Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/lnzp1kQWB0xt0sXtPDIk17qK4mI.roa
File: lnzp1kQWB0xt0sXtPDIk17qK4mI.roa (raw, json)
Hash identifier: 5+pU+RxY0VUx/nKuM6qdBwgjFvu+rkF4/vsb2DtAjEA=
Subject key identifier: 96:7C:E9:D6:44:16:07:4C:6D:D2:C5:ED:3C:32:24:D7:BA:8A:E2:62
Certificate issuer: /CN=e20e3805a1b4f5b61cfe73010e838c2f0d25b44b
Certificate serial: 01EFAC
Authority key identifier: E2:0E:38:05:A1:B4:F5:B6:1C:FE:73:01:0E:83:8C:2F:0D:25:B4:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4g44BaG09bYc_nMBDoOMLw0ltEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/lnzp1kQWB0xt0sXtPDIk17qK4mI.roa
Signing time: Tue 12 Apr 2022 15:50:09 +0000
ROA not before: Tue 12 Apr 2022 15:50:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207163
IP address blocks: 185.164.88.0/22 maxlen: 22
2a0a:f400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126892 (0x1efac)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e20e3805a1b4f5b61cfe73010e838c2f0d25b44b
Validity
Not Before: Apr 12 15:50:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=967ce9d64416074c6dd2c5ed3c3224d7ba8ae262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:8f:bc:78:15:90:6a:c9:96:d1:0e:8c:39:15:
62:c2:3d:be:b8:53:62:9c:72:b9:fc:77:d9:ee:28:
ee:a6:91:c6:8e:08:06:4e:ad:ec:2c:cb:34:fc:9c:
f1:17:dc:63:a1:3d:47:0a:94:e1:a2:4f:de:2b:2c:
3f:81:d4:a2:1f:cd:8a:47:3e:bc:85:2f:a9:f4:e3:
75:5b:1e:b4:3a:cb:a2:b7:01:7f:1c:16:42:ac:f6:
ed:56:90:97:e5:84:93:26:48:72:77:38:3a:3c:27:
bc:47:a7:fa:66:1e:97:50:ab:9c:0f:19:ea:18:87:
1e:fd:42:00:02:e6:9c:20:92:d3:a1:b5:8d:01:92:
37:de:4e:99:65:31:cc:67:0d:2b:50:2e:8d:25:ab:
bc:34:b0:4c:0f:b6:4f:4e:7f:1e:7c:ca:81:fb:24:
07:34:34:86:40:47:1d:18:bb:1c:b7:7d:a5:2a:9e:
d8:8f:b7:48:fa:1d:af:46:ac:cc:4d:41:92:78:23:
33:9d:70:53:89:3c:b1:6f:08:71:bd:7b:d8:99:df:
a0:57:c9:f2:5c:e7:8f:a7:8d:c4:c8:34:2e:5d:8b:
35:40:9a:e1:28:6c:89:a3:15:3d:26:d0:fb:c2:8d:
cf:9d:29:7b:4e:16:19:86:2b:a0:4f:bb:11:4c:7c:
85:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7C:E9:D6:44:16:07:4C:6D:D2:C5:ED:3C:32:24:D7:BA:8A:E2:62
X509v3 Authority Key Identifier:
keyid:E2:0E:38:05:A1:B4:F5:B6:1C:FE:73:01:0E:83:8C:2F:0D:25:B4:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4g44BaG09bYc_nMBDoOMLw0ltEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/lnzp1kQWB0xt0sXtPDIk17qK4mI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/d16e3e-eb09-4fb9-9081-bd3e7adde8de/1/4g44BaG09bYc_nMBDoOMLw0ltEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.88.0/22
IPv6:
2a0a:f400::/29
Signature Algorithm: sha256WithRSAEncryption
