Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/l1gDCaaufBKlIEJ_klHmdkbP_xc.roa
File: l1gDCaaufBKlIEJ_klHmdkbP_xc.roa (raw, json)
Hash identifier: JxoWMFqBVCUJF2QN3NvgTb9y7Fjy+typigwo8C89stk=
Subject key identifier: 97:58:03:09:A6:AE:7C:12:A5:20:42:7F:92:51:E6:76:46:CF:FF:17
Certificate issuer: /CN=d897faea94815e0520b46f185c3ebec29b376ef0
Certificate serial: 36592E
Authority key identifier: D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/l1gDCaaufBKlIEJ_klHmdkbP_xc.roa
Signing time: Fri 10 Jun 2022 08:42:02 +0000
ROA not before: Fri 10 Jun 2022 08:42:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212882
IP address blocks: 95.130.188.0/22 maxlen: 22
91.237.218.0/24 maxlen: 24
185.14.110.0/24 maxlen: 24
185.14.111.0/24 maxlen: 24
185.14.108.0/24 maxlen: 24
185.14.109.0/24 maxlen: 24
95.130.184.0/22 maxlen: 23
95.130.186.0/23 maxlen: 23
2a03:ac40:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3561774 (0x36592e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d897faea94815e0520b46f185c3ebec29b376ef0
Validity
Not Before: Jun 10 08:42:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97580309a6ae7c12a520427f9251e67646cfff17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f3:82:60:7b:41:a8:64:9b:62:7b:5e:b5:dd:
40:69:08:26:68:53:40:56:97:33:19:75:41:bf:41:
16:13:3a:3e:74:90:8d:79:c3:84:4a:b5:d6:31:89:
58:e3:6c:54:9e:bd:9a:95:31:53:6c:cd:8b:e8:e3:
11:5e:2e:f7:76:37:c1:e8:d9:b4:22:4c:ba:2b:3e:
8c:db:33:11:75:1d:05:a3:33:30:15:b9:7c:4b:38:
99:30:1f:ce:a5:5e:1f:49:dd:75:60:28:df:ca:e4:
02:c2:0f:07:08:d8:82:6d:b0:31:f3:d3:92:56:9a:
25:59:22:3f:c5:bb:63:12:b2:14:75:b5:ff:a7:53:
40:1d:eb:d5:7e:74:c4:ef:f3:80:e6:55:c1:0d:41:
70:97:2d:e9:a3:1d:4a:02:5f:ee:bc:f7:da:a6:ac:
95:85:32:cf:10:fb:5f:a8:39:c5:55:06:15:fa:64:
c0:4d:f2:5e:56:42:2f:db:f6:1e:c9:05:ae:2f:3f:
7a:2a:47:55:6b:9e:7b:0d:2a:7c:a3:9c:a6:22:91:
db:24:3c:9d:f3:36:fa:33:09:b4:4b:85:12:e3:e6:
4c:e7:cb:22:2d:c2:90:d3:42:ec:ae:c2:b0:9a:96:
de:ea:25:6c:3c:19:69:3b:bd:2d:7d:b5:e8:86:d5:
14:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:58:03:09:A6:AE:7C:12:A5:20:42:7F:92:51:E6:76:46:CF:FF:17
X509v3 Authority Key Identifier:
keyid:D8:97:FA:EA:94:81:5E:05:20:B4:6F:18:5C:3E:BE:C2:9B:37:6E:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Jf66pSBXgUgtG8YXD6-wps3bvA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/l1gDCaaufBKlIEJ_klHmdkbP_xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/76a216-cae7-4886-8e77-c813ce0f5e47/1/2Jf66pSBXgUgtG8YXD6-wps3bvA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.218.0/24
95.130.184.0/21
185.14.108.0/22
IPv6:
2a03:ac40:1::/48
Signature Algorithm: sha256WithRSAEncryption
