Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/LZ-i_wMg1E8SXHNg0uXzMF9qHQs.roa
File: LZ-i_wMg1E8SXHNg0uXzMF9qHQs.roa (raw, json)
Hash identifier: PNKrnZhsXt2nY4NSvIEgGvz6K5uDLlD8NBgVT6epohM=
Subject key identifier: 2D:9F:A2:FF:03:20:D4:4F:12:5C:73:60:D2:E5:F3:30:5F:6A:1D:0B
Certificate issuer: /CN=425bf4375f17a0357019690301f9419324ff7d44
Certificate serial: 05BBE24F
Authority key identifier: 42:5B:F4:37:5F:17:A0:35:70:19:69:03:01:F9:41:93:24:FF:7D:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qlv0N18XoDVwGWkDAflBkyT_fUQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/LZ-i_wMg1E8SXHNg0uXzMF9qHQs.roa
Signing time: Sat 01 Jan 2022 11:59:03 +0000
ROA not before: Sat 01 Jan 2022 11:59:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35435
IP address blocks: 185.6.64.0/24 maxlen: 24
185.6.66.0/24 maxlen: 24
185.6.67.0/24 maxlen: 24
185.183.132.0/24 maxlen: 24
185.183.134.0/24 maxlen: 24
185.183.135.0/24 maxlen: 24
185.183.133.0/24 maxlen: 24
185.169.201.0/24 maxlen: 24
185.169.202.0/24 maxlen: 24
185.169.200.0/24 maxlen: 24
185.164.192.0/24 maxlen: 24
185.169.203.0/24 maxlen: 24
185.164.195.0/24 maxlen: 24
185.164.193.0/24 maxlen: 24
185.164.194.0/24 maxlen: 24
2a02:cf80:3::/48 maxlen: 48
2a02:cf80:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 96199247 (0x5bbe24f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=425bf4375f17a0357019690301f9419324ff7d44
Validity
Not Before: Jan 1 11:59:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d9fa2ff0320d44f125c7360d2e5f3305f6a1d0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a5:a8:78:93:d6:5f:74:66:b3:e7:89:40:53:
9b:06:18:db:12:3d:77:21:d2:3a:83:00:45:57:bf:
8c:40:cd:b8:de:f8:87:84:4b:8d:a6:22:ed:ca:77:
7d:f9:1a:0b:76:d4:b0:cd:9a:95:0e:74:69:96:33:
39:0a:7b:43:0f:e4:04:c2:36:36:c8:55:45:0a:48:
fb:fc:ca:ea:4a:42:1f:91:dc:36:21:78:1f:07:3d:
88:13:8e:7f:20:8a:6b:8e:da:72:e4:d1:1c:15:fc:
28:cb:1a:17:68:53:7a:29:8b:70:32:c4:bd:5c:fb:
83:de:4a:13:8c:a7:d5:23:ed:7b:1f:43:bb:7d:f8:
d1:1c:24:7e:8e:ce:ed:ed:03:3c:3d:42:21:93:25:
af:05:29:7a:9f:33:f3:93:e3:45:ef:8d:4f:82:0a:
85:f0:91:40:98:2f:9f:c9:43:13:c7:11:5e:61:0c:
25:ea:94:51:9d:27:40:bd:42:ae:31:34:0e:80:db:
d6:67:17:db:f4:16:c4:6c:7f:5b:b7:5d:58:99:58:
3a:c5:34:cd:c0:39:47:bc:16:2b:15:0d:47:1e:57:
43:eb:93:9e:f1:d9:e4:a0:fb:48:7f:80:8d:00:6d:
f0:b2:d9:79:59:ff:ff:52:a1:e2:34:68:04:3c:ea:
db:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9F:A2:FF:03:20:D4:4F:12:5C:73:60:D2:E5:F3:30:5F:6A:1D:0B
X509v3 Authority Key Identifier:
keyid:42:5B:F4:37:5F:17:A0:35:70:19:69:03:01:F9:41:93:24:FF:7D:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qlv0N18XoDVwGWkDAflBkyT_fUQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/LZ-i_wMg1E8SXHNg0uXzMF9qHQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f28a75-d53f-4e9f-82dd-f0ed8fe82b97/1/Qlv0N18XoDVwGWkDAflBkyT_fUQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.6.64.0/24
