Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa
File: LP8LIwKsTdi8uBn1U6BryfMlTtw.roa (raw, json)
Hash identifier: EnL8jzjcc4gt2Ce/1QlE1A59kTc8DGzgF8a8LumEz1I=
Subject key identifier: 2C:FF:0B:23:02:AC:4D:D8:BC:B8:19:F5:53:A0:6B:C9:F3:25:4E:DC
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0550FE9B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa
Signing time: Tue 21 Jun 2022 11:17:49 +0000
ROA not before: Tue 21 Jun 2022 11:17:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89194139 (0x550fe9b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jun 21 11:17:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2cff0b2302ac4dd8bcb819f553a06bc9f3254edc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:6d:55:11:af:2f:57:0d:93:73:e5:1a:44:b8:
fd:64:46:bc:37:3c:36:d6:ab:15:14:09:2e:cc:3d:
13:44:e0:df:b7:05:73:62:c4:e1:da:b0:d5:54:d5:
f6:bf:30:41:61:a0:02:2e:1b:2c:cf:e6:71:59:12:
a9:36:cd:0e:8c:4d:af:60:12:90:e3:f7:1b:a8:40:
cf:19:20:2f:61:7e:e9:76:be:75:70:fb:a7:c4:a4:
44:0f:06:1c:61:d0:28:5b:fe:1c:c7:64:4b:77:23:
76:dc:47:4b:be:be:92:43:18:28:1d:97:97:5a:fd:
5a:31:50:89:3d:e3:42:9d:e6:df:b9:a5:c2:89:56:
fa:c7:a8:57:68:f8:c3:80:81:0e:44:28:13:d3:4c:
ed:e9:cc:c6:38:ef:47:50:4a:20:ba:8b:2b:60:eb:
50:84:af:45:9b:ff:a7:3e:15:2f:ee:ea:1b:83:bd:
87:02:b3:1a:f1:44:9a:7d:12:6f:5f:e0:bb:19:f6:
3d:da:c4:27:c0:cf:a4:2d:ef:e2:4d:ba:04:b5:34:
4e:09:a2:a7:77:33:7e:4c:04:b7:13:14:cc:13:41:
73:de:36:98:f5:55:df:31:4a:de:27:44:b6:da:db:
0e:b9:a9:92:61:23:78:c2:a5:0d:b2:ad:ee:f9:84:
ae:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FF:0B:23:02:AC:4D:D8:BC:B8:19:F5:53:A0:6B:C9:F3:25:4E:DC
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/LP8LIwKsTdi8uBn1U6BryfMlTtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.8.211.0/24
45.133.246.0/23
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:87:3d:cb:0a:63:ad:70:27:e8:c1:a6:ec:2a:12:5b:eb:0a:
28:61:02:cf:bc:fc:33:e5:4b:5b:8a:7c:7e:a6:c0:3a:5c:93:
18:2f:d7:f1:a1:ca:11:e7:4f:f8:b8:af:5b:c7:30:a6:9d:b7:
c6:d5:f4:bf:1a:90:70:41:ed:1d:c6:e7:38:5b:2d:67:c8:61:
af:8a:ec:08:fc:97:ae:52:fa:78:81:bb:65:27:23:f9:86:b8:
a1:9d:dd:81:94:45:b8:62:7e:52:16:b9:df:6f:02:96:5c:e7:
ce:83:99:d4:46:ed:10:3e:8e:3b:b9:68:f5:43:71:69:b4:78:
d4:85:1b:ab:b3:0d:9f:f5:d6:56:7a:95:8e:9b:61:4d:b0:c3:
d1:c9:1c:d6:02:62:a4:d6:b7:be:96:81:33:0e:c4:b6:7f:b0:
fe:67:d5:81:73:95:1d:a7:3b:bb:d5:a6:2e:9a:95:17:cd:92:
40:b5:02:fa:cb:67:39:0e:fb:dd:8d:32:e2:df:a2:98:54:f0:
df:41:8a:e2:be:1e:20:d1:5a:b6:ae:40:27:de:c6:f3:15:f0:
65:6c:54:a0:6c:2c:59:86:66:a6:18:5e:6c:af:69:de:9d:42:
a1:47:43:ae:b7:60:6a:02:63:22:a4:13:0b:c3:67:b9:30:a7:
d3:a3:f3:fa
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEBVD+mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDYy
MTExMTc0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNmZjBiMjMwMmFj
NGRkOGJjYjgxOWY1NTNhMDZiYzlmMzI1NGVkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZtVRGvL1cNk3PlGkS4/WRGvDc8NtarFRQJLsw9E0Tg37cF
c2LE4dqw1VTV9r8wQWGgAi4bLM/mcVkSqTbNDoxNr2ASkOP3G6hAzxkgL2F+6Xa+
dXD7p8SkRA8GHGHQKFv+HMdkS3cjdtxHS76+kkMYKB2Xl1r9WjFQiT3jQp3m37ml
wolW+seoV2j4w4CBDkQoE9NM7enMxjjvR1BKILqLK2DrUISvRZv/pz4VL+7qG4O9
hwKzGvFEmn0Sb1/guxn2PdrEJ8DPpC3v4k26BLU0Tgmip3czfkwEtxMUzBNBc942
mPVV3zFK3idEttrbDrmpkmEjeMKlDbKt7vmErnkCAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBQs/wsjAqxN2Ly4GfVToGvJ8yVO3DAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0xQOExJd0tzVGRpOHVCbjFVNkJyeWZNbFR0dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAAX8dgMEAC0I0wMEAS2F9gMEAC2O
eAMEALltFQMEALmuigMEALndoAMEAMI1NQMEAMI1NzANBgkqhkiG9w0BAQsFAAOC
AQEALoc9ywpjrXAn6MGm7CoSW+sKKGECz7z8M+VLW4p8fqbAOlyTGC/X8aHKEedP
+LivW8cwpp23xtX0vxqQcEHtHcbnOFstZ8hhr4rsCPyXrlL6eIG7ZScj+Ya4oZ3d
gZRFuGJ+Uha5328CllznzoOZ1EbtED6OO7lo9UNxabR41IUbq7MNn/XWVnqVjpth
TbDD0ckc1gJipNa3vpaBMw7Etn+w/mfVgXOVHac7u9WmLpqVF82SQLUC+stnOQ77
3Y0y4t+imFTw30GK4r4eINFatq5AJ97G8xXwZWxUoGwsWYZmphhebK9p3p1CoUdD
rrdgagJjIqQTC8NnuTCn06Pz+g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:10 2024 by rpki-client on console-ams.rpki-client.org