Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/lNtO0_MqIE14LZMVeTzBKEefyOA.roa
File: lNtO0_MqIE14LZMVeTzBKEefyOA.roa (raw, json)
Hash identifier: F+B0S1oRAYnTWsKsHd8HoTE964xs/d1fTY2Fyq4SRX0=
Subject key identifier: 94:DB:4E:D3:F3:2A:20:4D:78:2D:93:15:79:3C:C1:28:47:9F:C8:E0
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 393CCD57
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/lNtO0_MqIE14LZMVeTzBKEefyOA.roa
Signing time: Sat 01 Jan 2022 03:52:56 +0000
ROA not before: Sat 01 Jan 2022 03:52:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8581
IP address blocks: 195.130.112.0/21 maxlen: 21
195.251.192.0/21 maxlen: 21
195.130.120.0/23 maxlen: 23
195.251.200.0/23 maxlen: 23
194.177.199.0/24 maxlen: 24
83.212.184.0/21 maxlen: 21
83.212.192.0/21 maxlen: 21
195.130.74.0/24 maxlen: 24
195.130.72.0/23 maxlen: 23
2001:648:2e01::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 960286039 (0x393ccd57)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 03:52:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94db4ed3f32a204d782d9315793cc128479fc8e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:78:36:71:68:9d:ee:7e:1f:46:12:51:0b:f2:
db:30:fa:83:2c:63:c8:65:15:31:d0:5f:8e:d9:92:
52:b1:e7:33:a7:33:94:11:95:04:26:ef:59:3f:d0:
3f:f2:57:d6:79:95:a0:52:81:09:dc:7f:d2:d9:3c:
71:fd:0a:f6:54:15:dc:32:5b:b2:58:15:08:aa:60:
a0:5b:ba:33:7f:27:2a:3f:13:c0:38:7c:31:a0:62:
26:b6:32:98:e6:91:60:78:b9:de:8c:a0:3e:d5:b5:
7a:d3:e8:20:d0:97:14:97:88:04:da:ff:45:fb:a0:
f3:0c:16:03:d7:97:63:6e:52:04:0b:d9:98:3b:a3:
23:5b:50:0a:a5:f1:b9:32:ef:b5:eb:0e:85:b5:79:
bf:7e:67:67:86:44:51:9f:33:e2:37:06:b9:59:71:
82:4b:e6:fe:0c:64:78:a7:6f:e4:33:c1:08:ff:6a:
c0:f6:49:ea:0a:4e:6a:b6:75:58:0a:d0:c3:5d:cd:
a6:5c:71:2b:17:f1:08:e3:d0:25:64:e5:15:1c:59:
d2:26:f0:00:32:c5:1a:e2:42:e7:fa:9e:2e:35:ec:
83:ed:7d:e6:9d:a7:d2:f5:92:f2:3c:5e:95:a5:47:
c7:40:46:fa:47:d4:7a:1c:7e:bd:4e:0b:1b:81:d3:
6e:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:DB:4E:D3:F3:2A:20:4D:78:2D:93:15:79:3C:C1:28:47:9F:C8:E0
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/lNtO0_MqIE14LZMVeTzBKEefyOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.212.184.0-83.212.199.255
194.177.199.0/24
195.130.72.0-195.130.74.255
195.130.112.0-195.130.121.255
195.251.192.0-195.251.201.255
IPv6:
2001:648:2e01::/48
Signature Algorithm: sha256WithRSAEncryption
74:ed:4e:b3:ec:cb:ea:64:54:47:1a:8b:1c:bc:c9:2a:39:92:
10:c7:87:31:2b:95:5f:61:e6:18:07:74:60:68:fd:0f:70:8a:
