Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/lHrnp5hgCfAF3S28_Zdcw1hCvto.roa
File: lHrnp5hgCfAF3S28_Zdcw1hCvto.roa (raw, json)
Hash identifier: Bw02CR1R+ec61z7+sZG2F1AZUH6M77C27KnkhgwQyhA=
Subject key identifier: 94:7A:E7:A7:98:60:09:F0:05:DD:2D:BC:FD:97:5C:C3:58:42:BE:DA
Certificate issuer: /CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Certificate serial: 05B09CC7
Authority key identifier: C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/lHrnp5hgCfAF3S28_Zdcw1hCvto.roa
Signing time: Sat 01 Jan 2022 03:54:37 +0000
ROA not before: Sat 01 Jan 2022 03:54:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208909
IP address blocks: 91.204.124.0/22 maxlen: 22
45.15.137.0/24 maxlen: 24
45.15.139.0/24 maxlen: 24
45.15.136.0/24 maxlen: 24
45.15.138.0/24 maxlen: 24
185.41.98.0/24 maxlen: 24
185.41.97.0/24 maxlen: 24
185.41.96.0/24 maxlen: 24
185.41.99.0/24 maxlen: 24
2a01:57a0::/32 maxlen: 32
2a0e:3c80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95460551 (0x5b09cc7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0e8e56b18d45c646f03cb6f9069da0c8b3c74ad
Validity
Not Before: Jan 1 03:54:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=947ae7a7986009f005dd2dbcfd975cc35842beda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8d:d7:cd:e5:91:cf:4b:fb:00:ad:de:3d:d4:
6c:62:c2:d0:6c:98:86:60:75:ae:92:d2:62:01:5d:
35:e5:29:c1:e3:c1:e3:38:b0:c6:c5:cf:73:dc:f3:
97:de:59:5d:f6:d9:f5:4e:53:44:b5:05:21:7e:13:
d7:9c:dc:3c:20:db:d2:e0:2e:0c:ef:95:c9:ac:6b:
ce:96:67:92:e0:75:93:7a:c4:69:b7:d9:b8:db:86:
06:01:42:54:a2:b1:fa:89:e2:e3:38:99:32:d3:b1:
6d:a5:84:36:6f:85:bd:45:0e:0c:6c:d5:8e:37:78:
ec:9c:f1:75:de:7f:7d:f3:84:f8:7b:08:06:71:e9:
47:cd:8b:8f:cc:60:c9:11:fc:5c:6d:99:57:40:50:
ff:e7:85:11:95:7d:20:1a:6a:dc:0d:ae:4f:0a:a6:
dd:81:92:d6:94:30:27:11:b4:b8:bc:6e:3e:4f:94:
a4:2d:e5:71:5c:aa:4d:1a:60:6f:6d:d4:16:0c:dc:
3e:6f:fc:ef:6e:0d:fa:1d:5a:f2:ea:ec:9a:82:40:
9f:6a:4e:39:8a:1c:39:73:14:64:e1:9f:a8:d0:f9:
97:d8:74:77:17:58:0c:8b:a7:2d:87:5f:3d:8d:99:
c1:8f:08:e4:47:14:f7:37:3a:5d:11:4b:81:8d:9b:
3a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:7A:E7:A7:98:60:09:F0:05:DD:2D:BC:FD:97:5C:C3:58:42:BE:DA
X509v3 Authority Key Identifier:
keyid:C0:E8:E5:6B:18:D4:5C:64:6F:03:CB:6F:90:69:DA:0C:8B:3C:74:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wOjlaxjUXGRvA8tvkGnaDIs8dK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/lHrnp5hgCfAF3S28_Zdcw1hCvto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/2abea2-30d0-4654-a834-745bce3060c9/1/wOjlaxjUXGRvA8tvkGnaDIs8dK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.136.0/22
91.204.124.0/22
185.41.96.0/22
IPv6:
2a01:57a0::/32
2a0e:3c80::/29
Signature Algorithm: sha256WithRSAEncryption
4a:b5:e0:ed:a9:66:40:c4:47:24:40:4c:3f:ab:af:b8:f2:09:
a4:d5:ee:c5:79:72:3a:9d:93:47:16:14:03:23:3d:19:3d:e9:
7e:a2:f2:bc:93:f5:46:04:df:cc:77:47:9d:85:60:66:0d:39:
c1:04:9b:d2:9d:68:47:1c:16:09:65:75:9b:26:42:64:35:57:
3c:10:1f:c5:fc:a6:a4:b6:54:1e:fb:7b:59:07:e8:07:ec:82:
cc:be:e0:17:2e:59:85:f1:08:af:9a:17:a0:72:e0:1c:a5:c6:
4a:56:b2:19:ed:19:ac:93:c6:1d:86:52:97:07:e5:1d:55:e6:
c7:c6:3c:fe:44:19:05:20:60:56:9c:40:09:f2:e5:e6:4d:c4:
71:0e:82:28:37:ef:04:b6:42:b6:65:37:e9:de:0d:84:0e:28:
03:e1:5f:52:e7:46:01:e5:e7:84:82:6c:da:df:69:28:ac:1e:
75:6e:5e:95:48:02:9b:f7:e5:d4:cb:84:45:01:2e:d3:14:5e:
38:8f:0c:68:5b:b0:24:41:36:04:ac:4e:fa:f0:42:da:4e:ec:
10:1a:d2:e4:13:b1:6d:c9:2a:4f:c3:f5:11:29:bb:f9:e0:46:
3e:6f:4d:37:c0:5d:b8:c1:28:f8:c2:da:08:06:48:60:5f:f4:
e7:05:f0:72
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBbCcxzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MGU4ZTU2YjE4ZDQ1YzY0NmYwM2NiNmY5MDY5ZGEwYzhiM2M3NGFkMB4XDTIyMDEw
MTAzNTQzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQ3YWU3YTc5ODYw
MDlmMDA1ZGQyZGJjZmQ5NzVjYzM1ODQyYmVkYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+N183lkc9L+wCt3j3UbGLC0GyYhmB1rpLSYgFdNeUpwePB
4ziwxsXPc9zzl95ZXfbZ9U5TRLUFIX4T15zcPCDb0uAuDO+VyaxrzpZnkuB1k3rE
abfZuNuGBgFCVKKx+oni4ziZMtOxbaWENm+FvUUODGzVjjd47Jzxdd5/ffOE+HsI
BnHpR82Lj8xgyRH8XG2ZV0BQ/+eFEZV9IBpq3A2uTwqm3YGS1pQwJxG0uLxuPk+U
pC3lcVyqTRpgb23UFgzcPm/8724N+h1a8ursmoJAn2pOOYocOXMUZOGfqND5l9h0
dxdYDIunLYdfPY2ZwY8I5EcU9zc6XRFLgY2bOosCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBSUeuenmGAJ8AXdLbz9l1zDWEK+2jAfBgNVHSMEGDAWgBTA6OVrGNRcZG8D
y2+QadoMizx0rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dPamxheGpVWEdSdkE4dHZrR25hRElzOGRLMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvMmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8x
L2xIcm5wNWhnQ2ZBRjNTMjhfWmRjdzFoQ3Z0by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
MmFiZWEyLTMwZDAtNDY1NC1hODM0LTc0NWJjZTMwNjBjOS8xL3dPamxheGpVWEdS
dkE4dHZrR25hRElzOGRLMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi0PiAMEAlvMfAMEArkpYDAUBAIA
AjAOAwUAKgFXoAMFAyoOPIAwDQYJKoZIhvcNAQELBQADggEBAEq14O2pZkDERyRA
TD+rr7jyCaTV7sV5cjqdk0cWFAMjPRk96X6i8ryT9UYE38x3R52FYGYNOcEEm9Kd
aEccFglldZsmQmQ1VzwQH8X8pqS2VB77e1kH6Afsgsy+4BcuWYXxCK+aF6By4Byl
xkpWshntGayTxh2GUpcH5R1V5sfGPP5EGQUgYFacQAny5eZNxHEOgig37wS2QrZl
N+neDYQOKAPhX1LnRgHl54SCbNrfaSisHnVuXpVIApv35dTLhEUBLtMUXjiPDGhb
sCRBNgSsTvrwQtpO7BAa0uQTsW3JKk/D9REpu/ngRj5vTTfAXbjBKPjC2ggGSGBf
9OcF8HI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:47 2024 by rpki-client on console-fra.rpki-client.org