Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/LHZeV3LpcNTThlSpjS5Bg3kda-k.roa
File: LHZeV3LpcNTThlSpjS5Bg3kda-k.roa (raw, json)
Hash identifier: dK8kj6Jw/XaolLOmGPgVXDAlkQIJKRARVucQhKdRqTM=
Subject key identifier: 2C:76:5E:57:72:E9:70:D4:D3:86:54:A9:8D:2E:41:83:79:1D:6B:E9
Certificate issuer: /CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Certificate serial: 090DA8BF
Authority key identifier: 41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/LHZeV3LpcNTThlSpjS5Bg3kda-k.roa
Signing time: Sat 01 Jan 2022 15:04:08 +0000
ROA not before: Sat 01 Jan 2022 15:04:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44718
IP address blocks: 89.252.245.0/24 maxlen: 24
89.252.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 151890111 (0x90da8bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4104a40821c4176cc42e255ef6c1727473c3f00a
Validity
Not Before: Jan 1 15:04:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c765e5772e970d4d38654a98d2e4183791d6be9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:99:38:21:f2:24:88:e0:55:85:2a:fe:13:3f:
ff:e3:6c:51:0d:9c:6c:4e:3f:95:0d:ba:f8:3f:ae:
2f:b2:e0:8c:d5:68:8e:92:8d:88:f6:d7:48:1e:6e:
d7:d8:65:a7:b7:05:20:84:74:cf:38:1b:e7:9f:1d:
40:c0:cb:08:3d:6c:ec:75:37:c7:5d:b4:df:48:1b:
4e:86:8e:47:1e:ff:8a:6d:84:0a:8f:71:96:81:d5:
7a:e5:6f:df:c9:3a:c6:28:3a:cf:a0:05:56:7f:ef:
29:38:e2:d9:71:96:dc:da:9c:17:a9:8a:6c:e5:b0:
10:51:a3:df:bf:36:f6:d9:01:88:ed:53:fe:81:41:
c7:3d:15:ea:a9:69:25:6f:d1:74:47:c0:fb:f0:58:
b1:5d:e0:1f:03:eb:4f:bd:82:79:82:e5:3e:e4:fe:
77:d7:7f:2d:96:eb:d6:e8:f3:d8:47:6c:f6:bf:5f:
2f:b4:e5:1d:bb:ba:1b:c7:e9:a5:b5:36:43:ea:3e:
34:47:ea:42:8b:18:0f:6b:f7:ce:73:3b:21:f8:a9:
70:4e:53:4f:79:6f:53:7c:32:f3:d8:2a:bf:dc:89:
34:6f:fc:a4:2a:4f:68:79:e6:42:bc:a2:93:62:01:
63:bb:c6:09:d7:c9:42:0f:25:21:8c:20:7b:b8:1f:
5e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:76:5E:57:72:E9:70:D4:D3:86:54:A9:8D:2E:41:83:79:1D:6B:E9
X509v3 Authority Key Identifier:
keyid:41:04:A4:08:21:C4:17:6C:C4:2E:25:5E:F6:C1:72:74:73:C3:F0:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QQSkCCHEF2zELiVe9sFydHPD8Ao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/LHZeV3LpcNTThlSpjS5Bg3kda-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/969962-12d3-41b2-ab43-b27d6e278e18/1/QQSkCCHEF2zELiVe9sFydHPD8Ao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.244.0/23
Signature Algorithm: sha256WithRSAEncryption
17:92:01:7f:41:c8:3b:6f:74:2d:9d:bf:c8:a4:67:cc:ab:15:
