Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/LlMWmCE3kPFXe11lfwQFn1c_TXk.roa
File: LlMWmCE3kPFXe11lfwQFn1c_TXk.roa (raw, json)
Hash identifier: +Yd6E9rX5K5Yp67Bu37co+7NFb5KlN4o4HSsqK5wfbg=
Subject key identifier: 2E:53:16:98:21:37:90:F1:57:7B:5D:65:7F:04:05:9F:57:3F:4D:79
Certificate issuer: /CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Certificate serial: 0FD7D6B6
Authority key identifier: C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/LlMWmCE3kPFXe11lfwQFn1c_TXk.roa
Signing time: Sat 01 Jan 2022 06:59:33 +0000
ROA not before: Sat 01 Jan 2022 06:59:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35328
IP address blocks: 80.87.208.0/21 maxlen: 21
80.87.208.0/20 maxlen: 20
80.87.216.0/21 maxlen: 21
145.255.144.0/21 maxlen: 21
145.255.144.0/20 maxlen: 20
77.234.240.0/20 maxlen: 20
217.31.40.0/21 maxlen: 21
46.18.144.0/22 maxlen: 22
46.18.144.0/21 maxlen: 21
46.18.148.0/22 maxlen: 22
185.42.4.0/22 maxlen: 22
185.42.4.0/23 maxlen: 23
77.234.224.0/19 maxlen: 19
77.234.224.0/20 maxlen: 20
185.42.6.0/23 maxlen: 23
217.31.32.0/20 maxlen: 20
217.31.32.0/21 maxlen: 21
145.255.152.0/21 maxlen: 21
2a00:e380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 265803446 (0xfd7d6b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1adbdfe01e9a3f96d50022c3cdafdc3e1a8d988
Validity
Not Before: Jan 1 06:59:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e531698213790f1577b5d657f04059f573f4d79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:22:10:16:2f:37:04:a0:a2:72:cf:cb:1e:4b:
e2:d8:1c:1a:f6:47:4e:dc:06:f3:bd:9c:7e:59:fa:
4d:b8:57:45:e3:75:5e:e0:b0:02:21:0c:6e:77:bc:
6b:b9:60:a1:67:79:aa:c7:91:80:d7:09:b9:2c:8b:
3b:1a:ac:3a:1d:31:64:45:22:5a:e7:d0:32:ab:af:
fd:a2:2a:7d:58:94:84:5c:ea:a6:3a:7c:c3:d4:5c:
39:29:2d:13:d1:ac:65:5d:bc:12:44:43:13:98:89:
b6:6d:fe:62:4c:85:7a:61:2c:a7:af:06:39:91:af:
7f:a0:bc:b1:95:d1:51:a1:af:74:05:10:56:6b:dc:
d7:db:f0:35:28:a2:be:70:90:d4:92:65:5c:25:ae:
56:f6:15:2e:8e:4a:c0:ac:4f:3f:52:9d:2a:42:e0:
aa:a0:6e:8d:23:2e:54:14:40:fc:72:b8:75:e7:d8:
9d:80:ad:be:7b:68:09:f7:41:35:24:74:31:0d:45:
5f:de:ac:d2:e3:55:2b:cb:0f:1c:0a:db:1d:0e:34:
e3:25:80:29:ac:96:eb:fa:c6:75:9f:a8:6c:80:6a:
a3:47:68:05:d2:9f:ef:ec:71:ae:fb:78:ca:86:b1:
94:0c:ba:a6:00:96:7b:c6:d5:52:4b:3e:87:07:27:
a7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:53:16:98:21:37:90:F1:57:7B:5D:65:7F:04:05:9F:57:3F:4D:79
X509v3 Authority Key Identifier:
keyid:C1:AD:BD:FE:01:E9:A3:F9:6D:50:02:2C:3C:DA:FD:C3:E1:A8:D9:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wa29_gHpo_ltUAIsPNr9w-Go2Yg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/LlMWmCE3kPFXe11lfwQFn1c_TXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a4c6f1-7c93-45ee-8eaf-4394052cd65e/1/wa29_gHpo_ltUAIsPNr9w-Go2Yg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.18.144.0/21
