Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/lyw91QOUuDCJaE7mw0o5YA1fMKU.roa
File: lyw91QOUuDCJaE7mw0o5YA1fMKU.roa (raw, json)
Hash identifier: wAjTr6gDUaDdcYRTmdaNILBCsqzey/SRg58srRmGim0=
Subject key identifier: 97:2C:3D:D5:03:94:B8:30:89:68:4E:E6:C3:4A:39:60:0D:5F:30:A5
Certificate issuer: /CN=a79cf10c31f2edbb557d5540973c88079b33200f
Certificate serial: 0181EE0CE648CE8956E5368A82F021CDB344
Authority key identifier: A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/lyw91QOUuDCJaE7mw0o5YA1fMKU.roa
Signing time: Mon 11 Jul 2022 16:17:11 +0000
ROA not before: Mon 11 Jul 2022 16:17:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20565
IP address blocks: 185.113.48.0/22 maxlen: 22
45.153.204.0/22 maxlen: 22
45.81.208.0/22 maxlen: 22
185.241.0.0/22 maxlen: 22
2a06:6800::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:ee:0c:e6:48:ce:89:56:e5:36:8a:82:f0:21:cd:b3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a79cf10c31f2edbb557d5540973c88079b33200f
Validity
Not Before: Jul 11 16:17:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=972c3dd50394b83089684ee6c34a39600d5f30a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:df:fb:43:49:16:af:91:d9:d6:95:ab:90:61:
69:74:a3:4c:0a:46:f6:c0:2b:91:c0:87:08:05:57:
30:53:80:0b:8c:34:04:fa:b6:b1:37:00:4b:ab:68:
f3:62:ed:9b:2b:fa:30:ed:53:45:c3:c2:c3:0f:5e:
dd:15:e2:64:e3:e2:45:5a:aa:c5:b2:90:a4:29:9e:
2a:e5:4c:35:ce:dc:80:c3:9d:43:9d:83:ca:d2:cc:
da:3b:ef:57:2c:0a:71:22:13:74:68:3e:38:5b:65:
21:c3:0c:58:05:52:8c:3d:37:88:35:6e:f6:07:65:
57:fa:dd:e6:c2:7b:d5:b8:85:3a:8f:25:8b:e2:96:
73:f0:00:f6:14:3e:c2:6c:eb:50:70:7c:63:13:02:
3f:2c:ca:38:9b:3c:d5:67:d9:98:72:27:98:da:dc:
92:f1:16:af:8a:a6:37:06:b7:40:07:07:9e:96:01:
98:bd:f4:8f:4b:36:fa:51:a7:65:45:48:02:cc:0e:
5f:d4:c3:29:a1:03:b6:04:96:b2:32:6e:23:39:81:
7b:76:23:3f:91:e1:18:3d:74:12:95:95:14:9e:cc:
55:7a:95:b4:96:7b:cc:1c:94:9d:ce:45:46:45:ae:
78:90:2c:28:03:6f:85:d0:40:bb:dc:e3:15:ee:52:
dc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2C:3D:D5:03:94:B8:30:89:68:4E:E6:C3:4A:39:60:0D:5F:30:A5
X509v3 Authority Key Identifier:
keyid:A7:9C:F1:0C:31:F2:ED:BB:55:7D:55:40:97:3C:88:07:9B:33:20:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p5zxDDHy7btVfVVAlzyIB5szIA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/lyw91QOUuDCJaE7mw0o5YA1fMKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/269be9-93ff-4c12-91ba-1a9b1555136a/1/p5zxDDHy7btVfVVAlzyIB5szIA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.208.0/22
45.153.204.0/22
185.113.48.0/22