79:9a:bb:7e:6e:a7:82:ad:f6:24:9b:2d:94:72:cf:7b:db:07:
5f:cf:f4:f0:d7:72:54:f1:6f:a4:a7:0f:da:02:cd:91:1c:d1:
1e:c9:52:0c:59:5f:de:f0:c7:e0:5f:a9:2e:af:2b:f7:ea:2d:
64:31:4b:af:59:c9:ae:c1:7e:64:16:49:46:f6:1c:9f:78:2e:
06:ce:4f:2e:bb:74:90:13:f4:13:b9:e5:62:7e:c8:ff:d9:01:
2a:e5:96:5f:3b:5b:70:dc:52:b7:c8:23:92:ff:9b:80:b4:1a:
b8:a0:f3:80:79:71:9d:96:59:59:3a:1e:b3:5b:31:0e:8f:8a:
95:16:f8:78:8d:4b:b3:b3:15:3e:5b:ce:58:9b:ed:bf:32:55:
65:94:cf:26:32:cc:05:9e:c3:53:b5:e7:cc:43:77:4f:43:d5:
52:18:21:b2:ec:93:6e:1c:43:56:17:b0:8d:13:dc:68:72:b3:
96:46:69:0e:8a:3f:de:9b:cc:c4:63:75:40:1a:e6:33:f7:94:
c7:7b:6a:69:3f:50:00:1a:7d:2f:87:e0:02:07:8a:86:9e:b4:
89:9a:d2:38:4b:8f:3e:35:be:47:ab:47:e3:c0:86:c7:b4:1f:
3b:75:63:20
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECQ2ovzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTA0YTQwODIxYzQxNzZjYzQyZTI1NWVmNmMxNzI3NDczYzNmMDBhMB4XDTIyMDEw
MTE1MDQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmM3NjVlNTc3MmU5
NzBkNGQzODY1NGE5OGQyZTQxODM3OTFkNmJlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSZOCHyJIjgVYUq/hM//+NsUQ2cbE4/lQ26+D+uL7LgjNVo
jpKNiPbXSB5u19hlp7cFIIR0zzgb558dQMDLCD1s7HU3x12030gbToaORx7/im2E
Co9xloHVeuVv38k6xig6z6AFVn/vKTji2XGW3NqcF6mKbOWwEFGj37829tkBiO1T
/oFBxz0V6qlpJW/RdEfA+/BYsV3gHwPrT72CeYLlPuT+d9d/LZbr1ujz2Eds9r9f
L7TlHbu6G8fppbU2Q+o+NEfqQosYD2v3znM7IfipcE5TT3lvU3wy89gqv9yJNG/8
pCpPaHnmQryik2IBY7vGCdfJQg8lIYwge7gfXm0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsdl5Xculw1NOGVKmNLkGDeR1r6TAfBgNVHSMEGDAWgBRBBKQIIcQXbMQu
JV72wXJ0c8PwCjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FRU2tDQ0hFRjJ6RUxpVmU5c0Z5ZEhQRDhBby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2EvOTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8x
L0xIWmVWM0xwY05UVGhsU3BqUzVCZzNrZGEtay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Ev
OTY5OTYyLTEyZDMtNDFiMi1hYjQzLWIyN2Q2ZTI3OGUxOC8xL1FRU2tDQ0hFRjJ6
RUxpVmU5c0Z5ZEhQRDhBby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAVn89DANBgkqhkiG9w0BAQsFAAOC
AQEAF5IBf0HIO290LZ2/yKRnzKsVeZq7fm6ngq32JJstlHLPe9sHX8/08NdyVPFv
pKcP2gLNkRzRHslSDFlf3vDH4F+pLq8r9+otZDFLr1nJrsF+ZBZJRvYcn3guBs5P
Lrt0kBP0E7nlYn7I/9kBKuWWXztbcNxSt8gjkv+bgLQauKDzgHlxnZZZWToes1sx
Do+KlRb4eI1Ls7MVPlvOWJvtvzJVZZTPJjLMBZ7DU7XnzEN3T0PVUhghsuyTbhxD
VhewjRPcaHKzlkZpDoo/3pvMxGN1QBrmM/eUx3tqaT9QABp9L4fgAgeKhp60iZrS
OEuPPjW+R6tH48CGx7QfO3VjIA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:19 2024 by rpki-client on console-ams.rpki-client.org