33:bf:75:e8:c9:6f:4e:24:cb:76:7d:c2:f4:5f:55:59:a7:2a:
63:2a:6e:36:7f:ef:f7:c8:99:17:02:da:66:74:ee:e5:ea:36:
25:05:50:77:af:8d:fa:c2:93:1f:cf:62:92:f0:11:f9:65:b1:
91:c3:aa:40:e5:ab:ba:75:bf:11:ee:53:a4:bc:a5:3c:2a:b4:
38:43:a2:4c:fd:f2:64:d2:c7:de:03:67:32:b2:77:0f:a2:67:
04:f2:45:40:3f:b5:6b:83:71:96:ba:7c:5d:b9:59:3c:28:c5:
e5:0e:db:a6:98:f2:a0:75:bd:7a:4e:57:ce:92:a9:6b:b2:e4:
41:03:39:9b:1e:47:03:99:27:b4:46:c0:3a:7e:15:7f:46:2f:
43:61:ba:b6:71:a3:43:6a:c6:52:22:be:af:32:f3:7a:a1:66:
73:14:dc:91:cd:34:e6:f5:66:7c:de:15:e6:80:3e:5c:bd:a7:
b5:d5:b1:35:82:a6:72:d6:14:3f:82:31:b4:e1:ef:71:e8:44:
eb:d3:58:ff:2b:5a:68:94:d3:5c:1e:70:8f:ca:44:11:7e:16:
dd:16:27:eb:bf:3c:96:ed:f5:26:57:ed:28:fa:f0:55:fc:f5:
ba:e0:ed:fa:1e:5b:77:79:7f:33:f0:53:be:62:63:66:09:02:
39:53:3e:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDAe+sMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGUy
MGUzODA1YTFiNGY1YjYxY2ZlNzMwMTBlODM4YzJmMGQyNWI0NGIwHhcNMjIwNDEy
MTU1MDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NjdjZTlkNjQ0MTYw
NzRjNmRkMmM1ZWQzYzMyMjRkN2JhOGFlMjYyMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAw4+8eBWQasmW0Q6MORViwj2+uFNinHK5/HfZ7ijuppHGjggG
Tq3sLMs0/JzxF9xjoT1HCpThok/eKyw/gdSiH82KRz68hS+p9ON1Wx60OsuitwF/
HBZCrPbtVpCX5YSTJkhydzg6PCe8R6f6Zh6XUKucDxnqGIce/UIAAuacIJLTobWN
AZI33k6ZZTHMZw0rUC6NJau8NLBMD7ZPTn8efMqB+yQHNDSGQEcdGLsct32lKp7Y
j7dI+h2vRqzMTUGSeCMznXBTiTyxbwhxvXvYmd+gV8nyXOePp43EyDQuXYs1QJrh
KGyJoxU9JtD7wo3PnSl7ThYZhiugT7sRTHyF7QIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFJZ86dZEFgdMbdLF7TwyJNe6iuJiMB8GA1UdIwQYMBaAFOIOOAWhtPW2HP5z
AQ6DjC8NJbRLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
NGc0NEJhRzA5YlljX25NQkRvT01MdzBsdEVzLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYi9kMTZlM2UtZWIwOS00ZmI5LTkwODEtYmQzZTdhZGRlOGRlLzEv
bG56cDFrUVdCMHh0MHNYdFBESWsxN3FLNG1JLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9k
MTZlM2UtZWIwOS00ZmI5LTkwODEtYmQzZTdhZGRlOGRlLzEvNGc0NEJhRzA5Yllj
X25NQkRvT01MdzBsdEVzLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuaRYMA0EAgACMAcDBQMqCvQAMA0G
CSqGSIb3DQEBCwUAA4IBAQAzv3XoyW9OJMt2fcL0X1VZpypjKm42f+/3yJkXAtpm
dO7l6jYlBVB3r436wpMfz2KS8BH5ZbGRw6pA5au6db8R7lOkvKU8KrQ4Q6JM/fJk
0sfeA2cysncPomcE8kVAP7Vrg3GWunxduVk8KMXlDtummPKgdb16TlfOkqlrsuRB
AzmbHkcDmSe0RsA6fhV/Ri9DYbq2caNDasZSIr6vMvN6oWZzFNyRzTTm9WZ83hXm
gD5cvae11bE1gqZy1hQ/gjG04e9x6ETr01j/K1polNNcHnCPykQRfhbdFifrvzyW
7fUmV+0o+vBV/PW64O36Hlt3eX8z8FO+YmNmCQI5Uz67
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:04 2023 by rpki-client on console-fra.rpki-client.org