Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/LhfU8GqDuHG_R38wRDHnpK6Cnxk.roa
File: LhfU8GqDuHG_R38wRDHnpK6Cnxk.roa (raw, json)
Hash identifier: AtGTL51R+s4ejjZsSWkhx8GXH/HjdRitqG/9OAAd+H0=
Subject key identifier: 2E:17:D4:F0:6A:83:B8:71:BF:47:7F:30:44:31:E7:A4:AE:82:9F:19
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 06F4E770
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/LhfU8GqDuHG_R38wRDHnpK6Cnxk.roa
Signing time: Wed 25 May 2022 09:09:13 +0000
ROA not before: Wed 25 May 2022 09:09:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208909
IP address blocks: 162.213.67.0/24 maxlen: 24
162.213.66.0/24 maxlen: 24
162.213.65.0/24 maxlen: 24
45.15.137.0/24 maxlen: 24
45.15.136.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
185.132.90.0/24 maxlen: 24
162.213.64.0/24 maxlen: 24
91.204.124.0/22 maxlen: 22
2a0e:3c80::/29 maxlen: 29
2a01:57a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116713328 (0x6f4e770)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: May 25 09:09:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e17d4f06a83b871bf477f304431e7a4ae829f19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2b:6d:e2:d1:52:80:0d:3e:25:9b:da:cb:ed:
34:c1:0e:6a:c3:6b:b1:7d:32:4a:74:d6:24:90:7c:
f5:38:91:c6:91:c9:7f:b1:ea:45:06:db:73:16:88:
d8:93:47:39:4b:17:27:fa:77:ad:5e:0b:66:f4:f8:
eb:4b:77:e7:99:04:88:07:3c:4a:6f:d4:f2:35:dc:
8b:30:e5:83:57:b9:b5:4b:10:49:3e:1d:cf:5c:3f:
77:0e:7c:36:5c:2b:3c:77:50:bf:7b:06:b4:aa:8a:
b1:5d:6f:fb:67:82:82:3c:f5:2e:e8:53:8b:ce:de:
be:69:83:33:c7:96:12:a7:d0:30:15:61:65:97:df:
70:fc:4f:76:92:e1:86:c6:d0:ce:71:22:13:e8:93:
b9:12:f8:37:d1:b0:5a:5e:b5:fb:b1:40:38:91:56:
73:cb:e8:dd:5e:1f:6e:96:fc:17:e3:9f:5d:b3:95:
73:7d:d3:20:29:d0:34:5c:60:ef:f8:16:80:1a:99:
d4:1a:c9:91:99:27:c6:22:a2:7d:88:de:11:d3:a9:
69:40:2c:00:f4:c2:6c:0d:f1:d8:be:f6:35:b9:97:
71:af:85:04:53:09:62:b1:f8:77:69:3b:1d:c5:02:
3a:f2:19:81:29:93:f7:4a:90:3b:10:74:f2:5a:ea:
71:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:17:D4:F0:6A:83:B8:71:BF:47:7F:30:44:31:E7:A4:AE:82:9F:19
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/LhfU8GqDuHG_R38wRDHnpK6Cnxk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
162.213.64.0/22
185.41.96.0/22
185.132.90.0/24
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
0d:ca:3d:ad:6f:be:4e:c9:0e:ae:00:12:89:62:61:97:e4:42:
33:cf:cb:d3:e2:32:07:66:05:4e:4e:04:7f:32:a2:a0:9f:61:
a0:72:17:41:77:29:94:4c:2a:f5:5d:90:fe:be:3d:25:90:8d:
da:06:22:b4:36:1b:37:d5:af:8b:01:6d:39:07:48:13:91:c6:
20:88:67:89:92:ea:c6:85:ab:98:0b:10:83:87:44:98:11:3e:
94:0f:bb:b8:5f:86:e2:90:87:e2:76:26:b3:ab:a8:4b:b8:46:
96:63:f5:90:02:6d:1b:2b:eb:69:32:28:5c:15:2b:ce:a8:a6:
63:98:2a:7b:27:88:34:51:2c:07:58:2d:74:42:a3:c5:05:02:
4f:11:4a:12:41:c1:70:94:d4:48:5b:b4:b4:2e:46:a8:97:6e:
a2:75:09:9e:4b:91:41:73:fc:44:9f:6d:37:fd:ce:05:72:1c:
3a:0b:ef:cb:0b:f9:b6:c9:eb:e0:48:ee:02:d3:b8:46:eb:3a:
2b:5e:30:2b:27:4d:2e:11:b8:55:24:3c:1e:ce:9b:ee:22:38:
6c:6b:ae:3c:8d:8a:a5:03:c4:5d:d3:f5:57:8b:12:7f:72:c2:
dd:79:ff:bd:ff:52:d1:63:d4:bf:c3:58:8b:cd:7d:70:b5:ba:
bf:66:c2:65
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEBvTncDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MGU4ZTU2YjE4ZDQ1YzY0NmYwM2NiNmY5MDY5ZGEwYzhiM2M3NGFkMB4XDTIyMDUy
NTA5MDkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUxN2Q0ZjA2YTgz
Yjg3MWJmNDc3ZjMwNDQzMWU3YTRhZTgyOWYxOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0rbeLRUoANPiWb2svtNMEOasNrsX0ySnTWJJB89TiRxpHJ
f7HqRQbbcxaI2JNHOUsXJ/p3rV4LZvT460t355kEiAc8Sm/U8jXcizDlg1e5tUsQ
ST4dz1w/dw58NlwrPHdQv3sGtKqKsV1v+2eCgjz1LuhTi87evmmDM8eWEqfQMBVh
ZZffcPxPdpLhhsbQznEiE+iTuRL4N9GwWl61+7FAOJFWc8vo3V4fbpb8F+OfXbOV
c33TICnQNFxg7/gWgBqZ1BrJkZknxiKifYjeEdOpaUAsAPTCbA3x2L72NbmXca+F
BFMJYrH4d2k7HcUCOvIZgSmT90qQOxB08lrqcTMCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBQuF9TwaoO4cb9HfzBEMeekroKfGTAfBgNVHSMEGDAWgBTA6OVrGNRcZG8D
y2+QadoMizx0rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dPamxheGpVWEdSdkE4dHZrR25hRElzOGRLMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8x
L0xoZlU4R3FEdUhHX1IzOHdSREhucEs2Q254ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8xL3dPamxheGpVWEdS
dkE4dHZrR25hRElzOGRLMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwJAQCAAEwHgMEAi0PiAMEAlvMfAMEAqLVQAMEArkp
YAMEALmEWjAUBAIAAjAOAwUAKgFXoAMFAyoOPIAwDQYJKoZIhvcNAQELBQADggEB
AA3KPa1vvk7JDq4AEoliYZfkQjPPy9PiMgdmBU5OBH8yoqCfYaByF0F3KZRMKvVd
kP6+PSWQjdoGIrQ2GzfVr4sBbTkHSBORxiCIZ4mS6saFq5gLEIOHRJgRPpQPu7hf
huKQh+J2JrOrqEu4RpZj9ZACbRsr62kyKFwVK86opmOYKnsniDRRLAdYLXRCo8UF
Ak8RShJBwXCU1EhbtLQuRqiXbqJ1CZ5LkUFz/ESfbTf9zgVyHDoL78sL+bbJ6+BI
7gLTuEbrOiteMCsnTS4RuFUkPB7Om+4iOGxrrjyNiqUDxF3T9VeLEn9ywt15/73/
UtFj1L/DWIvNfXC1ur9mwmU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:01 2024 by rpki-client on console-ams.rpki-client.org