Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ly3E5pKLQdDCtSkay9FgsHJttO0.roa
File: ly3E5pKLQdDCtSkay9FgsHJttO0.roa (raw, json)
Hash identifier: 5rGuQhjMzTzVN6H9ZaAFB1lA8pzkWMyUZ3DPb2evJcw=
Subject key identifier: 97:2D:C4:E6:92:8B:41:D0:C2:B5:29:1A:CB:D1:60:B0:72:6D:B4:ED
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0189B5743247002AA4839DE3888A7F372F6D
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ly3E5pKLQdDCtSkay9FgsHJttO0.roa
Signing time: Wed 02 Aug 2023 08:53:58 +0000
ROA not before: Wed 02 Aug 2023 08:53:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 45.151.139.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
2a0f:cc87::/36 maxlen: 36
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:200:8000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a06:d900::/29 maxlen: 29
2a09:3b00::/29 maxlen: 29
2a09:4e01:3000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b5:74:32:47:00:2a:a4:83:9d:e3:88:8a:7f:37:2f:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Aug 2 08:53:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972dc4e6928b41d0c2b5291acbd160b0726db4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:cc:04:61:90:3f:0a:85:93:4a:8d:39:45:7c:
e1:6b:21:b3:7b:24:8c:89:ab:d3:44:0b:5f:03:c4:
64:e5:f0:59:fb:c8:c6:bf:47:4e:17:4c:0e:fb:65:
d6:1e:04:a7:d0:26:3e:b4:31:4d:00:27:9b:16:e2:
d8:8e:82:51:23:cc:74:f6:d0:40:cd:ed:ae:bc:b0:
c3:96:42:54:86:dd:71:1b:04:00:c7:0c:6e:44:b5:
38:b5:31:92:c4:a4:1e:ac:d2:31:6b:84:f5:89:a6:
36:1e:4a:88:69:da:0f:cc:17:aa:9a:c9:35:39:91:
66:d9:2b:a9:07:fa:d0:ed:7e:2f:46:6f:6f:74:d6:
ee:d8:af:c0:05:95:71:c2:94:f9:e8:bc:f2:fe:e7:
e4:e3:d7:fe:92:be:e4:7c:0b:57:ea:3a:5e:13:04:
a9:7a:36:57:71:b5:17:1b:f7:90:57:2d:dc:fe:4d:
ba:b5:72:9b:b2:f2:d2:4f:69:7f:86:32:0f:90:a4:
d5:ec:29:a9:99:db:84:f8:21:a8:c9:62:6a:69:6c:
8b:13:88:65:c2:b4:d7:df:d0:fe:e9:d8:ae:5c:2b:
f6:61:27:22:25:1b:66:99:06:5e:aa:ae:d9:78:50:
ac:bc:fc:1d:db:d9:40:92:94:3f:ce:fb:c9:57:d9:
75:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2D:C4:E6:92:8B:41:D0:C2:B5:29:1A:CB:D1:60:B0:72:6D:B4:ED
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/ly3E5pKLQdDCtSkay9FgsHJttO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3b00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a0c:e8c0::/29
2a0d:5ec5::/32
2a0f:cc87::/36
2a10:c0c0::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
4f:d8:42:eb:bd:f3:fb:2e:b7:89:da:56:29:5b:b1:aa:1c:ee:
65:87:bf:2f:4b:32:03:37:5a:36:d8:41:31:81:8d:2e:f3:67:
03:19:41:f0:b6:70:bb:40:fc:a9:68:1a:f2:86:40:bb:d1:14:
b1:92:dc:d3:fd:59:1c:1f:bb:2a:d4:13:1f:b8:d2:5d:f6:6f:
f4:7a:6a:4b:fa:f4:b4:3e:d5:18:9a:3a:f5:bb:11:8f:f4:f4:
e3:a0:4f:b6:a6:60:01:3a:a6:f4:9c:b3:c4:45:86:35:1d:6d:
34:26:8d:76:36:2f:e1:8a:b2:03:53:8c:f0:86:9d:7d:84:73:
65:64:93:d6:e9:d6:cb:ab:f0:0e:15:71:12:8b:31:e5:4d:2f:
a2:30:c3:f8:e5:69:4f:d5:65:95:06:c7:ef:81:b6:73:94:29:
71:8f:e5:37:2a:00:ef:8d:c8:7f:40:69:a3:8a:2e:4f:6e:4e:
7d:47:c8:13:9a:b1:27:a5:3a:b5:d6:92:9b:e6:d9:81:a7:df:
9c:de:75:7a:4c:eb:a2:b1:a1:fb:f0:17:36:69:55:76:c7:d8:
0a:76:e8:68:cf:a8:be:35:4d:dd:e9:c5:11:fa:d5:61:e9:71:
d2:f7:76:00:5b:2d:cc:22:62:a3:75:27:1b:4d:98:54:b9:b9:
0c:3c:0b:d0
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAYm1dDJHACqkg53jiIp/Ny9tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMwODAyMDg1MzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJkYzRlNjkyOGI0MWQwYzJiNTI5MWFjYmQxNjBiMDcyNmRiNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMwEYZA/CoWTSo05RXzhayGzeySM
iavTRAtfA8Rk5fBZ+8jGv0dOF0wO+2XWHgSn0CY+tDFNACebFuLYjoJRI8x09tBA
ze2uvLDDlkJUht1xGwQAxwxuRLU4tTGSxKQerNIxa4T1iaY2HkqIadoPzBeqmsk1
OZFm2SupB/rQ7X4vRm9vdNbu2K/ABZVxwpT56Lzy/ufk49f+kr7kfAtX6jpeEwSp
ejZXcbUXG/eQVy3c/k26tXKbsvLST2l/hjIPkKTV7CmpmduE+CGoyWJqaWyLE4hl
wrTX39D+6diuXCv2YSciJRtmmQZeqq7ZeFCsvPwd29lAkpQ/zvvJV9l1rQIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFJctxOaSi0HQwrUpGsvRYLBybbTtMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvbHkzRTVwS0xRZERDdFNrYXk5RmdzSEp0dE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzAeBAIAATAYAwQALZeL
AwQCU6vwAwQAVDYkAwQAwnFpMHUEAgACMG8DBQMqBtkAAwUDKgk7ADAQAwYEKglO
ATADBgUqCU4BQAMFAyoM6MADBQAqDV7FAwYEKg/MhwADBQMqEMDAAwYEKhECAAAD
BgUqEQIAQDAQAwYEKhECAHADBgQqEQIAgDAOAwUAKhECAQMFACoRAgIwDQYJKoZI
hvcNAQELBQADggEBAE/YQuu98/sut4naVilbsaoc7mWHvy9LMgM3WjbYQTGBjS7z
ZwMZQfC2cLtA/KloGvKGQLvRFLGS3NP9WRwfuyrUEx+40l32b/R6akv69LQ+1Ria
OvW7EY/09OOgT7amYAE6pvScs8RFhjUdbTQmjXY2L+GKsgNTjPCGnX2Ec2Vkk9bp
1sur8A4VcRKLMeVNL6Iww/jlaU/VZZUGx++BtnOUKXGP5TcqAO+NyH9AaaOKLk9u
Tn1HyBOasSelOrXWkpvm2YGn35zedXpM66KxofvwFzZpVXbH2Ap26GjPqL41Td3p
xRH61WHpcdL3dgBbLcwiYqN1JxtNmFS5uQw8C9A=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:05:20 2025 by rpki-client