Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/LF8hWbL4faYpTVDmSOoOH3BBxGs.roa
File: LF8hWbL4faYpTVDmSOoOH3BBxGs.roa (raw, json)
Hash identifier: w1mMUq1fcL39OBZUkc6pNyg59mmgEDDGUaD5B0qq4VM=
Subject key identifier: 2C:5F:21:59:B2:F8:7D:A6:29:4D:50:E6:48:EA:0E:1F:70:41:C4:6B
Certificate issuer: /CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Certificate serial: 048C1A08
Authority key identifier: 01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/LF8hWbL4faYpTVDmSOoOH3BBxGs.roa
Signing time: Sat 01 Jan 2022 14:59:05 +0000
ROA not before: Sat 01 Jan 2022 14:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50785
IP address blocks: 185.128.172.0/22 maxlen: 22
81.18.16.0/20 maxlen: 21
185.152.224.0/22 maxlen: 22
5.144.40.0/21 maxlen: 21
2a06:d040::/29 maxlen: 29
2a02:d38::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76290568 (0x48c1a08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01bfe882d13e803fc194373ea40d8a5a9e69f304
Validity
Not Before: Jan 1 14:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c5f2159b2f87da6294d50e648ea0e1f7041c46b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fb:16:b1:73:d9:64:fd:48:93:36:d8:94:49:
b8:cb:75:63:1c:c1:9b:d2:2b:fd:66:21:c7:03:55:
bb:87:d2:d2:9c:63:97:b9:20:9a:f3:5c:6e:0f:0e:
ee:34:82:40:e8:5c:0c:c7:19:a9:64:d6:e1:a6:50:
72:9e:f5:5f:6a:dd:2e:ce:ac:2f:26:28:d2:ee:31:
a3:e2:e0:63:22:50:6b:31:16:2b:23:d4:9a:65:c5:
db:bf:e3:df:a4:d8:82:79:8e:c9:83:0e:d2:0c:c3:
17:91:06:b0:96:cd:7d:bc:d6:7c:3a:81:1a:5b:c8:
75:d5:0f:5e:40:01:46:3b:5f:ce:1b:77:08:14:db:
e9:57:bd:d6:5c:d9:fb:c3:46:52:5a:76:24:2e:7b:
4c:65:f5:aa:eb:69:22:9e:07:45:9b:2a:7e:01:6a:
41:ed:9d:f8:6d:af:0f:6f:81:17:0d:10:e3:c5:38:
b0:1f:91:19:ce:15:6f:e4:59:6d:41:65:74:3a:82:
35:24:be:c9:b1:a5:36:bf:b1:e0:1d:d7:70:15:d3:
a1:50:bb:3a:c4:c8:aa:f2:00:93:87:90:f2:ce:b0:
66:d6:af:3e:09:da:f6:0e:84:4d:7d:eb:66:cd:34:
51:02:e8:c5:84:56:01:59:c3:1f:f3:87:ca:59:0a:
90:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:5F:21:59:B2:F8:7D:A6:29:4D:50:E6:48:EA:0E:1F:70:41:C4:6B
X509v3 Authority Key Identifier:
keyid:01:BF:E8:82:D1:3E:80:3F:C1:94:37:3E:A4:0D:8A:5A:9E:69:F3:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/LF8hWbL4faYpTVDmSOoOH3BBxGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/66c08a-ee59-4771-a8f2-2a55399a80b0/1/Ab_ogtE-gD_BlDc-pA2KWp5p8wQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.40.0/21
81.18.16.0/20
185.128.172.0/22
185.152.224.0/22
IPv6:
2a02:d38::/29
2a06:d040::/29
Signature Algorithm: sha256WithRSAEncryption