185.6.66.0/23
185.164.192.0/22
185.169.200.0/22
185.183.132.0/22
IPv6:
2a02:cf80:3::-2a02:cf80:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5d:d9:4b:19:b1:a9:01:c1:bc:34:10:98:28:5a:b6:ff:0f:26:
71:85:6f:73:dd:2d:ff:77:37:34:d9:61:08:3d:f5:06:61:36:
31:38:21:0b:06:bb:cb:d8:6f:65:dd:bf:f1:70:92:6d:90:5c:
2b:43:71:23:b7:75:cb:10:d4:49:2b:4c:5a:ef:01:56:6a:76:
73:f5:18:f6:b8:be:0c:6b:e4:37:af:9c:23:a4:c1:97:a4:eb:
91:0c:ee:c7:93:c6:2e:4a:2f:a7:fd:13:16:38:85:4d:f3:77:
1d:b0:5e:72:03:70:66:c4:f9:2b:6a:8d:9e:f8:ea:71:b6:ab:
fd:02:2e:06:f6:65:bd:51:f5:20:17:e9:3e:36:87:af:77:35:
76:90:7e:a4:87:92:f2:f6:2d:ad:47:96:15:a0:0c:eb:d0:8d:
4c:82:9e:49:52:f1:a4:8d:83:00:e8:e2:fe:38:7f:30:f3:d4:
37:e2:6a:6d:45:ba:36:14:d1:ee:6c:45:ef:45:55:00:e3:07:
bf:57:58:0d:b5:7e:27:ef:6e:e7:2c:ca:25:83:af:cf:d5:94:
0a:d9:6f:3c:b9:fe:fb:06:2d:e1:55:fd:fa:98:f9:f0:b9:35:
57:e8:63:56:95:b5:0c:27:78:c8:dc:03:3c:05:1d:21:6a:09:
83:41:5e:9f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgIEBbviTzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MjViZjQzNzVmMTdhMDM1NzAxOTY5MDMwMWY5NDE5MzI0ZmY3ZDQ0MB4XDTIyMDEw
MTExNTkwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ5ZmEyZmYwMzIw
ZDQ0ZjEyNWM3MzYwZDJlNWYzMzA1ZjZhMWQwYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKKlqHiT1l90ZrPniUBTmwYY2xI9dyHSOoMARVe/jEDNuN74
h4RLjaYi7cp3ffkaC3bUsM2alQ50aZYzOQp7Qw/kBMI2NshVRQpI+/zK6kpCH5Hc
NiF4Hwc9iBOOfyCKa47acuTRHBX8KMsaF2hTeimLcDLEvVz7g95KE4yn1SPtex9D
u3340Rwkfo7O7e0DPD1CIZMlrwUpep8z85PjRe+NT4IKhfCRQJgvn8lDE8cRXmEM
JeqUUZ0nQL1CrjE0DoDb1mcX2/QWxGx/W7ddWJlYOsU0zcA5R7wWKxUNRx5XQ+uT
nvHZ5KD7SH+AjQBt8LLZeVn//1Kh4jRoBDzq2/kCAwEAAaOCAj0wggI5MB0GA1Ud
DgQWBBQtn6L/AyDUTxJcc2DS5fMwX2odCzAfBgNVHSMEGDAWgBRCW/Q3XxegNXAZ
aQMB+UGTJP99RDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FsdjBOMThYb0RWd0dXa0RBZmxCa3lUX2ZVUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTUvZjI4YTc1LWQ1M2YtNGU5Zi04MmRkLWYwZWQ4ZmU4MmI5Ny8x
L0xaLWlfd01nMUU4U1hITmcwdVh6TUY5cUhRcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTUv
ZjI4YTc1LWQ1M2YtNGU5Zi04MmRkLWYwZWQ4ZmU4MmI5Ny8xL1FsdjBOMThYb0RW
d0dXa0RBZmxCa3lUX2ZVUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBT
BggrBgEFBQcBBwEB/wREMEIwJAQCAAEwHgMEALkGQAMEAbkGQgMEArmkwAMEArmp
yAMEArm3hDAaBAIAAjAUMBIDBwAqAs+AAAMDBwAqAs+AAAQwDQYJKoZIhvcNAQEL
BQADggEBAF3ZSxmxqQHBvDQQmChatv8PJnGFb3PdLf93NzTZYQg99QZhNjE4IQsG
u8vYb2Xdv/Fwkm2QXCtDcSO3dcsQ1EkrTFrvAVZqdnP1GPa4vgxr5DevnCOkwZek
65EM7seTxi5KL6f9ExY4hU3zdx2wXnIDcGbE+StqjZ746nG2q/0CLgb2Zb1R9SAX
6T42h693NXaQfqSHkvL2La1HlhWgDOvQjUyCnklS8aSNgwDo4v44fzDz1Dfiam1F
ujYU0e5sRe9FVQDjB79XWA21fifvbucsyiWDr8/VlArZbzy5/vsGLeFV/fqY+fC5
NVfoY1aVtQwneMjcAzwFHSFqCYNBXp8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:22 2025 by rpki-client