Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/ZEk6lJQOr6JpBclJ2dFBVQVho7E.roa
File: ZEk6lJQOr6JpBclJ2dFBVQVho7E.roa (raw, json)
Hash identifier: E5uDBqXXSBjPluwpsFGARUa84aSCFhUdh07Kx7s01iw=
Subject key identifier: 64:49:3A:94:94:0E:AF:A2:69:05:C9:49:D9:D1:41:55:05:61:A3:B1
Certificate issuer: /CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Certificate serial: 0182DE38EE011BC6028F6611D30345D5EAFD
Authority key identifier: 2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/ZEk6lJQOr6JpBclJ2dFBVQVho7E.roa
Signing time: Sat 27 Aug 2022 07:34:08 +0000
ROA not before: Sat 27 Aug 2022 07:34:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209275
IP address blocks: 88.214.40.0/24 maxlen: 24
88.214.42.0/24 maxlen: 24
185.225.198.0/24 maxlen: 24
2a09:9d00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:de:38:ee:01:1b:c6:02:8f:66:11:d3:03:45:d5:ea:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e43dac8ea55693439dd1b8b4812ba71834f1031
Validity
Not Before: Aug 27 07:34:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=64493a94940eafa26905c949d9d141550561a3b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:71:b9:bc:ef:e7:34:25:30:38:67:ab:a0:85:
97:67:a4:68:68:3b:da:f4:32:0d:52:62:d0:2a:6c:
2f:8c:ed:25:11:34:3b:13:ea:6f:82:13:0d:ba:03:
70:e3:65:93:6a:9c:02:ba:4e:93:78:d1:ca:f8:9c:
89:a3:33:4a:be:c9:e9:b2:78:82:b4:ed:07:bf:90:
fc:39:cd:25:4a:f1:77:ed:19:46:38:7e:e7:d5:2f:
e1:39:10:03:54:d7:74:17:bb:f5:c7:a6:de:76:d3:
92:fb:ea:ef:2d:ac:3e:08:81:fb:a4:46:49:96:14:
70:27:30:3c:12:74:9e:fb:68:40:d1:6f:8f:de:ae:
c9:b1:a2:1d:cb:83:56:6c:0e:76:39:1a:d3:ec:1c:
da:19:a9:89:46:59:30:e5:64:da:66:a5:79:e7:d0:
f6:31:8e:19:b8:b4:aa:58:38:e0:53:4f:a3:a9:99:
a9:9f:de:e7:00:c5:b9:03:34:eb:09:33:cc:c2:d0:
ea:0c:98:c7:68:50:90:45:48:b0:19:68:5f:f9:12:
17:72:52:fa:69:f5:e0:f8:d7:00:4d:9d:43:8d:43:
7e:1c:5f:2c:ca:92:27:db:55:e4:3f:66:3a:31:19:
ae:6f:77:06:d0:5d:a3:30:a9:39:2f:b7:e5:17:29:
d7:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:49:3A:94:94:0E:AF:A2:69:05:C9:49:D9:D1:41:55:05:61:A3:B1
X509v3 Authority Key Identifier:
keyid:2E:43:DA:C8:EA:55:69:34:39:DD:1B:8B:48:12:BA:71:83:4F:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LkPayOpVaTQ53RuLSBK6cYNPEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/ZEk6lJQOr6JpBclJ2dFBVQVho7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/86ba36-78b8-44bb-9fb4-26c7c963a769/1/LkPayOpVaTQ53RuLSBK6cYNPEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.40.0/24
88.214.42.0/24
185.225.198.0/24