77.234.224.0/19
80.87.208.0/20
145.255.144.0/20
185.42.4.0/22
217.31.32.0/20
IPv6:
2a00:e380::/29
Signature Algorithm: sha256WithRSAEncryption
d4:14:79:24:32:7e:5f:02:97:04:51:be:a2:b3:02:ca:c8:e3:
3b:87:be:81:e8:be:0d:0f:a3:06:2a:1a:99:ad:97:4c:36:5c:
69:55:85:76:ee:49:f2:ff:31:1f:5a:47:f2:3a:97:1e:de:5b:
5e:97:dd:6b:64:de:9e:be:21:12:30:72:a2:5f:02:d0:31:4e:
94:34:bd:21:c6:90:d1:c4:88:ad:c3:fb:2a:06:bd:80:65:66:
e0:80:5c:04:15:1e:86:c3:19:7c:fb:85:48:97:35:65:9c:3c:
93:17:36:3e:e9:e3:e8:2c:a3:7b:56:11:69:09:1e:e8:c1:c9:
da:20:64:17:53:14:f5:7b:2d:2c:99:bc:ae:66:25:01:b8:bf:
00:17:f3:c0:40:15:a6:3f:de:92:2f:4d:2b:a2:1d:8f:ed:9a:
0e:7e:c2:0f:39:65:f4:6a:5d:7a:13:d3:76:02:f2:ca:a3:e8:
3c:02:87:b6:c6:0a:60:d4:15:e0:a6:d4:60:5c:39:d8:b2:9a:
12:34:3c:74:15:16:3c:18:66:90:87:a3:74:ae:12:60:ad:3d:
18:12:ca:e7:fe:fd:e4:1e:87:0f:b8:8f:c9:0f:c2:92:e9:12:
c8:67:88:52:a4:a1:a3:a1:11:08:dd:bb:92:fd:c7:f6:9d:f2:
51:40:42:da
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIED9fWtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWFkYmRmZTAxZTlhM2Y5NmQ1MDAyMmMzY2RhZmRjM2UxYThkOTg4MB4XDTIyMDEw
MTA2NTkzM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU1MzE2OTgyMTM3
OTBmMTU3N2I1ZDY1N2YwNDA1OWY1NzNmNGQ3OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMciEBYvNwSgonLPyx5L4tgcGvZHTtwG872cfln6TbhXReN1
XuCwAiEMbne8a7lgoWd5qseRgNcJuSyLOxqsOh0xZEUiWufQMquv/aIqfViUhFzq
pjp8w9RcOSktE9GsZV28EkRDE5iJtm3+YkyFemEsp68GOZGvf6C8sZXRUaGvdAUQ
Vmvc19vwNSiivnCQ1JJlXCWuVvYVLo5KwKxPP1KdKkLgqqBujSMuVBRA/HK4defY
nYCtvntoCfdBNSR0MQ1FX96s0uNVK8sPHArbHQ404yWAKayW6/rGdZ+obIBqo0do
BdKf7+xxrvt4yoaxlAy6pgCWe8bVUks+hwcnp4ECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQuUxaYITeQ8Vd7XWV/BAWfVz9NeTAfBgNVHSMEGDAWgBTBrb3+Aemj+W1Q
Aiw82v3D4ajZiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dhMjlfZ0hwb19sdFVBSXNQTnI5dy1HbzJZZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvYTRjNmYxLTdjOTMtNDVlZS04ZWFmLTQzOTQwNTJjZDY1ZS8x
L0xsTVdtQ0Uza1BGWGUxMWxmd1FGbjFjX1RYay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
YTRjNmYxLTdjOTMtNDVlZS04ZWFmLTQzOTQwNTJjZDY1ZS8xL3dhMjlfZ0hwb19s
dFVBSXNQTnI5dy1HbzJZZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAy4SkAMEBU3q4AMEBFBX0AMEBJH/
kAMEArkqBAMEBNkfIDANBAIAAjAHAwUDKgDjgDANBgkqhkiG9w0BAQsFAAOCAQEA
1BR5JDJ+XwKXBFG+orMCysjjO4e+gei+DQ+jBioama2XTDZcaVWFdu5J8v8xH1pH
8jqXHt5bXpfda2Tenr4hEjByol8C0DFOlDS9IcaQ0cSIrcP7Kga9gGVm4IBcBBUe
hsMZfPuFSJc1ZZw8kxc2Punj6Cyje1YRaQke6MHJ2iBkF1MU9XstLJm8rmYlAbi/
ABfzwEAVpj/eki9NK6Idj+2aDn7CDzll9GpdehPTdgLyyqPoPAKHtsYKYNQV4KbU
YFw52LKaEjQ8dBUWPBhmkIejdK4SYK09GBLK5/795B6HD7iPyQ/CkukSyGeIUqSh
o6ERCN27kv3H9p3yUUBC2g==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:49 2025 by rpki-client