185.241.0.0/22
IPv6:
2a06:6800::/29
Signature Algorithm: sha256WithRSAEncryption
7a:ab:c0:9f:fb:68:e1:0e:7d:7e:66:56:35:96:9a:bd:46:2a:
63:5b:ae:1d:ae:cc:c1:40:50:a4:1b:da:76:7d:d7:d3:a4:c0:
8d:45:0a:7b:8c:7c:5e:8c:07:d5:ff:e7:84:40:19:4a:5f:07:
98:18:cb:b8:a0:e2:f7:90:56:a0:40:6b:c5:29:b9:a1:dc:aa:
45:2c:9e:e6:f8:6b:61:09:b0:0b:68:c3:76:8f:71:f6:a7:b4:
2c:4d:1f:70:09:0b:3f:14:9b:3d:68:11:7e:37:10:db:ba:76:
3a:26:33:b1:5d:32:54:f3:cf:f2:f4:21:ae:f3:bd:55:42:df:
3d:f2:74:ff:1f:3c:02:ca:c0:3d:e0:5f:5b:1f:99:f5:42:93:
ca:bd:bf:c0:da:c5:ce:80:80:41:25:11:c2:ee:0b:51:22:14:
be:d4:87:5a:84:c5:19:2d:f7:c3:97:6e:6f:66:62:0f:f5:58:
97:cd:ef:df:0c:52:ad:ca:fe:92:e2:4d:89:4e:55:47:db:48:
b6:e4:bb:cd:d0:06:8c:ad:b6:0c:02:af:e0:33:47:8b:b3:c0:
0b:aa:b4:08:e4:0c:6a:f1:73:27:cd:26:e6:15:79:16:28:e2:
52:77:ab:4f:3c:1f:1e:69:3b:bf:4a:8d:3b:b8:50:90:ef:30:
13:29:b5:eb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYHuDOZIzolW5TaKgvAhzbNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3OWNmMTBjMzFmMmVkYmI1NTdkNTU0MDk3M2M4ODA3OWIz
MzIwMGYwHhcNMjIwNzExMTYxNzExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJjM2RkNTAzOTRiODMwODk2ODRlZTZjMzRhMzk2MDBkNWYzMGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0N/7Q0kWr5HZ1pWrkGFpdKNMCkb2
wCuRwIcIBVcwU4ALjDQE+raxNwBLq2jzYu2bK/ow7VNFw8LDD17dFeJk4+JFWqrF
spCkKZ4q5Uw1ztyAw51DnYPK0szaO+9XLApxIhN0aD44W2UhwwxYBVKMPTeINW72
B2VX+t3mwnvVuIU6jyWL4pZz8AD2FD7CbOtQcHxjEwI/LMo4mzzVZ9mYcieY2tyS
8RaviqY3BrdABweelgGYvfSPSzb6UadlRUgCzA5f1MMpoQO2BJayMm4jOYF7diM/
keEYPXQSlZUUnsxVepW0lnvMHJSdzkVGRa54kCwoA2+F0EC73OMV7lLcHwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJcsPdUDlLgwiWhO5sNKOWANXzClMB8GA1UdIwQY
MBaAFKec8Qwx8u27VX1VQJc8iAebMyAPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEt
MWE5YjE1NTUxMzZhLzEvbHl3OTFRT1V1RENKYUU3bXcwbzVZQTFmTUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8yNjliZTktOTNmZi00YzEyLTkxYmEtMWE5YjE1NTUxMzZh
LzEvcDV6eERESHk3YnRWZlZWQWx6eUlCNXN6SUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLVHQAwQC
LZnMAwQCuXEwAwQCufEAMA0EAgACMAcDBQMqBmgAMA0GCSqGSIb3DQEBCwUAA4IB
AQB6q8Cf+2jhDn1+ZlY1lpq9RipjW64drszBQFCkG9p2fdfTpMCNRQp7jHxejAfV
/+eEQBlKXweYGMu4oOL3kFagQGvFKbmh3KpFLJ7m+GthCbALaMN2j3H2p7QsTR9w
CQs/FJs9aBF+NxDbunY6JjOxXTJU88/y9CGu871VQt898nT/HzwCysA94F9bH5n1
QpPKvb/A2sXOgIBBJRHC7gtRIhS+1IdahMUZLffDl25vZmIP9ViXze/fDFKtyv6S
4k2JTlVH20i25LvN0AaMrbYMAq/gM0eLs8ALqrQI5Axq8XMnzSbmFXkWKOJSd6tP
PB8eaTu/So07uFCQ7zATKbXr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:26:21 2024 by rpki-client on console-ams.rpki-client.org