21:6c:5c:eb:5a:0c:5e:26:b4:f7:c1:e3:c4:3f:a5:58:90:e9:
29:67:cb:20:78:28:48:7e:72:01:e5:7f:50:76:cd:1e:cc:62:
cf:9f:33:b2:fa:7e:ea:c6:bb:3e:97:05:ec:f4:d8:8b:23:90:
b4:bc:27:1a:53:95:75:82:75:5f:c1:60:46:92:87:6c:40:0c:
24:40:0d:72:7d:3d:3a:47:9c:af:35:f2:c2:c4:55:9f:79:49:
27:39:a4:a2:2d:0b:7b:e8:ac:81:20:ae:46:0c:ea:fe:b4:b3:
ba:1a:c2:41:7b:22:e8:ca:a3:1f:b3:e7:da:93:5f:ce:51:1a:
a0:f6:60:f0:62:90:14:c0:a2:8b:8b:25:0a:28:7c:8c:6d:ab:
59:54:27:c4:e9:e7:45:e8:79:8f:04:b6:6b:16:14:b7:90:c9:
e4:3c:8f:09:a0:94:1e:34:19:04:ff:0d:7d:64:91:7f:44:de:
f3:9b:7e:55:80:c2:30:da:c1:4b:49:28:d3:52:c3:bf:3c:21:
48:39:6a:89:cb:e3:36:7a:36:cd:e3:d4:e0:57:c3:18:f3:59:
6e:16:30:36
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgIEOTzNVzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTZmOTI5NTUyMWRmMzBhMTU4ZjUwNmJhN2NiODczYWI5NTI5ZGMzMB4XDTIyMDEw
MTAzNTI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRkYjRlZDNmMzJh
MjA0ZDc4MmQ5MzE1NzkzY2MxMjg0NzlmYzhlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJl4NnFone5+H0YSUQvy2zD6gyxjyGUVMdBfjtmSUrHnM6cz
lBGVBCbvWT/QP/JX1nmVoFKBCdx/0tk8cf0K9lQV3DJbslgVCKpgoFu6M38nKj8T
wDh8MaBiJrYymOaRYHi53oygPtW1etPoINCXFJeIBNr/Rfug8wwWA9eXY25SBAvZ
mDujI1tQCqXxuTLvtesOhbV5v35nZ4ZEUZ8z4jcGuVlxgkvm/gxkeKdv5DPBCP9q
wPZJ6gpOarZ1WArQw13NplxxKxfxCOPQJWTlFRxZ0ibwADLFGuJC5/qeLjXsg+19
5p2n0vWS8jxelaVHx0BG+kfUehx+vU4LG4HTbrMCAwEAAaOCAlIwggJOMB0GA1Ud
DgQWBBSU207T8yogTXgtkxV5PMEoR5/I4DAfBgNVHSMEGDAWgBRab5KVUh3zChWP
UGuny4c6uVKdwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dtLVNsVklkOHdvVmoxQnJwOHVIT3JsU25jTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8x
L2xOdE8wX01xSUUxNExaTVZlVHpCS0VlZnlPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTlmOTNiLWJlMzEtNDVjZi1hYTdlLWFhYTQ1NTNkMmFiZC8xL1dtLVNsVklkOHdv
VmoxQnJwOHVIT3JsU25jTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBo
BggrBgEFBQcBBwEB/wRZMFcwRAQCAAEwPjAMAwQDU9S4AwQDU9TAAwQAwrHHMAwD
BAPDgkgDBADDgkowDAMEBMOCcAMEAcOCeDAMAwQGw/vAAwQBw/vIMA8EAgACMAkD
BwAgAQZILgEwDQYJKoZIhvcNAQELBQADggEBAHTtTrPsy+pkVEcaixy8ySo5khDH
hzErlV9h5hgHdGBo/Q9wiiFsXOtaDF4mtPfB48Q/pViQ6SlnyyB4KEh+cgHlf1B2
zR7MYs+fM7L6furGuz6XBez02IsjkLS8JxpTlXWCdV/BYEaSh2xADCRADXJ9PTpH
nK818sLEVZ95SSc5pKItC3vorIEgrkYM6v60s7oawkF7IujKox+z59qTX85RGqD2
YPBikBTAoouLJQoofIxtq1lUJ8Tp50XoeY8EtmsWFLeQyeQ8jwmglB40GQT/DX1k
kX9E3vObflWAwjDawUtJKNNSw788IUg5aonL4zZ6Ns3j1OBXwxjzWW4WMDY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:45 2025 by rpki-client