Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lgqKjNeHEx3uWhhrOe1Isp7534w.roa
File: lgqKjNeHEx3uWhhrOe1Isp7534w.roa (raw, json)
Hash identifier: awV2TKKNSLMxEJ1WNWwjIbEgbAtX6znP64B/Usr7IT4=
Subject key identifier: 96:0A:8A:8C:D7:87:13:1D:EE:5A:18:6B:39:ED:48:B2:9E:F9:DF:8C
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185347748D8F08178EB6A06E0EC01118437
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lgqKjNeHEx3uWhhrOe1Isp7534w.roa
Signing time: Wed 21 Dec 2022 11:35:10 +0000
ROA not before: Wed 21 Dec 2022 11:35:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48146
IP address blocks: 185.240.22.0/24 maxlen: 24
185.240.23.0/24 maxlen: 24
185.240.20.0/23 maxlen: 24
194.36.104.0/22 maxlen: 24
185.209.8.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:77:48:d8:f0:81:78:eb:6a:06:e0:ec:01:11:84:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 21 11:35:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=960a8a8cd787131dee5a186b39ed48b29ef9df8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:bb:06:8b:6e:5c:75:05:b0:92:1b:6b:96:dd:
a3:b1:fd:d8:ae:42:1b:7e:e1:be:56:09:a0:5c:9f:
cc:a8:b5:13:28:95:b0:21:48:d4:97:23:2c:dd:9e:
48:36:56:5b:3b:e4:e4:31:82:71:70:0b:d6:ff:88:
19:81:ac:33:f8:34:3f:98:6d:8d:da:90:b5:8e:27:
28:5b:cb:47:c9:d6:70:b8:9a:18:64:e6:53:5e:b1:
9a:2c:6c:21:d6:e1:94:4c:2b:8a:e1:1d:e7:38:3e:
ea:8c:42:ed:52:d3:6b:af:20:21:56:ef:e4:ad:36:
71:1d:a2:09:7f:93:77:2a:71:28:26:d7:20:75:b1:
21:2c:8d:31:26:69:0f:e9:ec:d3:6f:83:2a:92:df:
d7:1c:bd:3d:bb:42:0a:27:ed:5d:03:a7:b5:00:72:
3d:c7:14:4a:20:90:dd:c8:d7:5c:d9:55:ea:68:a3:
bd:61:19:1c:e0:42:f9:a8:d1:96:32:d9:b2:4c:32:
4e:7d:59:f5:d6:89:4c:24:9d:be:15:22:b6:a6:f8:
84:7f:88:84:a7:1e:2b:fe:9c:d8:7f:a4:e1:1d:12:
fa:e4:20:d5:27:5f:75:b0:60:9f:48:d6:83:35:8a:
95:53:56:7d:94:59:01:50:46:67:8b:14:4c:5f:88:
35:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0A:8A:8C:D7:87:13:1D:EE:5A:18:6B:39:ED:48:B2:9E:F9:DF:8C
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/lgqKjNeHEx3uWhhrOe1Isp7534w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.209.8.0/22
185.240.20.0/22
194.36.104.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:b9:c6:46:b2:e2:86:51:c6:03:2f:cb:9a:b1:d0:c9:61:3d:
ea:ea:21:31:54:3c:7b:83:56:28:e2:1c:58:c6:1f:44:7b:c9:
34:c9:5d:3f:3a:71:15:12:9b:0b:91:db:1a:08:a4:6f:90:85:
64:b8:16:ff:69:6c:b9:84:cb:c2:ab:8b:89:88:5e:9b:71:84:
6e:3f:a4:e4:b4:0a:a3:bb:7c:7c:08:a8:af:9c:94:ce:53:e2:
fe:82:d1:ca:9a:8b:fc:ef:b0:98:fb:3b:56:a1:04:45:c7:b8:
6d:2a:dd:35:35:00:96:14:08:be:3f:95:6f:18:2b:b8:d1:9e:
11:13:9e:a3:2b:d8:42:b7:a8:4c:ed:47:4a:f0:cc:a7:85:8c:
3e:99:c4:f1:09:5c:ba:dd:9f:a0:82:f2:ef:ac:b2:18:c6:fb:
7e:2f:cd:04:46:8e:ee:1c:30:55:57:18:6e:30:95:c3:2d:65:
9a:9b:b7:69:63:52:07:6b:1f:92:42:ed:5e:29:a6:08:0b:7d:
fc:7b:b5:55:38:fa:17:62:4a:83:43:ae:00:c9:5e:28:1d:ed:
e3:73:57:4c:37:37:38:8a:e4:09:46:fe:75:78:0c:73:be:de:
f2:44:0b:ab:2f:a7:b2:db:c5:fc:c2:a3:14:f3:35:b7:d5:b7:
99:88:06:db
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYU0d0jY8IF462oG4OwBEYQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjIxMTEzNTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBhOGE4Y2Q3ODcxMzFkZWU1YTE4NmIzOWVkNDhiMjllZjlkZjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7sGi25cdQWwkhtrlt2jsf3YrkIb
fuG+VgmgXJ/MqLUTKJWwIUjUlyMs3Z5INlZbO+TkMYJxcAvW/4gZgawz+DQ/mG2N
2pC1jicoW8tHydZwuJoYZOZTXrGaLGwh1uGUTCuK4R3nOD7qjELtUtNrryAhVu/k
rTZxHaIJf5N3KnEoJtcgdbEhLI0xJmkP6ezTb4Mqkt/XHL09u0IKJ+1dA6e1AHI9
xxRKIJDdyNdc2VXqaKO9YRkc4EL5qNGWMtmyTDJOfVn11olMJJ2+FSK2pviEf4iE
px4r/pzYf6ThHRL65CDVJ191sGCfSNaDNYqVU1Z9lFkBUEZnixRMX4g1WwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJYKiozXhxMd7loYazntSLKe+d+MMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvbGdxS2pOZUhFeDN1V2hock9lMUlzcDc1MzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCudEIAwQC
ufAUAwQCwiRoMA0GCSqGSIb3DQEBCwUAA4IBAQB+ucZGsuKGUcYDL8uasdDJYT3q
6iExVDx7g1Yo4hxYxh9Ee8k0yV0/OnEVEpsLkdsaCKRvkIVkuBb/aWy5hMvCq4uJ
iF6bcYRuP6TktAqju3x8CKivnJTOU+L+gtHKmov877CY+ztWoQRFx7htKt01NQCW
FAi+P5VvGCu40Z4RE56jK9hCt6hM7UdK8MynhYw+mcTxCVy63Z+ggvLvrLIYxvt+
L80ERo7uHDBVVxhuMJXDLWWam7dpY1IHax+SQu1eKaYIC338e7VVOPoXYkqDQ64A
yV4oHe3jc1dMNzc4iuQJRv51eAxzvt7yRAurL6ey28X8wqMU8zW31beZiAbb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:37 2024 by rpki-client on console-fra.rpki-client.org