Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LpW-FwNp5RDtQhWJ0wRHUe0WCpQ.roa
File: LpW-FwNp5RDtQhWJ0wRHUe0WCpQ.roa (raw, json)
Hash identifier: +bwJvKuxdZ0RogKxdoOHAuCrJJ0y4xap9VEL9Ovd+0g=
Subject key identifier: 2E:95:BE:17:03:69:E5:10:ED:42:15:89:D3:04:47:51:ED:16:0A:94
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 0184E1E32012EB576D4F075716FF03BB5BE1
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LpW-FwNp5RDtQhWJ0wRHUe0WCpQ.roa
Signing time: Mon 05 Dec 2022 10:44:29 +0000
ROA not before: Mon 05 Dec 2022 10:44:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 5.57.32.0/24 maxlen: 24
5.57.37.0/24 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
185.212.51.0/24 maxlen: 24
185.212.50.0/24 maxlen: 24
178.239.149.0/24 maxlen: 24
178.239.148.0/24 maxlen: 24
37.32.43.0/24 maxlen: 24
37.32.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:e3:20:12:eb:57:6d:4f:07:57:16:ff:03:bb:5b:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Dec 5 10:44:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e95be170369e510ed421589d3044751ed160a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:7a:1f:11:1d:dd:9b:df:3f:d7:c5:6e:86:a7:
ab:f7:51:27:ea:30:3e:b4:1b:29:de:55:b9:55:e9:
31:90:ce:ad:f8:3e:95:81:23:9e:9d:f5:10:ea:41:
e6:c3:12:da:2f:f2:80:a2:1d:cb:a7:81:b4:4e:c6:
7d:09:24:35:ef:17:4f:ac:3d:4f:f0:37:a6:89:de:
ba:16:b4:e4:28:85:4c:41:b7:ba:37:03:92:98:49:
d6:9b:6d:f5:4b:1f:61:8c:0e:66:51:df:f3:45:6f:
1e:83:a3:96:f4:07:52:7c:03:af:fe:9e:df:dc:4e:
35:b6:66:d3:ff:91:93:22:da:aa:61:60:6d:a9:6b:
5a:54:5e:eb:81:06:c9:90:9b:3d:fd:69:b9:a6:62:
f6:db:40:e0:68:ed:2f:06:33:e1:1f:8d:3c:65:4a:
9f:01:9c:86:4d:71:78:37:7a:ba:04:a5:90:28:19:
0b:fc:b5:70:7c:ef:22:f7:df:60:a3:89:7b:b0:a9:
40:19:a9:ab:fd:77:29:ec:2e:4b:16:1c:29:b2:de:
9e:63:04:e7:d2:f1:e0:08:72:90:24:d3:82:89:c7:
3d:05:19:84:38:dc:53:07:a3:39:a7:d6:e3:ac:b0:
5f:90:58:15:7f:a6:d6:57:52:35:8c:61:68:2e:2d:
91:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:95:BE:17:03:69:E5:10:ED:42:15:89:D3:04:47:51:ED:16:0A:94
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/LpW-FwNp5RDtQhWJ0wRHUe0WCpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.32.0/24
5.57.37.0/24
37.32.43.0/24
37.32.46.0/24
178.239.144.0-178.239.149.255
185.212.50.0/23
185.215.228.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:3f:de:f8:dd:fb:9d:6a:ee:da:56:9a:e7:fd:26:22:bd:84:
20:39:5a:7d:c8:11:43:a9:96:b8:1a:34:91:33:17:86:c0:ff:
d6:a2:9c:2b:52:be:9f:9d:d6:2c:b5:ec:11:1c:77:1f:81:3f:
d7:4c:04:5a:8d:f9:ea:2d:e7:eb:e1:fd:00:a1:50:bb:4c:c5:
2d:0e:ec:08:c5:3c:89:14:ff:27:9e:68:f4:0d:d1:17:cc:cd:
52:5a:a8:57:8d:c1:8a:c1:e7:76:87:d8:2c:7a:b0:e1:c9:e4:
c2:27:b1:e8:e8:4e:e5:7c:fe:83:e6:dc:96:82:35:41:2c:c8:
5a:f7:d7:f6:3b:e7:b4:4f:f2:52:4e:1d:b9:4b:5e:21:ea:26:
3b:2d:ff:59:0b:d8:bb:18:f6:39:43:f4:25:83:60:04:88:55:
94:db:f2:10:b4:ed:d6:fd:1c:29:a1:a3:97:d3:a8:bc:83:2c:
12:25:6d:78:4c:cb:95:26:f4:da:50:3a:46:a7:4f:8c:49:55:
74:c3:b0:c0:fb:4d:b5:e9:9c:ed:fa:f7:48:dd:2b:35:ad:13:
c3:5e:b3:02:5d:d6:a1:d0:e7:f0:64:09:3f:ab:30:50:2b:58:
74:4b:6c:75:72:f7:fc:38:3d:95:e7:6e:ac:0c:9a:f5:af:9e:
da:79:a8:aa
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYTh4yAS61dtTwdXFv8Du1vhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIxMjA1MTA0NDI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTk1YmUxNzAzNjllNTEwZWQ0MjE1ODlkMzA0NDc1MWVkMTYwYTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgnofER3dm98/18Vuhqer91En6jA+
tBsp3lW5VekxkM6t+D6VgSOenfUQ6kHmwxLaL/KAoh3Lp4G0TsZ9CSQ17xdPrD1P
8Demid66FrTkKIVMQbe6NwOSmEnWm231Sx9hjA5mUd/zRW8eg6OW9AdSfAOv/p7f
3E41tmbT/5GTItqqYWBtqWtaVF7rgQbJkJs9/Wm5pmL220DgaO0vBjPhH408ZUqf
AZyGTXF4N3q6BKWQKBkL/LVwfO8i999go4l7sKlAGamr/Xcp7C5LFhwpst6eYwTn
0vHgCHKQJNOCicc9BRmEONxTB6M5p9bjrLBfkFgVf6bWV1I1jGFoLi2R9wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFC6VvhcDaeUQ7UIVidMER1HtFgqUMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvTHBXLUZ3TnA1UkR0UWhXSjB3UkhVZTBXQ3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQABTkgAwQA
BTklAwQAJSArAwQAJSAuMAwDBASy75ADBAGy75QDBAG51DIDBAG51+QwDQYJKoZI
hvcNAQELBQADggEBAJs/3vjd+51q7tpWmuf9JiK9hCA5Wn3IEUOplrgaNJEzF4bA
/9ainCtSvp+d1iy17BEcdx+BP9dMBFqN+eot5+vh/QChULtMxS0O7AjFPIkU/yee
aPQN0RfMzVJaqFeNwYrB53aH2Cx6sOHJ5MInsejoTuV8/oPm3JaCNUEsyFr31/Y7
57RP8lJOHblLXiHqJjst/1kL2LsY9jlD9CWDYASIVZTb8hC07db9HCmho5fTqLyD
LBIlbXhMy5Um9NpQOkanT4xJVXTDsMD7TbXpnO3690jdKzWtE8NeswJd1qHQ5/Bk
CT+rMFArWHRLbHVy9/w4PZXnbqwMmvWvntp5qKo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:09 2024 by rpki-client on console-ams.rpki-client.org