IPv6:
2a09:9d00::/29
Signature Algorithm: sha256WithRSAEncryption
9f:5c:f2:86:33:89:9e:17:f9:09:17:e9:d6:80:24:95:17:81:
50:87:a1:b6:07:ec:35:c9:96:02:65:e9:cf:92:ee:ff:4d:15:
62:a1:ec:2a:a9:c6:60:5d:71:a6:9d:ed:42:eb:4d:9c:fa:17:
a4:32:84:b5:1c:d3:e1:0c:25:dc:d6:fb:21:2f:5e:fd:0f:10:
51:8f:5b:f3:87:10:f4:50:6a:c7:94:a9:5d:a1:a6:39:77:23:
5c:e4:f0:52:5b:b6:c8:1e:f7:0b:b0:b8:3d:a1:c4:62:f4:b5:
3f:2e:0a:c3:36:ed:d5:de:f0:ea:42:31:7d:6f:ec:46:d8:80:
91:2d:ea:49:d0:c1:3c:8f:41:2c:f4:29:b4:28:b1:d8:c9:b0:
10:78:6b:18:39:b0:86:1c:f4:19:3e:b0:6b:3b:15:b2:57:f7:
52:93:ed:b7:f1:a3:12:f7:81:39:f0:81:1c:55:62:83:35:39:
b0:b1:73:5a:d5:df:68:70:02:be:98:96:08:3a:2e:fa:d6:d9:
d5:46:28:29:0c:0b:d8:ad:2c:59:c3:53:34:72:6c:ac:93:fe:
72:10:88:f5:34:fc:8f:90:9c:b8:c8:43:80:11:ae:46:08:7c:
17:27:cf:a0:e6:1a:41:4e:bb:9e:57:5d:4c:97:00:0f:7a:4e:
b1:c5:f7:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYLeOO4BG8YCj2YR0wNF1er9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNDNkYWM4ZWE1NTY5MzQzOWRkMWI4YjQ4MTJiYTcxODM0
ZjEwMzEwHhcNMjIwODI3MDczNDA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDQ5M2E5NDk0MGVhZmEyNjkwNWM5NDlkOWQxNDE1NTA1NjFhM2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3G5vO/nNCUwOGeroIWXZ6RoaDva
9DINUmLQKmwvjO0lETQ7E+pvghMNugNw42WTapwCuk6TeNHK+JyJozNKvsnpsniC
tO0Hv5D8Oc0lSvF37RlGOH7n1S/hORADVNd0F7v1x6bedtOS++rvLaw+CIH7pEZJ
lhRwJzA8EnSe+2hA0W+P3q7JsaIdy4NWbA52ORrT7BzaGamJRlkw5WTaZqV559D2
MY4ZuLSqWDjgU0+jqZmpn97nAMW5AzTrCTPMwtDqDJjHaFCQRUiwGWhf+RIXclL6
afXg+NcATZ1DjUN+HF8sypIn21XkP2Y6MRmub3cG0F2jMKk5L7flFynXKwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGRJOpSUDq+iaQXJSdnRQVUFYaOxMB8GA1UdIwQY
MBaAFC5D2sjqVWk0Od0bi0gSunGDTxAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQt
MjZjN2M5NjNhNzY5LzEvWkVrNmxKUU9yNkpwQmNsSjJkRkJWUVZobzdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84NmJhMzYtNzhiOC00NGJiLTlmYjQtMjZjN2M5NjNhNzY5
LzEvTGtQYXlPcFZhVFE1M1J1TFNCSzZjWU5QRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWNYoAwQA
WNYqAwQAueHGMA0EAgACMAcDBQMqCZ0AMA0GCSqGSIb3DQEBCwUAA4IBAQCfXPKG
M4meF/kJF+nWgCSVF4FQh6G2B+w1yZYCZenPku7/TRVioewqqcZgXXGmne1C602c
+hekMoS1HNPhDCXc1vshL179DxBRj1vzhxD0UGrHlKldoaY5dyNc5PBSW7bIHvcL
sLg9ocRi9LU/LgrDNu3V3vDqQjF9b+xG2ICRLepJ0ME8j0Es9Cm0KLHYybAQeGsY
ObCGHPQZPrBrOxWyV/dSk+238aMS94E58IEcVWKDNTmwsXNa1d9ocAK+mJYIOi76
1tnVRigpDAvYrSxZw1M0cmysk/5yEIj1NPyPkJy4yEOAEa5GCHwXJ8+g5hpBTrue
V11MlwAPek6xxffq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:01 2024 by rpki-client on console-ams.rpki-client.org