Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LCXT4MbAiqb-95Bal5f9-IMHmgE.roa
File: LCXT4MbAiqb-95Bal5f9-IMHmgE.roa (raw, json)
Hash identifier: FYix7O6DqV+duWN3cSz23UeKFImNW65exyMCabejNww=
Subject key identifier: 2C:25:D3:E0:C6:C0:8A:A6:FE:F7:90:5A:97:97:FD:F8:83:07:9A:01
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0182441B6C3FFFFDD379F6E8DCD44ABAC19E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LCXT4MbAiqb-95Bal5f9-IMHmgE.roa
Signing time: Thu 28 Jul 2022 09:20:24 +0000
ROA not before: Thu 28 Jul 2022 09:20:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 137409
IP address blocks: 194.5.83.0/24 maxlen: 24
45.8.70.0/24 maxlen: 24
194.5.82.0/24 maxlen: 24
45.133.6.0/24 maxlen: 24
45.133.5.0/24 maxlen: 24
45.133.7.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:44:1b:6c:3f:ff:fd:d3:79:f6:e8:dc:d4:4a:ba:c1:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 28 09:20:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c25d3e0c6c08aa6fef7905a9797fdf883079a01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:71:d6:cf:75:e3:7d:e6:73:3a:2f:4f:a2:96:
d8:e8:df:69:6e:cb:06:e1:66:86:7e:a3:e9:9e:18:
65:91:a4:27:63:05:d5:c3:3e:7e:df:81:e4:43:f5:
e1:c8:44:ef:5a:4f:20:ac:eb:b1:f2:9d:49:93:da:
ca:27:a1:2a:d7:31:e1:b0:19:f2:61:43:5d:ba:91:
56:4f:0c:f8:56:a3:31:92:92:b2:7c:d1:a8:86:d0:
cc:0a:6a:b9:0f:da:92:22:fb:e9:63:a6:91:b7:52:
c2:78:19:a0:f4:28:96:6e:56:97:c9:18:64:35:6a:
d7:50:80:8d:3f:79:d4:d0:27:f3:ba:31:02:80:e8:
e8:15:0d:af:ea:fb:a1:b6:b8:86:93:57:b0:c3:29:
c7:4a:f1:6f:96:c4:eb:1d:03:fa:a9:d9:de:85:54:
a1:02:93:2d:a8:ed:21:09:84:17:e5:c2:48:63:f7:
e0:8b:4b:da:09:34:06:24:de:2d:c0:71:69:ac:a9:
49:c8:18:3a:92:10:03:29:42:71:04:89:1d:36:34:
27:af:a3:11:4b:ac:0a:09:91:1e:8d:7e:ea:42:6f:
4b:a3:cd:26:d7:20:36:5e:0b:72:01:37:58:99:72:
6e:2e:00:98:f8:d0:50:70:a2:af:2d:26:5f:33:b7:
32:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:25:D3:E0:C6:C0:8A:A6:FE:F7:90:5A:97:97:FD:F8:83:07:9A:01
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/LCXT4MbAiqb-95Bal5f9-IMHmgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.70.0/24
45.133.5.0-45.133.7.255
194.5.82.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:67:d1:83:a9:8a:ce:c9:3e:e8:1b:6a:d1:a3:d9:36:1c:a1:
a9:02:59:75:7d:cd:2c:79:f5:1b:6e:b1:63:51:59:4b:0d:3f:
32:76:ce:88:a3:6e:f6:22:cc:6b:49:09:19:ae:0d:48:31:64:
eb:7a:d8:cd:0f:2e:c1:22:34:21:a0:5f:34:ab:c4:eb:42:16:
4f:9f:14:a9:9a:21:a9:0d:f4:74:39:84:b9:6c:8a:a6:1f:45:
41:ad:60:c0:32:e2:7d:ca:56:20:29:2b:27:36:1a:3d:d0:c1:
4a:c0:f0:fc:5a:bb:b7:83:b2:17:e1:3c:51:92:79:3a:6c:b2:
3c:d6:25:b7:89:86:a1:eb:f7:43:99:76:45:30:d6:97:a2:c3:
8c:9a:92:cc:0a:60:9d:93:4d:1e:57:03:de:77:91:3d:c0:67:
50:2a:ba:d8:72:bf:ea:2f:74:42:1d:ac:79:29:ba:4d:b3:81:
a0:c6:c8:81:d9:df:a7:c0:9e:6d:72:1b:80:a3:3f:ba:fd:9e:
8b:2c:7b:db:98:f1:88:d1:13:d1:e8:b5:1f:06:d4:c8:34:30:
c4:b0:c1:b2:09:40:2d:04:03:2c:28:7f:2e:8e:b4:43:54:6d:
b9:7b:b4:92:c5:16:9b:37:f3:d2:2e:72:8e:4b:6a:c9:e9:c8:
b8:9e:70:a6
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYJEG2w///3Tefbo3NRKusGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjIwNzI4MDkyMDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzI1ZDNlMGM2YzA4YWE2ZmVmNzkwNWE5Nzk3ZmRmODgzMDc5YTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXHWz3XjfeZzOi9PopbY6N9pbssG
4WaGfqPpnhhlkaQnYwXVwz5+34HkQ/XhyETvWk8grOux8p1Jk9rKJ6Eq1zHhsBny
YUNdupFWTwz4VqMxkpKyfNGohtDMCmq5D9qSIvvpY6aRt1LCeBmg9CiWblaXyRhk
NWrXUICNP3nU0CfzujECgOjoFQ2v6vuhtriGk1ewwynHSvFvlsTrHQP6qdnehVSh
ApMtqO0hCYQX5cJIY/fgi0vaCTQGJN4twHFprKlJyBg6khADKUJxBIkdNjQnr6MR
S6wKCZEejX7qQm9Lo80m1yA2XgtyATdYmXJuLgCY+NBQcKKvLSZfM7cynQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCwl0+DGwIqm/veQWpeX/fiDB5oBMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvTENYVDRNYkFpcWItOTVCYWw1ZjktSU1IbWdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALQhGMAwD
BAAthQUDBAMthQADBAHCBVIwDQYJKoZIhvcNAQELBQADggEBAF5n0YOpis7JPugb
atGj2TYcoakCWXV9zSx59RtusWNRWUsNPzJ2zoijbvYizGtJCRmuDUgxZOt62M0P
LsEiNCGgXzSrxOtCFk+fFKmaIakN9HQ5hLlsiqYfRUGtYMAy4n3KViApKyc2Gj3Q
wUrA8Pxau7eDshfhPFGSeTpssjzWJbeJhqHr90OZdkUw1peiw4yakswKYJ2TTR5X
A953kT3AZ1Aquthyv+ovdEIdrHkpuk2zgaDGyIHZ36fAnm1yG4CjP7r9nosse9uY
8YjRE9HotR8G1Mg0MMSwwbIJQC0EAywofy6OtENUbbl7tJLFFps389Iuco5Lasnp
yLiecKY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:54 2023 by rpki-client on console-ams.rpki-client.org