Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/lJbRnzTP7sFXc8Cbnc-QHpdVbWo.roa
File: lJbRnzTP7sFXc8Cbnc-QHpdVbWo.roa (raw, json)
Hash identifier: EOBv+7nXdoZySjptrN2363IbzoOsL4d+qaBNpnggrz0=
Subject key identifier: 94:96:D1:9F:34:CF:EE:C1:57:73:C0:9B:9D:CF:90:1E:97:55:6D:6A
Certificate issuer: /CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84
Certificate serial: 018476EA68056EDB27E100C925BCDBCC8B87
Authority key identifier: F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/lJbRnzTP7sFXc8Cbnc-QHpdVbWo.roa
Signing time: Mon 14 Nov 2022 16:13:04 +0000
ROA not before: Mon 14 Nov 2022 16:13:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197395
IP address blocks: 45.10.132.0/22 maxlen: 22
46.243.96.0/21 maxlen: 21
185.119.188.0/22 maxlen: 22
2a04:e580::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:ea:68:05:6e:db:27:e1:00:c9:25:bc:db:cc:8b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f2e3ab6b3118e0bde0e6488e6bed6c96941e0e84
Validity
Not Before: Nov 14 16:13:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9496d19f34cfeec15773c09b9dcf901e97556d6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:3c:cd:d7:2f:4f:6a:a4:4d:93:4d:c9:3d:95:
9f:af:75:27:86:49:da:8c:41:16:db:0d:aa:64:30:
dc:b2:f3:ac:5c:dd:ee:6f:92:25:2f:4e:17:aa:ef:
96:44:74:23:b3:79:4f:be:db:5a:1e:a4:02:53:8d:
a0:7c:83:ac:e3:02:1b:c7:68:d7:2f:fc:29:0a:3d:
9b:6c:e5:1d:c2:7c:b3:76:1c:9f:d9:fc:53:c5:5e:
14:bb:44:32:a5:72:dc:4c:3b:46:a1:a9:b4:bb:96:
66:01:d8:13:5f:de:a7:57:7f:ab:25:19:9c:b1:0d:
13:3a:3d:a5:22:e2:46:26:c9:26:07:38:7a:85:31:
80:e3:3b:ee:f5:c1:60:b5:5a:0c:e7:04:93:72:db:
91:d3:27:f9:d3:ca:3d:3e:98:02:81:e9:7c:26:10:
7e:da:8d:94:90:1f:0b:a6:e7:e6:1a:2e:54:65:3c:
b6:1b:f1:b1:59:a5:4a:2d:a2:70:c4:66:3b:cf:c3:
de:26:97:69:9d:7b:7a:4e:cb:69:7f:a7:cc:62:57:
33:32:ce:c0:65:6e:eb:0f:80:4b:df:28:b5:64:7e:
25:bb:7c:0a:67:06:30:4d:2e:36:33:84:cc:53:0a:
32:cd:88:ba:ed:23:d3:12:d9:0b:4d:31:db:15:99:
0f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:96:D1:9F:34:CF:EE:C1:57:73:C0:9B:9D:CF:90:1E:97:55:6D:6A
X509v3 Authority Key Identifier:
keyid:F2:E3:AB:6B:31:18:E0:BD:E0:E6:48:8E:6B:ED:6C:96:94:1E:0E:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8uOrazEY4L3g5kiOa-1slpQeDoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/lJbRnzTP7sFXc8Cbnc-QHpdVbWo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/36c4a3-6e1d-4614-8f90-83b03870094d/1/8uOrazEY4L3g5kiOa-1slpQeDoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.132.0/22
46.243.96.0/21
185.119.188.0/22
