Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dBZYYj5-q0HGikiNaRZTmFP2K6o.roa
File: dBZYYj5-q0HGikiNaRZTmFP2K6o.roa (raw, json)
Hash identifier: p5rpJQg0G0UjNXU1RuiwzuIuM+MePDocCNOtR5RNieg=
Subject key identifier: 74:16:58:62:3E:7E:AB:41:C6:8A:48:8D:69:16:53:98:53:F6:2B:AA
Certificate issuer: /CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Certificate serial: 01833ADCC997F31AAB86B46EFCD39E7ABCFF
Authority key identifier: 2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dBZYYj5-q0HGikiNaRZTmFP2K6o.roa
Signing time: Wed 14 Sep 2022 07:18:11 +0000
ROA not before: Wed 14 Sep 2022 07:18:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 37.19.64.0/22 maxlen: 24
185.145.52.0/24 maxlen: 24
5.249.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3a:dc:c9:97:f3:1a:ab:86:b4:6e:fc:d3:9e:7a:bc:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e82963ff1aa70ab10d1d33e86b1d6d494d6ce51
Validity
Not Before: Sep 14 07:18:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=741658623e7eab41c68a488d6916539853f62baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:30:c0:8c:c7:a9:32:18:31:ab:c5:69:7a:91:
31:5b:70:e2:cc:5d:3b:0e:d8:dd:c5:fa:3c:8f:9b:
79:1b:02:1f:2e:36:b5:81:a7:93:dd:0f:da:d4:ed:
0b:46:08:0e:a7:52:28:2b:1a:6e:c9:86:9a:7a:c9:
00:c5:2e:58:51:e1:67:d1:65:33:e1:b2:09:25:d0:
92:82:66:6b:41:14:11:1a:0b:a3:ec:ae:36:11:c5:
e9:3d:4e:b0:1d:68:bb:86:ee:0b:72:2e:c6:06:54:
c6:89:51:37:48:dd:04:9f:69:41:4c:b3:4e:97:cf:
19:e5:fd:45:4a:15:79:a2:05:0a:1e:ee:cd:cf:0f:
03:9c:5f:48:d1:72:03:f3:03:82:32:7a:70:a0:37:
82:71:f9:dd:9e:eb:82:13:f4:21:0c:c5:38:44:73:
6f:09:37:d8:05:b3:e6:2a:72:c8:68:36:5b:10:67:
7a:cf:a0:d0:5c:d7:ae:c8:74:28:14:d5:92:a0:1f:
df:c6:66:c5:de:2c:fb:07:50:48:87:01:fc:3b:ea:
bf:7a:7d:bb:8f:20:4d:24:bd:6c:a7:76:fc:ec:17:
f4:b9:78:d9:6d:db:88:84:b4:3e:35:bb:63:9e:d5:
23:46:73:3d:60:29:f4:92:6e:14:d3:e1:2d:49:6c:
5c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:16:58:62:3E:7E:AB:41:C6:8A:48:8D:69:16:53:98:53:F6:2B:AA
X509v3 Authority Key Identifier:
keyid:2E:82:96:3F:F1:AA:70:AB:10:D1:D3:3E:86:B1:D6:D4:94:D6:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/dBZYYj5-q0HGikiNaRZTmFP2K6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/957c68-6f27-40ed-abed-df64f0e82360/1/LoKWP_GqcKsQ0dM-hrHW1JTWzlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.176.0/22
37.19.64.0/22
185.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:03:9f:82:83:70:f7:29:2e:f2:90:6e:28:f4:d6:61:ea:6b:
