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LhJ3VQEG7P2dSx2DqF92rGeoFqU.roa
Signing time: Sat 01 Jan 2022 01:59:56 +0000
ROA not before: Sat 01 Jan 2022 01:59:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34078
IP address blocks: 178.239.151.0/24 maxlen: 24
178.239.152.0/24 maxlen: 24
185.26.34.0/24 maxlen: 24
185.26.33.0/24 maxlen: 24
185.26.32.0/24 maxlen: 24
185.26.32.0/22 maxlen: 22
178.239.153.0/24 maxlen: 24
185.26.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 890506182 (0x35140bc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jan 1 01:59:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e1277550106ecfd9d4b1d83a85f76ac67a816a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3d:b8:66:81:e7:78:b5:5d:2d:75:cb:a8:6c:
74:f8:4b:72:11:bb:14:96:43:93:85:eb:89:12:b5:
a0:06:f1:11:b5:b1:22:80:e1:f9:9b:c4:2e:a4:06:
2b:08:09:cc:58:6a:20:22:01:ac:0e:61:fe:45:55:
9d:b0:eb:84:fb:d4:0a:cb:50:52:a2:43:51:92:ef:
40:bf:6c:56:13:65:0a:e6:f6:61:f4:f7:30:99:05:
f6:f7:fe:ff:12:67:f4:ce:b6:e2:88:97:16:cc:1c:
02:ea:e3:74:df:24:75:4a:aa:88:5f:c4:b8:86:70:
d9:03:cc:5f:03:c2:2a:65:cf:4e:59:f8:f5:be:39:
38:73:76:13:ac:a8:28:21:21:2e:a9:37:e0:59:41:
c2:79:5d:fc:f7:a6:39:17:d8:48:2a:e1:5a:d2:60:
15:8a:a2:db:37:ff:6e:34:8d:63:ef:da:7f:24:05:
2d:71:1e:62:46:83:25:ce:af:11:8d:1d:06:a8:b2:
7d:21:d6:25:9c:59:f8:fe:95:7e:3c:c9:6b:99:07:
90:94:72:e6:0c:48:dc:d5:98:f2:11:8e:58:6d:85:
f0:6e:7c:81:55:d9:d2:dc:c4:99:99:03:6b:f8:bd:
3d:31:84:79:26:3f:d4:c4:77:ab:b1:df:0c:aa:1d:
88:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:12:77:55:01:06:EC:FD:9D:4B:1D:83:A8:5F:76:AC:67:A8:16:A5
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LhJ3VQEG7P2dSx2DqF92rGeoFqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.151.0-178.239.153.255
185.26.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:83:d9:6b:f7:a6:cd:79:f7:66:88:0c:94:d2:2f:ff:4b:a0:
8b:90:fe:cc:e5:aa:32:db:a9:30:f9:37:6d:15:f9:70:b7:7d:
b7:44:0b:4e:f6:d1:c2:d6:ae:26:04:51:59:89:c8:39:c0:c2:
96:52:3d:cf:4c:18:c8:5a:20:d2:77:f4:c3:1d:99:a2:de:76:
d4:e0:de:99:b0:e1:af:a1:6a:86:d8:b0:5d:5e:5c:b7:d9:fc:
d9:53:fb:45:aa:69:68:2f:13:34:8d:28:5a:1b:48:d7:5a:4b:
0c:2e:85:81:28:56:b0:24:d2:e1:78:ec:75:a2:29:62:78:4a:
a6:ce:31:09:12:e4:ae:02:65:49:d0:0f:12:0f:79:9f:1d:47:
d9:03:6f:66:e2:71:c4:5d:2f:5c:83:8d:c2:2f:bd:5d:82:c8:
b4:76:2a:49:f2:7f:69:e7:0d:48:0a:a4:89:ea:55:59:79:6a:
a6:28:22:1a:52:ba:7e:fc:97:b1:eb:8b:d1:29:e6:5b:f5:3c:
45:61:e4:42:6e:a2:97:14:5c:ae:87:92:99:41:f7:65:0c:f1:
5b:56:6b:17:14:38:ee:16:ab:e1:61:27:52:d5:65:1f:6b:4a:
0a:d2:93:dc:8c:c3:e3:f7:ea:c3:30:db:3a:9b:07:3a:c0:8e:
dc:27:7f:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIENRQLxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MTM1MzMzOTlmNTVlYjUyZTZiMjIwMGM3Y2FlNDI3MmI3NGQ2NDY0MB4XDTIyMDEw
MTAxNTk1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUxMjc3NTUwMTA2
ZWNmZDlkNGIxZDgzYTg1Zjc2YWM2N2E4MTZhNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ49uGaB53i1XS11y6hsdPhLchG7FJZDk4XriRK1oAbxEbWx
IoDh+ZvELqQGKwgJzFhqICIBrA5h/kVVnbDrhPvUCstQUqJDUZLvQL9sVhNlCub2
YfT3MJkF9vf+/xJn9M624oiXFswcAurjdN8kdUqqiF/EuIZw2QPMXwPCKmXPTln4
9b45OHN2E6yoKCEhLqk34FlBwnld/PemORfYSCrhWtJgFYqi2zf/bjSNY+/afyQF
LXEeYkaDJc6vEY0dBqiyfSHWJZxZ+P6VfjzJa5kHkJRy5gxI3NWY8hGOWG2F8G58
gVXZ0tzEmZkDa/i9PTGEeSY/1MR3q7HfDKodiOMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQuEndVAQbs/Z1LHYOoX3asZ6gWpTAfBgNVHSMEGDAWgBTxNTM5n1XrUuay
IAx8rkJyt01kZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhUVXpPWjlWNjFMbXNpQU1mSzVDY3JkTlpHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTIvODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8x
L0xoSjNWUUVHN1AyZFN4MkRxRjkyckdlb0ZxVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTIv
ODQ0ZWViLWNkZjEtNDdmMS1iY2ZhLTk4OTE2Njg4MTk2OS8xLzhUVXpPWjlWNjFM
bXNpQU1mSzVDY3JkTlpHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFDAMAwQAsu+XAwQBsu+YAwQCuRogMA0G
CSqGSIb3DQEBCwUAA4IBAQCng9lr96bNefdmiAyU0i//S6CLkP7M5aoy26kw+Tdt
Fflwt323RAtO9tHC1q4mBFFZicg5wMKWUj3PTBjIWiDSd/TDHZmi3nbU4N6ZsOGv
oWqG2LBdXly32fzZU/tFqmloLxM0jShaG0jXWksMLoWBKFawJNLheOx1oilieEqm
zjEJEuSuAmVJ0A8SD3mfHUfZA29m4nHEXS9cg43CL71dgsi0dipJ8n9p5w1ICqSJ
6lVZeWqmKCIaUrp+/Jex64vRKeZb9TxFYeRCbqKXFFyuh5KZQfdlDPFbVmsXFDju
FqvhYSdS1WUfa0oK0pPcjMPj9+rDMNs6mwc6wI7cJ3/y
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:19 2023 by rpki-client on console-ams.rpki-client.org