ba:a0:09:19:b2:91:a1:d4:2b:e1:0c:0a:5c:85:5c:2b:20:3a:
0e:9d:d1:82:ed:4f:c3:19:c1:6c:59:fc:c1:9c:44:07:6b:3d:
e8:e3:cb:ac:e3:72:5f:e6:07:e2:da:cc:cf:4f:36:9e:03:19:
d1:49:88:0c:fb:bf:a9:15:b9:15:0e:b0:4a:ee:5b:55:91:d7:
36:de:15:bf:4a:00:5b:c8:b8:a2:e3:fa:35:ca:f4:8d:93:d8:
fe:06:c5:bc:88:eb:a0:4c:7b:59:8a:34:16:0d:b6:04:0b:c9:
63:bb:e0:bd:d5:ff:54:88:35:ae:28:22:c7:41:48:08:0f:fb:
f2:7a:b1:00:ba:bb:95:f4:f1:16:60:61:fd:db:72:db:23:c7:
6c:5e:22:c7:0c:f3:59:41:09:4d:ac:7f:f6:0e:fe:05:6a:bb:
10:58:58:3d:0f:d0:d4:19:30:98:94:eb:a7:4d:16:8a:f7:6a:
b6:41:fd:60:c6:7a:71:ec:ed:cd:5a:12:95:aa:76:95:22:af:
9a:99:04:8c:3d:13:64:1e:b2:3d:7e:a7:f3:24:ab:3f:b6:c1:
32:cc:65:ec:00:62:21:40:a5:24:61:30:8a:80:f9:fc:28:f4:
1b:fa:24:5c:4b:70:e0:f2:5f:e2:15:98:3a:32:50:90:00:26:
f3:05:a5:15
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIDNlkuMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
OTdmYWVhOTQ4MTVlMDUyMGI0NmYxODVjM2ViZWMyOWIzNzZlZjAwHhcNMjIwNjEw
MDg0MjAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NzU4MDMwOWE2YWU3
YzEyYTUyMDQyN2Y5MjUxZTY3NjQ2Y2ZmZjE3MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArvOCYHtBqGSbYntetd1AaQgmaFNAVpczGXVBv0EWEzo+dJCN
ecOESrXWMYlY42xUnr2alTFTbM2L6OMRXi73djfB6Nm0Iky6Kz6M2zMRdR0FozMw
Fbl8SziZMB/OpV4fSd11YCjfyuQCwg8HCNiCbbAx89OSVpolWSI/xbtjErIUdbX/
p1NAHevVfnTE7/OA5lXBDUFwly3pox1KAl/uvPfapqyVhTLPEPtfqDnFVQYV+mTA
TfJeVkIv2/YeyQWuLz96KkdVa557DSp8o5ymIpHbJDyd8zb6Mwm0S4US4+ZM58si
LcKQ00LsrsKwmpbe6iVsPBlpO70tfbXohtUUbwIDAQABo4ICJjCCAiIwHQYDVR0O
BBYEFJdYAwmmrnwSpSBCf5JR5nZGz/8XMB8GA1UdIwQYMBaAFNiX+uqUgV4FILRv
GFw+vsKbN27wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MkpmNjZwU0JYZ1VndEc4WVhENi13cHMzYnZBLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9jOC83NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEv
bDFnRENhYXVmQktsSUVKX2tsSG1ka2JQX3hjLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC83
NmEyMTYtY2FlNy00ODg2LThlNzctYzgxM2NlMGY1ZTQ3LzEvMkpmNjZwU0JYZ1Vn
dEc4WVhENi13cHMzYnZBLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDwG
CCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAW+3aAwQDX4K4AwQCuQ5sMA8EAgAC
MAkDBwAqA6xAAAEwDQYJKoZIhvcNAQELBQADggEBALqgCRmykaHUK+EMClyFXCsg
Og6d0YLtT8MZwWxZ/MGcRAdrPejjy6zjcl/mB+LazM9PNp4DGdFJiAz7v6kVuRUO
sEruW1WR1zbeFb9KAFvIuKLj+jXK9I2T2P4GxbyI66BMe1mKNBYNtgQLyWO74L3V
/1SINa4oIsdBSAgP+/J6sQC6u5X08RZgYf3bctsjx2xeIscM81lBCU2sf/YO/gVq
uxBYWD0P0NQZMJiU66dNFor3arZB/WDGenHs7c1aEpWqdpUir5qZBIw9E2Qesj1+
p/Mkqz+2wTLMZewAYiFApSRhMIqA+fwo9Bv6JFxLcODyX+IVmDoyUJAAJvMFpRU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:46 2024 by rpki-client on console-ams.rpki-client.org