4e:38:37:87:22:b8:06:cb:1f:0b:43:7d:80:84:fe:12:a6:97:
58:6b:fb:2e:a2:7f:02:f4:25:14:4d:06:e6:ba:12:aa:7d:89:
2a:f3:f6:77:37:25:e3:af:66:4f:b1:6c:de:7e:0b:9b:bc:a9:
9b:4a:f7:24:5b:49:0e:5b:f5:00:2a:d4:e5:6d:c7:0e:f7:01:
ec:c6:88:9f:1d:4f:44:c5:ed:3d:c8:d6:f5:80:f9:dc:6f:21:
2d:c5:b6:31:62:37:67:88:99:85:6c:96:3d:c9:bd:66:8b:86:
3f:6e:37:38:b5:c1:df:fd:8b:eb:de:d4:59:67:24:14:40:3d:
fa:05:9c:5d:b3:57:f1:38:ed:c4:49:e5:33:1d:0c:00:98:33:
f7:ba:6f:4d:1f:6b:ea:7d:f5:91:9e:04:d5:83:89:57:29:35:
35:81:5d:bf:43:3e:2e:54:8d:a1:40:68:7e:5b:a8:d3:d9:50:
be:ec:1a:57:27:b6:e2:68:d5:74:fb:b2:fb:dc:e9:20:b9:d4:
92:50:be:e4:ba:81:cf:e5:7c:c5:12:6f:86:e7:8f:33:8f:59:
31:8a:1a:c2:dd:61:83:bc:31:ed:77:ad:bc:d4:fe:d8:0c:68:
f1:9c:63:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYM63MmX8xqrhrRu/NOeerz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlODI5NjNmZjFhYTcwYWIxMGQxZDMzZTg2YjFkNmQ0OTRk
NmNlNTEwHhcNMjIwOTE0MDcxODExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE2NTg2MjNlN2VhYjQxYzY4YTQ4OGQ2OTE2NTM5ODUzZjYyYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTDAjMepMhgxq8VpepExW3DizF07
Dtjdxfo8j5t5GwIfLja1gaeT3Q/a1O0LRggOp1IoKxpuyYaaeskAxS5YUeFn0WUz
4bIJJdCSgmZrQRQRGguj7K42EcXpPU6wHWi7hu4Lci7GBlTGiVE3SN0En2lBTLNO
l88Z5f1FShV5ogUKHu7Nzw8DnF9I0XID8wOCMnpwoDeCcfndnuuCE/QhDMU4RHNv
CTfYBbPmKnLIaDZbEGd6z6DQXNeuyHQoFNWSoB/fxmbF3iz7B1BIhwH8O+q/en27
jyBNJL1sp3b87Bf0uXjZbduIhLQ+NbtjntUjRnM9YCn0km4U0+EtSWxcNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHQWWGI+fqtBxopIjWkWU5hT9iuqMB8GA1UdIwQY
MBaAFC6Clj/xqnCrENHTPoax1tSU1s5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQt
ZGY2NGYwZTgyMzYwLzEvZEJaWVlqNS1xMEhHaWtpTmFSWlRtRlAySzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi85NTdjNjgtNmYyNy00MGVkLWFiZWQtZGY2NGYwZTgyMzYw
LzEvTG9LV1BfR3FjS3NRMGRNLWhySFcxSlRXemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCBfmwAwQC
JRNAAwQAuZE0MA0GCSqGSIb3DQEBCwUAA4IBAQDDA5+Cg3D3KS7ykG4o9NZh6mtO
ODeHIrgGyx8LQ32AhP4SppdYa/suon8C9CUUTQbmuhKqfYkq8/Z3NyXjr2ZPsWze
fgubvKmbSvckW0kOW/UAKtTlbccO9wHsxoifHU9Exe09yNb1gPncbyEtxbYxYjdn
iJmFbJY9yb1mi4Y/bjc4tcHf/Yvr3tRZZyQUQD36BZxds1fxOO3ESeUzHQwAmDP3
um9NH2vqffWRngTVg4lXKTU1gV2/Qz4uVI2hQGh+W6jT2VC+7BpXJ7biaNV0+7L7
3OkgudSSUL7kuoHP5XzFEm+G548zj1kxihrC3WGDvDHtd6281P7YDGjxnGPh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:05 2024 by rpki-client on console-fra.rpki-client.org