Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lq-wSxpvKN574txsl-HJjb9w4S8.roa
File: Lq-wSxpvKN574txsl-HJjb9w4S8.roa (raw, json)
Hash identifier: roymqaEZ6EEWuhPm5o2dhJ+LcUJdsDErIKypz43tKAg=
Subject key identifier: 2E:AF:B0:4B:1A:6F:28:DE:7B:E2:DC:6C:97:E1:C9:8D:BF:70:E1:2F
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 03AF27B8
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lq-wSxpvKN574txsl-HJjb9w4S8.roa
Signing time: Mon 31 Jan 2022 14:31:42 +0000
ROA not before: Mon 31 Jan 2022 14:31:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51765
IP address blocks: 185.204.1.0/24 maxlen: 24
185.103.110.0/24 maxlen: 24
185.112.82.0/24 maxlen: 24
185.212.149.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
185.117.118.0/24 maxlen: 24
185.217.196.0/23 maxlen: 23
82.115.220.0/24 maxlen: 24
185.125.51.0/24 maxlen: 24
185.221.163.0/24 maxlen: 24
194.53.52.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61810616 (0x3af27b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 31 14:31:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2eafb04b1a6f28de7be2dc6c97e1c98dbf70e12f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f9:73:cf:a4:25:cd:26:8d:5f:fc:fd:3b:2c:
1d:5d:37:13:f3:54:33:ce:22:84:31:5e:88:d3:00:
37:2c:e9:33:8f:53:9a:a5:9d:f8:f3:ab:75:e3:83:
1c:c0:5d:b2:63:b5:24:0a:83:ae:84:5e:59:66:4a:
cc:9c:b8:ed:69:f3:f1:76:a1:68:44:d9:14:17:29:
57:ce:a4:6b:23:6a:74:10:c0:88:9f:5d:48:7e:34:
98:0c:88:05:b8:0d:7e:d5:65:e8:ca:c4:22:32:cb:
86:8b:aa:d9:df:fb:b5:54:c3:5c:b6:f1:37:de:b4:
80:c3:b2:a6:ce:61:26:d9:be:c9:e2:dc:ca:4b:14:
a7:2c:04:85:41:f5:5a:e7:d4:0d:83:8f:94:1c:85:
98:71:d2:fb:d8:5f:49:c0:01:a5:ab:da:07:d3:31:
49:94:0a:8d:a3:5b:d5:92:b6:14:7f:c3:f9:28:33:
ae:ad:7b:f3:1a:94:0e:32:1d:fa:32:53:db:61:a6:
dd:f3:4b:48:4b:79:7b:db:bd:82:d2:38:66:8f:8c:
5e:07:dc:13:03:41:91:e9:9e:c6:85:02:07:4e:71:
26:49:0e:4e:8e:ac:d7:8c:10:16:ac:19:0c:37:32:
70:d4:e9:da:19:e8:91:ec:8b:0a:1c:30:38:82:dd:
71:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:AF:B0:4B:1A:6F:28:DE:7B:E2:DC:6C:97:E1:C9:8D:BF:70:E1:2F
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/Lq-wSxpvKN574txsl-HJjb9w4S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.220.0/24
91.103.253.0/24
185.103.110.0/24
185.112.82.0/24
185.117.118.0/24
185.125.51.0/24
185.204.1.0/24
185.212.149.0/24
185.217.196.0/23
185.221.163.0/24
194.53.52.0/24
194.53.54.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:c9:80:df:47:af:f8:ec:0f:55:b8:8b:47:a8:3a:89:eb:19:
2f:ba:08:b5:70:6a:4e:0e:84:7d:3c:cb:d7:5c:46:44:21:08:
f2:1a:19:d6:96:d2:82:17:d7:ed:a4:30:ff:a3:c4:a0:07:16:
a0:3b:1f:8a:c8:1d:c5:b3:52:85:7f:6d:07:17:35:c8:03:e4:
f6:c8:40:07:7b:f8:51:f8:25:33:72:e6:ef:17:8b:4f:35:cb:
f6:48:8f:3d:41:9a:57:ff:52:b8:da:ff:85:28:69:dc:1b:50:
4e:08:c0:b6:b5:69:a4:26:c7:ab:31:11:fa:9f:95:43:33:0d:
87:d3:8d:43:a8:6c:18:d9:28:5c:21:57:5c:cd:4b:ef:83:41:
67:ed:4f:d3:6c:51:4a:4b:ee:3e:bd:ea:88:fc:19:d1:42:d4:
e0:58:0a:82:35:3c:f6:df:0e:48:83:7d:95:4d:a9:3b:45:78:
2b:bc:bc:7b:17:48:b1:10:2c:ba:e9:b1:49:fb:69:f4:9b:b8:
fb:70:98:49:ea:1a:37:3a:2e:3b:0f:a3:71:fe:c3:77:12:21:
5a:63:9d:7d:0a:f4:18:06:5f:af:11:f8:8e:86:d7:49:33:c2:
b3:8a:d0:7d:3f:d2:c4:71:4a:6e:cd:ec:47:e4:5a:5b:fd:b6:
65:8d:fb:cf
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEA68nuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDEz
MTE0MzE0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmVhZmIwNGIxYTZm
MjhkZTdiZTJkYzZjOTdlMWM5OGRiZjcwZTEyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALL5c8+kJc0mjV/8/TssHV03E/NUM84ihDFeiNMANyzpM49T
mqWd+POrdeODHMBdsmO1JAqDroReWWZKzJy47Wnz8XahaETZFBcpV86kayNqdBDA
iJ9dSH40mAyIBbgNftVl6MrEIjLLhouq2d/7tVTDXLbxN960gMOyps5hJtm+yeLc
yksUpywEhUH1WufUDYOPlByFmHHS+9hfScABpavaB9MxSZQKjaNb1ZK2FH/D+Sgz
rq178xqUDjId+jJT22Gm3fNLSEt5e9u9gtI4Zo+MXgfcEwNBkemexoUCB05xJkkO
To6s14wQFqwZDDcycNTp2hnokeyLChwwOILdcb8CAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBQur7BLGm8o3nvi3GyX4cmNv3DhLzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0xxLXdTeHB2S041NzR0eHNsLUhKamI5dzRTOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwTgQCAAEwSAMEAFJz3AMEAFtn/QMEALlnbgMEALlw
UgMEALl1dgMEALl9MwMEALnMAQMEALnUlQMEAbnZxAMEALndowMEAMI1NAMEAMI1
NjANBgkqhkiG9w0BAQsFAAOCAQEAT8mA30ev+OwPVbiLR6g6iesZL7oItXBqTg6E
fTzL11xGRCEI8hoZ1pbSghfX7aQw/6PEoAcWoDsfisgdxbNShX9tBxc1yAPk9shA
B3v4UfglM3Lm7xeLTzXL9kiPPUGaV/9SuNr/hShp3BtQTgjAtrVppCbHqzER+p+V
QzMNh9ONQ6hsGNkoXCFXXM1L74NBZ+1P02xRSkvuPr3qiPwZ0ULU4FgKgjU89t8O
SIN9lU2pO0V4K7y8exdIsRAsuumxSftp9Ju4+3CYSeoaNzouOw+jcf7DdxIhWmOd
fQr0GAZfrxH4jobXSTPCs4rQfT/SxHFKbs3sR+RaW/22ZY37zw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:07 2024 by rpki-client on console-fra.rpki-client.org