Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/lglcZGeMjp6SVZIbeks_WX1UtkA.roa
File: lglcZGeMjp6SVZIbeks_WX1UtkA.roa (raw, json)
Hash identifier: 293ecU20hS2ZFBEqhUD2N5KKCn3e9A8BnXDzs8EE2aM=
Subject key identifier: 96:09:5C:64:67:8C:8E:9E:92:55:92:1B:7A:4B:3F:59:7D:54:B6:40
Certificate issuer: /CN=c45c98430885628971307c59b5cf241682102378
Certificate serial: 19AADC89
Authority key identifier: C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/lglcZGeMjp6SVZIbeks_WX1UtkA.roa
Signing time: Sat 01 Jan 2022 13:55:55 +0000
ROA not before: Sat 01 Jan 2022 13:55:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8774
IP address blocks: 195.135.213.0/24 maxlen: 24
195.135.212.0/24 maxlen: 24
195.135.215.0/24 maxlen: 24
195.135.214.0/24 maxlen: 24
109.237.4.0/22 maxlen: 22
109.237.0.0/22 maxlen: 22
109.237.8.0/22 maxlen: 22
109.237.12.0/22 maxlen: 22
185.113.211.0/24 maxlen: 24
185.113.208.0/23 maxlen: 23
185.113.210.0/24 maxlen: 24
2a05:3740::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 430627977 (0x19aadc89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c98430885628971307c59b5cf241682102378
Validity
Not Before: Jan 1 13:55:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96095c64678c8e9e9255921b7a4b3f597d54b640
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:70:c7:e7:2b:7e:ba:f6:e9:b2:c9:81:29:b4:
43:34:96:ae:6e:1e:e3:35:8d:11:57:b7:0b:fc:9e:
e9:f0:b6:a0:1d:6d:6b:e3:79:13:8b:84:bc:94:5c:
af:6b:f5:c5:a0:d3:34:c4:e4:48:98:52:9a:be:fa:
51:74:f7:0e:50:3b:d5:3d:54:f9:db:45:f7:7b:5c:
6f:d3:6c:d8:c6:d1:9d:a4:89:89:cc:fe:bd:de:54:
50:b2:47:9d:a6:c4:29:ba:06:88:25:6f:f0:1c:0e:
87:27:d6:9f:22:9b:e7:55:41:a1:2d:c8:b9:b4:4e:
a9:3b:31:0a:25:d0:08:99:fe:f6:27:89:8a:d2:76:
fa:8d:50:46:65:60:d3:4b:9e:2e:f9:4f:ca:93:3c:
b4:8d:44:3c:9a:5d:1f:aa:bd:ec:4d:d5:eb:e2:25:
ec:70:2f:cf:8c:f4:07:e6:0b:9a:90:f2:4f:5f:c0:
eb:43:b5:0b:68:56:e8:7e:ad:2e:74:90:14:51:4e:
72:54:fb:9d:4f:50:89:6c:7e:2a:d1:ad:5d:28:2c:
ad:bb:cb:34:a4:cf:33:c6:46:b1:50:34:08:ad:a8:
6d:04:d0:cb:c0:ec:08:b4:62:1a:e0:42:8d:d0:7a:
ea:65:3d:7b:ef:e5:c5:a3:9f:60:43:c7:d0:49:ec:
dd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:09:5C:64:67:8C:8E:9E:92:55:92:1B:7A:4B:3F:59:7D:54:B6:40
X509v3 Authority Key Identifier:
keyid:C4:5C:98:43:08:85:62:89:71:30:7C:59:B5:CF:24:16:82:10:23:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFyYQwiFYolxMHxZtc8kFoIQI3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/lglcZGeMjp6SVZIbeks_WX1UtkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/307c33-38a7-4fda-9a08-9abdca39d4f7/1/xFyYQwiFYolxMHxZtc8kFoIQI3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.237.0.0/20