86:96:0e:62:03:ca:03:20:36:9e:34:2a:08:b9:65:a0:93:5e:
4b:8a:da:d2:38:d9:1a:91:c4:ac:1b:e1:02:4a:05:8d:95:67:
7e:00:84:2c:c2:be:24:d8:82:04:13:2a:49:c8:68:1a:dd:8d:
20:55:5d:85:53:53:77:5f:ad:78:e5:6b:17:c2:46:f5:27:8e:
c2:39:f2:cf:70:c7:10:18:87:e0:b8:08:af:70:b0:71:bf:b8:
5b:ff:c7:f5:8e:22:b5:82:c7:68:2f:8e:dc:f9:07:6b:84:2d:
da:17:06:c9:49:e7:11:47:6b:69:aa:fc:6b:b1:7b:3a:1f:80:
ae:2f:e1:f8:37:9b:22:35:d3:2d:8c:cf:82:53:fa:8c:82:0d:
fc:19:83:e2:95:a8:8d:fc:fc:97:56:ce:2e:49:26:93:f3:8a:
92:26:20:c4:20:7a:66:d7:d4:38:e0:32:84:3c:c7:1b:7f:07:
12:f8:19:4e:de:ca:f3:db:43:b5:ea:40:39:b1:ec:da:bd:b4:
35:5d:be:d4:3d:78:d4:bf:41:79:f6:a9:8b:80:93:20:04:92:
f0:6d:51:d7:c2:a0:0b:df:a2:3c:b2:2e:c1:a0:1c:dd:51:0e:
46:f5:e5:61:88:83:de:03:6e:08:05:85:ed:5f:2e:84:56:af:
2f:ec:85:d4
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIEBIwaCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWJmZTg4MmQxM2U4MDNmYzE5NDM3M2VhNDBkOGE1YTllNjlmMzA0MB4XDTIyMDEw
MTE0NTkwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM1ZjIxNTliMmY4
N2RhNjI5NGQ1MGU2NDhlYTBlMWY3MDQxYzQ2YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKP7FrFz2WT9SJM22JRJuMt1YxzBm9Ir/WYhxwNVu4fS0pxj
l7kgmvNcbg8O7jSCQOhcDMcZqWTW4aZQcp71X2rdLs6sLyYo0u4xo+LgYyJQazEW
KyPUmmXF27/j36TYgnmOyYMO0gzDF5EGsJbNfbzWfDqBGlvIddUPXkABRjtfzht3
CBTb6Ve91lzZ+8NGUlp2JC57TGX1qutpIp4HRZsqfgFqQe2d+G2vD2+BFw0Q48U4
sB+RGc4Vb+RZbUFldDqCNSS+ybGlNr+x4B3XcBXToVC7OsTIqvIAk4eQ8s6wZtav
Pgna9g6ETX3rZs00UQLoxYRWAVnDH/OHylkKkJMCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQsXyFZsvh9pilNUOZI6g4fcEHEazAfBgNVHSMEGDAWgBQBv+iC0T6AP8GU
Nz6kDYpanmnzBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FiX29ndEUtZ0RfQmxEYy1wQTJLV3A1cDh3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzcvNjZjMDhhLWVlNTktNDc3MS1hOGYyLTJhNTUzOTlhODBiMC8x
L0xGOGhXYkw0ZmFZcFRWRG1TT29PSDNCQnhHcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzcv
NjZjMDhhLWVlNTktNDc3MS1hOGYyLTJhNTUzOTlhODBiMC8xL0FiX29ndEUtZ0Rf
QmxEYy1wQTJLV3A1cDh3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAwWQKAMEBFESEAMEArmArAMEArmY
4DAUBAIAAjAOAwUDKgINOAMFAyoG0EAwDQYJKoZIhvcNAQELBQADggEBAIaWDmID
ygMgNp40Kgi5ZaCTXkuK2tI42RqRxKwb4QJKBY2VZ34AhCzCviTYggQTKknIaBrd
jSBVXYVTU3dfrXjlaxfCRvUnjsI58s9wxxAYh+C4CK9wsHG/uFv/x/WOIrWCx2gv
jtz5B2uELdoXBslJ5xFHa2mq/GuxezofgK4v4fg3myI10y2Mz4JT+oyCDfwZg+KV
qI38/JdWzi5JJpPzipImIMQgembX1DjgMoQ8xxt/BxL4GU7eyvPbQ7XqQDmx7Nq9
tDVdvtQ9eNS/QXn2qYuAkyAEkvBtUdfCoAvfojyyLsGgHN1RDkb15WGIg94DbggF
he1fLoRWry/shdQ=
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:42 2025 by rpki-client