Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/LzZ7U9VP5DSdbNMSYopmrOSQzi4.roa
File: LzZ7U9VP5DSdbNMSYopmrOSQzi4.roa (raw, json)
Hash identifier: ca1rGQLzM7wKZC+kVvkaRT2qd0IzEZMmYoJx4RHd3Ew=
Subject key identifier: 2F:36:7B:53:D5:4F:E4:34:9D:6C:D3:12:62:8A:66:AC:E4:90:CE:2E
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 01854F02CC644F9EAE3E3C062205E4234CA1
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/LzZ7U9VP5DSdbNMSYopmrOSQzi4.roa
Signing time: Mon 26 Dec 2022 15:17:41 +0000
ROA not before: Mon 26 Dec 2022 15:17:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43641
IP address blocks: 91.234.198.0/23 maxlen: 24
91.234.199.0/24 maxlen: 24
195.26.86.0/23 maxlen: 24
45.11.56.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4f:02:cc:64:4f:9e:ae:3e:3c:06:22:05:e4:23:4c:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Dec 26 15:17:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f367b53d54fe4349d6cd312628a66ace490ce2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:20:d0:7d:9f:e5:d7:e7:9b:c1:f0:7f:b9:96:
db:03:ec:bc:ca:e8:9b:e8:c5:ef:e9:31:8d:49:4a:
af:cb:e3:28:52:f6:aa:2b:86:f1:c0:40:d0:87:13:
07:a9:61:ab:da:61:da:ac:19:71:bf:49:0b:67:64:
cc:9b:88:83:92:5d:fc:41:c1:06:07:70:9b:0e:6f:
43:d1:f1:16:9c:e0:ac:a1:8e:b7:7d:27:2d:38:1c:
6e:49:98:ba:ff:16:a5:98:04:ff:ae:d0:7a:c0:69:
12:b1:d8:3a:f9:23:57:cc:eb:66:a9:f7:ab:f0:6f:
98:4b:e2:fd:8d:5c:79:f0:03:81:50:db:4d:3d:32:
f3:71:1d:23:25:fe:eb:7d:43:92:1f:71:51:47:dd:
d8:35:91:d9:a5:18:af:76:77:43:d4:11:94:0a:06:
50:82:31:93:7c:23:e0:fa:cd:7c:98:3c:ba:4e:77:
ee:73:4e:ed:98:69:46:ac:c4:3d:dc:27:7f:52:ab:
1f:43:cc:b7:47:54:d5:a3:b0:52:8f:be:80:45:98:
2c:07:02:a2:f3:7a:69:c8:8f:00:a5:04:35:ea:5f:
9f:74:93:93:ec:89:0c:30:70:e4:69:e9:4c:19:40:
39:52:bd:8a:7a:1b:8e:5d:c0:6f:ad:bc:7a:a7:82:
44:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:36:7B:53:D5:4F:E4:34:9D:6C:D3:12:62:8A:66:AC:E4:90:CE:2E
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/LzZ7U9VP5DSdbNMSYopmrOSQzi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
195.26.86.0/23
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
4b:62:7d:3f:9a:02:df:64:5e:40:81:eb:8d:1b:c6:ba:38:56:
3e:ea:a5:8d:5b:19:91:71:66:05:90:b2:7f:11:43:f4:20:33:
6f:64:de:24:ab:c9:df:34:1d:97:06:59:88:37:78:d5:e0:c8:
8d:23:88:55:ff:27:cd:75:f9:be:a4:67:00:08:53:53:24:e3:
54:7f:65:7b:50:ba:96:d6:51:29:ef:6c:2d:db:7b:e1:b9:8a:
e4:1b:54:d5:15:94:2f:81:30:dc:79:72:3e:55:84:91:6a:c9:
83:a2:1d:97:4d:e8:e4:df:b2:9e:33:6f:7b:be:e7:08:06:13:
9b:b5:18:f8:6f:6f:e8:f2:4d:2c:d0:95:7c:7a:0d:73:ab:21:
45:c2:6e:73:1c:29:5e:f4:3a:06:20:09:e4:cd:55:19:d9:ef:
73:0f:c8:5c:2c:ab:25:7f:63:ac:fc:bb:6d:db:40:bd:53:c0:
ea:78:74:b9:26:2c:15:39:a1:08:ab:49:44:aa:63:a6:24:5a:
89:13:d1:96:17:77:f1:d1:0b:15:4b:09:59:24:09:5f:e1:55:
ad:a6:ab:4c:79:7c:5e:e3:4e:4c:5d:1d:a1:ca:ae:47:01:af:
81:6d:79:4b:e1:8e:e6:d7:f9:ea:cf:1c:64:ae:2c:be:4d:58:
12:64:40:ea
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVPAsxkT56uPjwGIgXkI0yhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjIxMjI2MTUxNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjM2N2I1M2Q1NGZlNDM0OWQ2Y2QzMTI2MjhhNjZhY2U0OTBjZTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSDQfZ/l1+ebwfB/uZbbA+y8yuib
6MXv6TGNSUqvy+MoUvaqK4bxwEDQhxMHqWGr2mHarBlxv0kLZ2TMm4iDkl38QcEG
B3CbDm9D0fEWnOCsoY63fSctOBxuSZi6/xalmAT/rtB6wGkSsdg6+SNXzOtmqfer
8G+YS+L9jVx58AOBUNtNPTLzcR0jJf7rfUOSH3FRR93YNZHZpRivdndD1BGUCgZQ
gjGTfCPg+s18mDy6Tnfuc07tmGlGrMQ93Cd/UqsfQ8y3R1TVo7BSj76ARZgsBwKi
83ppyI8ApQQ16l+fdJOT7IkMMHDkaelMGUA5Ur2KehuOXcBvrbx6p4JEEwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFC82e1PVT+Q0nWzTEmKKZqzkkM4uMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvTHpaN1U5VlA1RFNkYk5NU1lvcG1yT1NRemk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALQs4AwQB
LYauAwQCW96sAwQBW+rGAwQBwxpWMA0EAgACMAcDBQAqCS3BMA0GCSqGSIb3DQEB
CwUAA4IBAQBLYn0/mgLfZF5AgeuNG8a6OFY+6qWNWxmRcWYFkLJ/EUP0IDNvZN4k
q8nfNB2XBlmIN3jV4MiNI4hV/yfNdfm+pGcACFNTJONUf2V7ULqW1lEp72wt23vh
uYrkG1TVFZQvgTDceXI+VYSRasmDoh2XTejk37KeM297vucIBhObtRj4b2/o8k0s
0JV8eg1zqyFFwm5zHCle9DoGIAnkzVUZ2e9zD8hcLKslf2Os/Ltt20C9U8DqeHS5
JiwVOaEIq0lEqmOmJFqJE9GWF3fx0QsVSwlZJAlf4VWtpqtMeXxe405MXR2hyq5H
Aa+BbXlL4Y7m1/nqzxxkriy+TVgSZEDq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org