Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lQVmkS4D0Fq6-oE7s4A2MAbAjHY.roa
File: lQVmkS4D0Fq6-oE7s4A2MAbAjHY.roa (raw, json)
Hash identifier: ReY0khxTo1SP5kLskctUAe0/0Vu3+cb3QEvl4DADuRU=
Subject key identifier: 95:05:66:91:2E:03:D0:5A:BA:FA:81:3B:B3:80:36:30:06:C0:8C:76
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 01853485EF471BC583B6DC32602C648BA760
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lQVmkS4D0Fq6-oE7s4A2MAbAjHY.roa
Signing time: Wed 21 Dec 2022 11:51:10 +0000
ROA not before: Wed 21 Dec 2022 11:51:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15440
IP address blocks: 195.14.160.0/19 maxlen: 19
185.65.48.0/24 maxlen: 24
185.216.209.0/24 maxlen: 24
217.117.16.0/20 maxlen: 20
77.241.192.0/20 maxlen: 20
79.142.112.0/20 maxlen: 20
185.11.26.0/24 maxlen: 24
45.82.32.0/22 maxlen: 24
5.133.66.0/24 maxlen: 24
5.133.65.0/24 maxlen: 24
92.62.139.0/24 maxlen: 24
92.62.138.0/24 maxlen: 24
92.62.137.0/24 maxlen: 24
92.62.136.0/24 maxlen: 24
92.62.135.0/24 maxlen: 24
92.62.143.0/24 maxlen: 24
92.62.142.0/24 maxlen: 24
92.62.141.0/24 maxlen: 24
92.62.140.0/24 maxlen: 24
89.249.80.0/20 maxlen: 20
92.62.132.0/23 maxlen: 23
92.62.131.0/24 maxlen: 24
92.62.130.0/24 maxlen: 24
92.62.128.0/20 maxlen: 20
92.62.129.0/24 maxlen: 24
92.62.128.0/24 maxlen: 24
45.95.35.0/24 maxlen: 24
213.197.128.0/18 maxlen: 18
2a0d:5000:2::/48 maxlen: 48
2001:1ab8::/32 maxlen: 32
2001:1ab9::/32 maxlen: 32
2001:1ab8::/31 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:85:ef:47:1b:c5:83:b6:dc:32:60:2c:64:8b:a7:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Dec 21 11:51:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=950566912e03d05abafa813bb380363006c08c76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:45:f4:58:89:98:4d:81:09:20:47:4e:53:c7:
06:9d:e4:e9:02:66:d4:8e:a2:8a:a9:21:5d:94:54:
5f:d6:4f:cf:ed:ff:72:c9:ba:e5:ff:83:93:c1:5f:
bf:cb:9e:b1:6d:f5:12:7d:65:89:1b:54:72:41:85:
d7:97:68:06:da:60:76:08:fb:07:33:40:23:c0:34:
a7:00:2c:92:94:99:f5:f5:c0:f1:d4:5e:79:e5:d3:
a7:06:ef:68:c5:49:12:a3:b9:b2:66:97:7a:bd:76:
41:60:bd:77:06:72:52:cb:7c:b9:f7:b9:62:9c:e6:
8c:dd:79:5b:45:c9:be:9d:2b:6a:a8:98:f7:3d:1e:
7e:a6:b4:dc:c0:fc:2f:90:74:6f:41:ae:e0:35:40:
6a:96:10:bc:ee:a9:30:56:1e:75:52:ed:d7:7c:b2:
b8:30:df:43:02:29:75:d1:e0:53:39:cf:22:35:11:
0c:c9:60:59:51:b5:b2:5c:8b:7b:93:26:ae:f4:32:
10:cd:ed:1b:d6:a8:62:63:7d:9e:b9:83:19:32:f3:
dd:7f:b2:69:c7:f2:67:07:13:5c:80:75:a9:07:9a:
4e:36:f2:7a:20:fd:93:ba:29:7c:32:86:6a:c0:5a:
1b:7c:db:b2:62:22:e5:3f:2d:b8:c4:b7:2d:e3:8f:
c5:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:05:66:91:2E:03:D0:5A:BA:FA:81:3B:B3:80:36:30:06:C0:8C:76
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/lQVmkS4D0Fq6-oE7s4A2MAbAjHY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.65.0-5.133.66.255
