Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa
File: lwc2HQXHe7ADJYmytCF-uzOCPO0.roa (raw, json)
Hash identifier: EX+COr7a+ZBo5MnFfFhYsHiKTo+vhNnt50b8yDH9+Ao=
Subject key identifier: 97:07:36:1D:05:C7:7B:B0:03:25:89:B2:B4:21:7E:BB:33:82:3C:ED
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 01823EB321E923E2E1BA68E202FEB5DFB7A4
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa
Signing time: Wed 27 Jul 2022 08:08:23 +0000
ROA not before: Wed 27 Jul 2022 08:08:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 92.51.40.0/23 maxlen: 24
92.51.42.0/23 maxlen: 24
92.51.34.0/23 maxlen: 24
92.51.32.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3e:b3:21:e9:23:e2:e1:ba:68:e2:02:fe:b5:df:b7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jul 27 08:08:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9707361d05c77bb0032589b2b4217ebb33823ced
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:13:06:45:dc:0d:35:90:84:2b:c3:38:09:8c:
7d:b4:2a:f1:7a:fd:11:3f:30:e7:aa:7b:78:8a:18:
53:f5:d1:2c:b0:8e:74:3c:28:e4:13:21:7c:ed:fd:
9d:d9:dc:fa:21:af:5a:f9:19:ef:84:2d:1d:67:32:
76:cd:8f:9d:83:7d:19:f6:04:8c:a9:a0:57:a8:2a:
ce:0b:81:55:d1:bb:b9:a2:38:30:b0:2b:64:c4:cb:
da:47:66:0f:63:df:7d:a9:af:4f:d1:60:04:0f:ad:
51:67:15:34:d1:ca:52:ad:b1:59:0c:f4:8f:af:b3:
eb:af:0f:84:80:e8:da:84:43:a5:70:6a:81:46:45:
9c:c8:1f:b8:e9:44:7a:45:16:fc:09:5d:71:ea:54:
95:7f:d8:d1:49:b8:df:ec:86:55:64:70:65:13:09:
16:bc:f7:94:55:af:40:d9:59:79:f3:0a:d1:ff:87:
a7:71:23:b8:4f:dc:0c:f2:c4:2e:e2:2a:f8:48:78:
c4:90:a8:5a:13:8c:4e:35:f0:54:bc:eb:75:02:df:
ce:95:5a:25:25:7e:5b:af:f6:ac:54:7d:5a:81:ed:
96:6b:14:a6:da:b4:06:4f:6d:08:e4:74:7c:0f:1b:
95:bf:28:54:c3:ad:a0:88:68:27:b8:f8:53:9a:be:
9d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:07:36:1D:05:C7:7B:B0:03:25:89:B2:B4:21:7E:BB:33:82:3C:ED
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/lwc2HQXHe7ADJYmytCF-uzOCPO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.32.0/22
92.51.40.0/22
Signature Algorithm: sha256WithRSAEncryption
2e:3f:62:39:1d:13:de:cc:b3:f4:9b:05:33:0c:9b:4d:d3:05:
6b:d8:b1:c5:1f:e0:0c:84:fb:27:d0:94:e3:54:c0:ef:a8:91:
6e:d3:5d:b1:f3:da:ed:06:4c:bf:f0:b8:8d:fd:88:fc:de:8d:
14:42:5d:dd:7e:7a:de:a2:d8:1a:1c:28:18:32:e1:3e:9b:32:
7e:00:85:01:61:57:7b:4f:9c:b3:b2:e7:25:98:a2:99:15:9e:
eb:1e:9f:ac:0c:ca:01:50:97:3d:e7:37:76:cc:a6:e4:e8:ca:
21:33:aa:9f:cb:b7:82:51:23:ec:a3:f0:f4:53:09:a9:d9:f2:
26:e6:b5:66:86:59:5c:08:c0:c1:4d:a1:30:ca:f8:24:25:92:
ac:54:d8:ef:a1:c9:46:5a:c5:0a:5d:9b:73:18:27:ba:67:0f:
bb:6a:a2:ff:b3:71:6e:e5:03:8e:f2:77:ea:7a:22:2d:33:23:
bd:de:26:b5:6e:5b:ae:93:cd:17:e1:45:21:c0:b4:2b:71:b2:
10:00:64:00:d4:fa:21:d4:55:15:0b:8a:5e:42:d3:d0:e3:24:
14:2b:65:2c:e1:5b:fb:7d:5b:8c:aa:b1:db:32:ac:4a:6e:aa:
97:69:74:54:74:33:87:e7:39:86:08:7a:d0:4d:96:b8:ac:cf:
a4:76:ee:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI+syHpI+LhumjiAv6137ekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjIwNzI3MDgwODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzA3MzYxZDA1Yzc3YmIwMDMyNTg5YjJiNDIxN2ViYjMzODIzY2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlhMGRdwNNZCEK8M4CYx9tCrxev0R
PzDnqnt4ihhT9dEssI50PCjkEyF87f2d2dz6Ia9a+RnvhC0dZzJ2zY+dg30Z9gSM
qaBXqCrOC4FV0bu5ojgwsCtkxMvaR2YPY999qa9P0WAED61RZxU00cpSrbFZDPSP
r7Prrw+EgOjahEOlcGqBRkWcyB+46UR6RRb8CV1x6lSVf9jRSbjf7IZVZHBlEwkW
vPeUVa9A2Vl58wrR/4encSO4T9wM8sQu4ir4SHjEkKhaE4xONfBUvOt1At/OlVol
JX5br/asVH1age2WaxSm2rQGT20I5HR8DxuVvyhUw62giGgnuPhTmr6dtwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJcHNh0Fx3uwAyWJsrQhfrszgjztMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvbHdjMkhRWEhlN0FESllteXRDRi11ek9DUE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMgAwQC
XDMoMA0GCSqGSIb3DQEBCwUAA4IBAQAuP2I5HRPezLP0mwUzDJtN0wVr2LHFH+AM
hPsn0JTjVMDvqJFu012x89rtBky/8LiN/Yj83o0UQl3dfnreotgaHCgYMuE+mzJ+
AIUBYVd7T5yzsuclmKKZFZ7rHp+sDMoBUJc95zd2zKbk6MohM6qfy7eCUSPso/D0
Uwmp2fIm5rVmhllcCMDBTaEwyvgkJZKsVNjvoclGWsUKXZtzGCe6Zw+7aqL/s3Fu
5QOO8nfqeiItMyO93ia1bluuk80X4UUhwLQrcbIQAGQA1Poh1FUVC4peQtPQ4yQU
K2Us4Vv7fVuMqrHbMqxKbqqXaXRUdDOH5zmGCHrQTZa4rM+kdu6n
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:05 2023 by rpki-client on console-ams.rpki-client.org