185.113.208.0/22
195.135.212.0/22
IPv6:
2a05:3740::/29
Signature Algorithm: sha256WithRSAEncryption
6e:d3:57:46:3b:a1:a4:23:da:07:32:87:e9:1e:b8:b0:56:a6:
e0:f5:a3:a1:8c:6e:ea:ec:79:83:70:27:77:d4:73:9a:39:39:
95:7c:ec:2c:9e:04:3a:c6:6d:3b:df:0f:dd:7e:16:43:25:55:
95:61:d6:37:28:c2:f2:80:ab:a9:22:8a:81:75:bc:fa:29:0e:
d0:e6:1b:ad:ad:d1:c3:a2:2e:86:74:2c:dc:ff:96:ec:05:15:
64:d9:4a:58:27:0c:cb:ed:cb:d2:98:60:00:7b:1f:23:fc:50:
9d:74:38:cb:33:d3:79:3f:2a:61:9d:a7:c1:15:3a:08:8c:a8:
ea:31:bd:d0:48:f0:a1:c6:6f:14:88:6b:8a:db:98:37:17:23:
c7:80:22:d9:ba:b5:65:ff:1c:49:53:53:61:6a:dd:6d:cc:0d:
e6:59:f1:e8:49:41:4f:5a:01:6b:4e:a2:5f:4f:44:40:cc:95:
1a:92:45:62:a1:b8:dc:d8:97:bc:73:67:04:f0:1e:bc:ef:bb:
96:4d:af:08:59:d8:e5:30:82:02:12:89:8e:71:58:8a:6e:b4:
20:9d:2a:e2:f1:50:7f:f3:06:46:65:f0:21:30:61:b4:f6:9b:
c3:e5:15:d8:6b:11:69:48:00:b4:58:97:a9:b1:db:16:b9:b2:
e6:17:cb:8f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEGarciTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDVjOTg0MzA4ODU2Mjg5NzEzMDdjNTliNWNmMjQxNjgyMTAyMzc4MB4XDTIyMDEw
MTEzNTU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYwOTVjNjQ2Nzhj
OGU5ZTkyNTU5MjFiN2E0YjNmNTk3ZDU0YjY0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL9wx+crfrr26bLJgSm0QzSWrm4e4zWNEVe3C/ye6fC2oB1t
a+N5E4uEvJRcr2v1xaDTNMTkSJhSmr76UXT3DlA71T1U+dtF93tcb9Ns2MbRnaSJ
icz+vd5UULJHnabEKboGiCVv8BwOhyfWnyKb51VBoS3IubROqTsxCiXQCJn+9ieJ
itJ2+o1QRmVg00ueLvlPypM8tI1EPJpdH6q97E3V6+Il7HAvz4z0B+YLmpDyT1/A
60O1C2hW6H6tLnSQFFFOclT7nU9QiWx+KtGtXSgsrbvLNKTPM8ZGsVA0CK2obQTQ
y8DsCLRiGuBCjdB66mU9e+/lxaOfYEPH0Ens3eUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSWCVxkZ4yOnpJVkht6Sz9ZfVS2QDAfBgNVHSMEGDAWgBTEXJhDCIViiXEw
fFm1zyQWghAjeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGeVlRd2lGWW9seE1IeFp0YzhrRm9JUUkzZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvMzA3YzMzLTM4YTctNGZkYS05YTA4LTlhYmRjYTM5ZDRmNy8x
L2xnbGNaR2VNanA2U1ZaSWJla3NfV1gxVXRrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
MzA3YzMzLTM4YTctNGZkYS05YTA4LTlhYmRjYTM5ZDRmNy8xL3hGeVlRd2lGWW9s
eE1IeFp0YzhrRm9JUUkzZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBG3tAAMEArlx0AMEAsOH1DANBAIA
AjAHAwUDKgU3QDANBgkqhkiG9w0BAQsFAAOCAQEAbtNXRjuhpCPaBzKH6R64sFam
4PWjoYxu6ux5g3And9Rzmjk5lXzsLJ4EOsZtO98P3X4WQyVVlWHWNyjC8oCrqSKK
gXW8+ikO0OYbra3Rw6IuhnQs3P+W7AUVZNlKWCcMy+3L0phgAHsfI/xQnXQ4yzPT
eT8qYZ2nwRU6CIyo6jG90EjwocZvFIhrituYNxcjx4Ai2bq1Zf8cSVNTYWrdbcwN
5lnx6ElBT1oBa06iX09EQMyVGpJFYqG43NiXvHNnBPAevO+7lk2vCFnY5TCCAhKJ
jnFYim60IJ0q4vFQf/MGRmXwITBhtPabw+UV2GsRaUgAtFiXqbHbFrmy5hfLjw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:02 2024 by rpki-client on console-ams.rpki-client.org