Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lWvNuBpIyreEuCcLKDkXaBvoPVk.roa
File: lWvNuBpIyreEuCcLKDkXaBvoPVk.roa (raw, json)
Hash identifier: kv8MWv2nclEv5Cgb629L1hROOv0h9D6/t4sQ0Eq8EUk=
Subject key identifier: 95:6B:CD:B8:1A:48:CA:B7:84:B8:27:0B:28:39:17:68:1B:E8:3D:59
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185444CCC2AC149F2CADEBC95491BD26708
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lWvNuBpIyreEuCcLKDkXaBvoPVk.roa
Signing time: Sat 24 Dec 2022 13:22:41 +0000
ROA not before: Sat 24 Dec 2022 13:22:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210644
IP address blocks: 185.174.137.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
5.252.118.0/24 maxlen: 24
2a0e:d607::/48 maxlen: 48
2a0e:d606::/48 maxlen: 48
2a0e:d602:1::/48 maxlen: 48
2a0e:d602::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:44:4c:cc:2a:c1:49:f2:ca:de:bc:95:49:1b:d2:67:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Dec 24 13:22:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=956bcdb81a48cab784b8270b283917681be83d59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:69:7f:12:77:aa:85:fa:be:20:42:28:35:87:
8a:f1:57:ed:8f:77:9c:91:1e:b2:44:78:bd:77:17:
9f:97:62:56:45:91:c7:7b:2e:d7:f8:99:e1:54:a4:
62:06:61:b7:f4:d8:ac:4c:07:fa:03:77:42:13:75:
76:98:69:37:de:47:87:8e:dd:ba:95:1a:99:1b:71:
e0:f0:19:08:44:86:b3:78:6c:d1:e6:90:ac:aa:06:
95:e7:33:90:c7:ef:01:ee:77:56:91:21:ed:21:36:
ad:50:8f:4b:83:0e:26:4d:5d:87:e0:1d:ab:2b:d5:
b2:dd:44:46:6c:66:c5:55:6d:d1:b0:e3:68:21:fd:
07:55:d7:ba:39:ed:43:b4:d6:fc:fd:b1:69:27:b4:
29:20:00:7a:99:c1:6f:f8:48:c1:fd:58:a0:6a:8c:
aa:1f:cc:29:ff:c1:48:29:fa:e3:b1:c3:97:b8:0b:
70:9b:72:8c:8a:41:e4:8f:46:ea:35:a7:5a:57:71:
6d:b2:fa:6c:51:89:93:bb:64:3f:d4:31:90:70:f6:
3f:2d:93:83:8e:45:7e:c2:e7:3d:84:cd:fb:07:c5:
7b:4c:bc:42:10:b6:6e:b4:87:c1:66:0a:87:d1:3b:
10:28:12:bc:e7:29:a7:52:95:20:da:e7:e3:7d:95:
1b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:6B:CD:B8:1A:48:CA:B7:84:B8:27:0B:28:39:17:68:1B:E8:3D:59
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/lWvNuBpIyreEuCcLKDkXaBvoPVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
185.17.0.0/24
185.106.94.0/24
185.112.83.0/24
185.174.136.0/23
185.229.65.0-185.229.66.255
IPv6:
2a0e:d602::/47
2a0e:d606::/48
2a0e:d607::/48
Signature Algorithm: sha256WithRSAEncryption
06:0b:40:35:b8:6a:6a:e6:c0:f2:2a:d3:67:b9:96:d8:f3:e0:
d8:a8:93:de:ae:dc:58:ba:40:fb:29:f8:bc:0c:c5:19:96:d7:
19:cc:22:08:08:89:7d:35:7b:3e:04:4b:e5:a6:70:6b:8b:d3:
a2:ea:91:93:30:3d:a0:13:0e:11:b8:fe:c8:54:1c:ee:1a:de:
d0:7b:59:bc:fd:d0:25:32:a8:2c:37:d1:8e:c9:b6:b0:36:fe:
e6:f5:90:ef:f7:86:78:2a:1e:97:98:dc:d4:b7:63:33:19:d0:
e5:cd:09:a8:a9:dc:ff:ce:04:02:9d:ab:2f:0b:1a:e4:28:cb:
f7:35:67:0c:a3:06:d2:30:0e:9f:cd:b0:43:7a:f6:8d:b2:08:
d1:74:b1:04:0f:fd:b8:ac:a1:e3:7f:f1:f3:83:79:55:80:61:
07:ce:f1:1e:3e:46:49:75:07:40:68:3d:ed:8f:7d:04:25:28:
54:2a:70:9b:00:ef:31:42:b3:d8:ca:14:15:89:98:5c:aa:db:
2b:d9:03:bd:ff:4b:43:3f:54:cc:6c:86:6d:14:59:29:b8:dc:
c5:5b:e8:23:31:b7:1e:aa:cf:ab:5f:81:75:ad:91:ad:c0:3b:
6d:31:70:00:c1:df:84:c7:a4:24:ec:64:83:86:2a:fc:dd:91:
4c:1e:f8:3d
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYVETMwqwUnyyt68lUkb0mcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIxMjI0MTMyMjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTZiY2RiODFhNDhjYWI3ODRiODI3MGIyODM5MTc2ODFiZTgzZDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2l/Eneqhfq+IEIoNYeK8Vftj3ec
kR6yRHi9dxefl2JWRZHHey7X+JnhVKRiBmG39NisTAf6A3dCE3V2mGk33keHjt26
lRqZG3Hg8BkIRIazeGzR5pCsqgaV5zOQx+8B7ndWkSHtITatUI9Lgw4mTV2H4B2r
K9Wy3URGbGbFVW3RsONoIf0HVde6Oe1DtNb8/bFpJ7QpIAB6mcFv+EjB/Vigaoyq
H8wp/8FIKfrjscOXuAtwm3KMikHkj0bqNadaV3FtsvpsUYmTu2Q/1DGQcPY/LZOD
jkV+wuc9hM37B8V7TLxCELZutIfBZgqH0TsQKBK85ymnUpUg2ufjfZUbAwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFJVrzbgaSMq3hLgnCyg5F2gb6D1ZMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvbFd2TnVCcEl5cmVFdUNjTEtEa1hhQnZvUFZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA+BAIAATA4AwQABfx2AwQA
LYpKAwQALY56AwQAuREAAwQAuWpeAwQAuXBTAwQBua6IMAwDBAC55UEDBAC55UIw
IQQCAAIwGwMHASoO1gIAAAMHACoO1gYAAAMHACoO1gcAADANBgkqhkiG9w0BAQsF
AAOCAQEABgtANbhqaubA8irTZ7mW2PPg2KiT3q7cWLpA+yn4vAzFGZbXGcwiCAiJ
fTV7PgRL5aZwa4vTouqRkzA9oBMOEbj+yFQc7hre0HtZvP3QJTKoLDfRjsm2sDb+
5vWQ7/eGeCoel5jc1LdjMxnQ5c0JqKnc/84EAp2rLwsa5CjL9zVnDKMG0jAOn82w
Q3r2jbII0XSxBA/9uKyh43/x84N5VYBhB87xHj5GSXUHQGg97Y99BCUoVCpwmwDv
MUKz2MoUFYmYXKrbK9kDvf9LQz9UzGyGbRRZKbjcxVvoIzG3HqrPq1+Bda2RrcA7
bTFwAMHfhMekJOxkg4Yq/N2RTB74PQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org