IPv6:
2a04:e580::/29
Signature Algorithm: sha256WithRSAEncryption
96:9d:15:b8:e8:c3:8a:ae:96:1f:e8:51:86:f4:1f:c4:b5:77:
f4:13:ab:66:7d:f5:b8:64:27:e7:89:a4:43:eb:ea:5a:b8:5c:
6b:e4:ce:8a:6d:d9:52:75:57:ba:99:e9:47:37:ab:2b:0f:d4:
6f:ed:6b:0b:2b:01:79:ce:22:31:06:6b:7e:0f:09:ca:f3:5b:
4d:17:02:96:24:c2:3b:0d:e1:db:ff:7a:7b:dd:9f:3e:14:d7:
b4:09:70:ed:68:4e:1d:07:71:92:ee:f4:27:8e:0f:f8:5e:e0:
af:b4:b1:26:35:a9:14:a8:30:f8:05:bf:65:49:e5:6a:fc:95:
44:af:46:05:7d:25:8d:8c:cc:f2:fc:55:52:31:ea:de:53:3e:
6e:d4:b1:64:a2:f4:8e:cc:74:a9:6a:16:d6:dd:fb:d2:a5:a3:
73:60:54:0f:b5:42:aa:0a:ac:a4:0c:70:b2:cf:c9:cc:02:ab:
da:c0:64:80:8a:84:10:92:1c:2e:1d:29:31:59:28:1c:8f:6b:
2e:91:69:83:48:f4:02:2e:d9:27:59:4c:bc:85:3c:f2:95:7f:
7e:7d:1c:c7:c4:f3:22:44:03:f2:85:30:c2:8f:d1:58:29:9f:
da:4f:87:ed:8e:3c:1f:df:8a:96:51:12:f9:c5:ac:3c:39:5c:
7a:f0:e3:17
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYR26mgFbtsn4QDJJbzbzIuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyZTNhYjZiMzExOGUwYmRlMGU2NDg4ZTZiZWQ2Yzk2OTQx
ZTBlODQwHhcNMjIxMTE0MTYxMzA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDk2ZDE5ZjM0Y2ZlZWMxNTc3M2MwOWI5ZGNmOTAxZTk3NTU2ZDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2DzN1y9PaqRNk03JPZWfr3Unhkna
jEEW2w2qZDDcsvOsXN3ub5IlL04Xqu+WRHQjs3lPvttaHqQCU42gfIOs4wIbx2jX
L/wpCj2bbOUdwnyzdhyf2fxTxV4Uu0QypXLcTDtGoam0u5ZmAdgTX96nV3+rJRmc
sQ0TOj2lIuJGJskmBzh6hTGA4zvu9cFgtVoM5wSTctuR0yf508o9PpgCgel8JhB+
2o2UkB8LpufmGi5UZTy2G/GxWaVKLaJwxGY7z8PeJpdpnXt6Tstpf6fMYlczMs7A
ZW7rD4BL3yi1ZH4lu3wKZwYwTS42M4TMUwoyzYi67SPTEtkLTTHbFZkPKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJSW0Z80z+7BV3PAm53PkB6XVW1qMB8GA1UdIwQY
MBaAFPLjq2sxGOC94OZIjmvtbJaUHg6EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAt
ODNiMDM4NzAwOTRkLzEvbEpiUm56VFA3c0ZYYzhDYm5jLVFIcGRWYldvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8zNmM0YTMtNmUxZC00NjE0LThmOTAtODNiMDM4NzAwOTRk
LzEvOHVPcmF6RVk0TDNnNWtpT2EtMXNscFFlRG9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLQqEAwQD
LvNgAwQCuXe8MA0EAgACMAcDBQMqBOWAMA0GCSqGSIb3DQEBCwUAA4IBAQCWnRW4
6MOKrpYf6FGG9B/EtXf0E6tmffW4ZCfniaRD6+pauFxr5M6KbdlSdVe6melHN6sr
D9Rv7WsLKwF5ziIxBmt+DwnK81tNFwKWJMI7DeHb/3p73Z8+FNe0CXDtaE4dB3GS
7vQnjg/4XuCvtLEmNakUqDD4Bb9lSeVq/JVEr0YFfSWNjMzy/FVSMereUz5u1LFk
ovSOzHSpahbW3fvSpaNzYFQPtUKqCqykDHCyz8nMAqvawGSAioQQkhwuHSkxWSgc
j2sukWmDSPQCLtknWUy8hTzylX9+fRzHxPMiRAPyhTDCj9FYKZ/aT4ftjjwf34qW
URL5xaw8OVx68OMX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:28 2023 by rpki-client on console-ams.rpki-client.org