45.82.32.0/22
45.95.35.0/24
77.241.192.0/20
79.142.112.0/20
89.249.80.0/20
92.62.128.0/20
185.11.26.0/24
185.65.48.0/24
185.216.209.0/24
195.14.160.0/19
213.197.128.0/18
217.117.16.0/20
IPv6:
2001:1ab8::/31
2a0d:5000:2::/48
Signature Algorithm: sha256WithRSAEncryption
63:d3:61:41:58:db:04:75:43:d7:fc:15:1c:05:ec:05:ab:6e:
12:5d:5c:d9:47:b7:d4:d9:f1:06:eb:94:d4:e3:36:7f:76:a6:
bb:0c:19:ad:c8:00:1e:06:52:64:4d:77:10:08:f3:b5:f7:9d:
cb:e3:27:e2:f8:93:4e:d1:b8:77:76:0f:74:79:96:42:b4:eb:
5e:7a:93:6b:99:7a:e4:68:b4:b6:de:58:79:9e:08:6a:6f:c4:
45:24:97:bd:9a:3f:c2:9e:d0:ca:62:4f:33:8e:3c:f1:14:d2:
25:01:1c:d7:07:61:bd:1e:3c:7e:b9:3d:10:86:fa:8e:32:8f:
57:c2:68:16:47:14:07:18:8c:58:02:f6:92:88:ff:b9:36:34:
2b:2d:d1:30:54:21:08:9a:f1:17:36:9a:56:11:e0:c1:1a:75:
5e:24:b7:ca:bb:be:1b:90:ff:a0:0a:8d:94:d7:97:81:92:c7:
53:8c:35:35:91:47:95:8d:f0:06:16:19:a0:79:3d:96:dd:dd:
7b:f1:40:83:98:e4:ba:2a:bc:39:45:01:53:66:b9:65:14:cb:
b6:4d:9c:6a:9b:74:4b:89:c3:c2:a3:b2:5c:3f:26:b2:f2:75:
44:bb:39:fa:51:4f:74:0a:95:b2:7a:47:9a:da:3e:44:a7:36:
b6:66:09:28
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYU0he9HG8WDttwyYCxki6dgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyNTRhOWYzYTI2NjUxM2RkYzY5MzVkOGJlMDIyZTdlNTIz
MGVhMTAwHhcNMjIxMjIxMTE1MTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTA1NjY5MTJlMDNkMDVhYmFmYTgxM2JiMzgwMzYzMDA2YzA4Yzc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUX0WImYTYEJIEdOU8cGneTpAmbU
jqKKqSFdlFRf1k/P7f9yybrl/4OTwV+/y56xbfUSfWWJG1RyQYXXl2gG2mB2CPsH
M0AjwDSnACySlJn19cDx1F555dOnBu9oxUkSo7myZpd6vXZBYL13BnJSy3y597li
nOaM3XlbRcm+nStqqJj3PR5+prTcwPwvkHRvQa7gNUBqlhC87qkwVh51Uu3XfLK4
MN9DAil10eBTOc8iNREMyWBZUbWyXIt7kyau9DIQze0b1qhiY32euYMZMvPdf7Jp
x/JnBxNcgHWpB5pONvJ6IP2Tuil8MoZqwFobfNuyYiLlPy24xLct44/FiQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFJUFZpEuA9BauvqBO7OANjAGwIx2MB8GA1UdIwQY
MBaAFKJUqfOiZlE93Gk12L4CLn5SMOoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTkt
YWRkZjBlMTg0OWViLzEvbFFWbWtTNEQwRnE2LW9FN3M0QTJNQWJBakhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iNjAzNzMtODE4ZS00MGE5LTkzMTktYWRkZjBlMTg0OWVi
LzEvb2xTcDg2Sm1VVDNjYVRYWXZnSXVmbEl3NmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXAQCAAEwVjAMAwQABYVB
AwQABYVCAwQCLVIgAwQALV8jAwQETfHAAwQET45wAwQEWflQAwQEXD6AAwQAuQsa
AwQAuUEwAwQAudjRAwQFww6gAwQG1cWAAwQE2XUQMBYEAgACMBADBQEgARq4AwcA
Kg1QAAACMA0GCSqGSIb3DQEBCwUAA4IBAQBj02FBWNsEdUPX/BUcBewFq24SXVzZ
R7fU2fEG65TU4zZ/dqa7DBmtyAAeBlJkTXcQCPO1953L4yfi+JNO0bh3dg90eZZC
tOteepNrmXrkaLS23lh5nghqb8RFJJe9mj/CntDKYk8zjjzxFNIlARzXB2G9Hjx+
uT0QhvqOMo9XwmgWRxQHGIxYAvaSiP+5NjQrLdEwVCEImvEXNppWEeDBGnVeJLfK
u74bkP+gCo2U15eBksdTjDU1kUeVjfAGFhmgeT2W3d178UCDmOS6Krw5RQFTZrll
FMu2TZxqm3RLicPCo7JcPyay8nVEuzn6UU90CpWyekea2j5Epza2Zgko
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org