Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/l4M7riJYfJ-TVrOu0aetexaBceQ.roa
File: l4M7riJYfJ-TVrOu0aetexaBceQ.roa (raw, json)
Hash identifier: Be7Mg+A6KoASSsO2TI0ap2zsIi0to4gO4mobRi/g/p8=
Subject key identifier: 97:83:3B:AE:22:58:7C:9F:93:56:B3:AE:D1:A7:AD:7B:16:81:71:E4
Certificate issuer: /CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Certificate serial: 01843EFE14CBE420DD135E5DF56105779959
Authority key identifier: B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/l4M7riJYfJ-TVrOu0aetexaBceQ.roa
Signing time: Thu 03 Nov 2022 19:35:49 +0000
ROA not before: Thu 03 Nov 2022 19:35:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 193.164.4.0/24 maxlen: 24
185.93.70.0/24 maxlen: 24
185.93.71.0/24 maxlen: 24
185.93.68.0/24 maxlen: 24
193.164.6.0/24 maxlen: 24
193.164.7.0/24 maxlen: 24
93.177.102.0/24 maxlen: 24
2a05:f7c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:3e:fe:14:cb:e4:20:dd:13:5e:5d:f5:61:05:77:99:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0b5a80a7106e0a4b8545c8150bb72c699fcc9a0
Validity
Not Before: Nov 3 19:35:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97833bae22587c9f9356b3aed1a7ad7b168171e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:04:4a:6c:d5:7e:26:5e:ab:84:60:b6:5c:3b:
55:c6:4a:54:e5:0c:9a:3e:e8:b8:3a:e6:2a:2d:14:
c5:5d:00:c3:02:7f:a8:b2:d1:35:a4:66:8f:17:20:
bb:c2:b4:37:ab:1f:ac:31:2b:77:73:ae:ad:00:40:
65:53:7e:71:60:11:ea:95:c8:9c:dc:7c:f1:09:d9:
de:32:8b:eb:7b:3e:47:fe:d6:e1:db:78:e2:31:e7:
30:86:88:07:d5:93:dd:4c:94:87:fb:d2:22:c3:47:
92:4a:86:51:5a:a3:19:73:98:c5:d7:44:1b:3b:4d:
8a:45:b8:b1:5c:08:0e:da:47:58:64:a5:23:0f:fc:
4e:4d:c3:74:16:30:7c:45:17:c3:f5:0e:86:14:a4:
7d:6f:17:9c:b7:e5:ce:df:96:9c:1a:3b:4c:bc:c1:
dd:f6:82:5c:f9:af:3a:95:a7:2b:54:07:41:bb:78:
87:eb:92:8f:d9:42:be:28:51:2d:d4:0a:4c:a1:25:
50:de:f1:b0:40:24:a8:1b:df:9a:1b:00:c6:98:50:
97:61:90:94:e6:78:fd:0f:cd:3e:31:f2:4e:4a:84:
f7:96:9a:0b:3a:ef:68:9b:23:2a:9c:a0:8b:ba:25:
85:23:77:c6:fc:2f:a2:88:13:e4:f0:d5:4b:96:f9:
f3:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:83:3B:AE:22:58:7C:9F:93:56:B3:AE:D1:A7:AD:7B:16:81:71:E4
X509v3 Authority Key Identifier:
keyid:B0:B5:A8:0A:71:06:E0:A4:B8:54:5C:81:50:BB:72:C6:99:FC:C9:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sLWoCnEG4KS4VFyBULtyxpn8yaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/l4M7riJYfJ-TVrOu0aetexaBceQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/f153dc-cbfb-4a4f-80d2-745e08fe58c6/1/sLWoCnEG4KS4VFyBULtyxpn8yaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.102.0/24
185.93.68.0/24
185.93.70.0/23
193.164.4.0/24
193.164.6.0/23
IPv6:
2a05:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
35:14:4f:a1:36:59:04:6a:24:36:2b:ed:c6:f2:23:4e:d5:09:
5e:28:42:37:20:ef:4a:3d:1f:c6:64:0d:7a:17:35:93:45:08:
90:02:1d:04:9b:64:72:a7:d7:90:87:f1:e2:62:ec:81:0f:1a:
38:bb:0b:0e:1b:54:00:60:67:08:83:f6:28:20:43:e2:87:ef:
31:a8:61:98:f5:43:b6:72:2f:53:66:52:f7:14:2a:2d:24:99:
06:a7:1a:c3:26:43:67:1e:69:ea:ad:00:30:3f:73:b4:b9:68:
ef:cd:f5:9a:3e:ae:a3:ae:9b:93:39:fd:ad:43:fe:1d:60:82:
56:18:ee:88:4a:fc:cd:a6:ce:0a:05:a8:25:f7:5d:fa:c1:de:
54:0d:21:bc:7a:7b:7e:56:4c:98:5e:59:4f:0b:76:0c:d1:e1:
3b:17:09:90:d6:0c:d9:03:10:c0:64:ff:ab:f9:ff:60:3a:09:
24:d1:ff:f2:6d:82:8c:59:60:6c:70:34:bc:5e:8b:9d:f0:0b:
35:0b:17:4b:8e:24:a4:dc:d7:a0:c0:2b:94:1c:87:db:e9:da:
20:ca:bd:eb:0c:d5:82:26:a0:80:11:50:23:a3:35:ce:04:7d:
d1:5f:fe:42:c7:b4:f0:d6:04:41:80:99:f6:26:b0:60:e5:8a:
3a:0b:05:ee
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYQ+/hTL5CDdE15d9WEFd5lZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYjVhODBhNzEwNmUwYTRiODU0NWM4MTUwYmI3MmM2OTlm
Y2M5YTAwHhcNMjIxMTAzMTkzNTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzgzM2JhZTIyNTg3YzlmOTM1NmIzYWVkMWE3YWQ3YjE2ODE3MWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAowRKbNV+Jl6rhGC2XDtVxkpU5Qya
Pui4OuYqLRTFXQDDAn+ostE1pGaPFyC7wrQ3qx+sMSt3c66tAEBlU35xYBHqlcic
3HzxCdneMovrez5H/tbh23jiMecwhogH1ZPdTJSH+9Iiw0eSSoZRWqMZc5jF10Qb
O02KRbixXAgO2kdYZKUjD/xOTcN0FjB8RRfD9Q6GFKR9bxect+XO35acGjtMvMHd
9oJc+a86lacrVAdBu3iH65KP2UK+KFEt1ApMoSVQ3vGwQCSoG9+aGwDGmFCXYZCU
5nj9D80+MfJOSoT3lpoLOu9omyMqnKCLuiWFI3fG/C+iiBPk8NVLlvnzPwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFJeDO64iWHyfk1azrtGnrXsWgXHkMB8GA1UdIwQY
MBaAFLC1qApxBuCkuFRcgVC7csaZ/MmgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDIt
NzQ1ZTA4ZmU1OGM2LzEvbDRNN3JpSllmSi1UVnJPdTBhZXRleGFCY2VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9mMTUzZGMtY2JmYi00YTRmLTgwZDItNzQ1ZTA4ZmU1OGM2
LzEvc0xXb0NuRUc0S1M0VkZ5QlVMdHl4cG44eWFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAXbFmAwQA
uV1EAwQBuV1GAwQAwaQEAwQBwaQGMA0EAgACMAcDBQMqBffAMA0GCSqGSIb3DQEB
CwUAA4IBAQA1FE+hNlkEaiQ2K+3G8iNO1QleKEI3IO9KPR/GZA16FzWTRQiQAh0E
m2Ryp9eQh/HiYuyBDxo4uwsOG1QAYGcIg/YoIEPih+8xqGGY9UO2ci9TZlL3FCot
JJkGpxrDJkNnHmnqrQAwP3O0uWjvzfWaPq6jrpuTOf2tQ/4dYIJWGO6ISvzNps4K
Bagl9136wd5UDSG8ent+VkyYXllPC3YM0eE7FwmQ1gzZAxDAZP+r+f9gOgkk0f/y
bYKMWWBscDS8Xoud8As1CxdLjiSk3NegwCuUHIfb6dogyr3rDNWCJqCAEVAjozXO
BH3RX/5Cx7Tw1gRBgJn2JrBg5Yo6CwXu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:32 2024 by rpki-client on console-fra.rpki-client.org