Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1lkOnGSEYE5ID4idgv1HQzKVVd8.roa
File: 1lkOnGSEYE5ID4idgv1HQzKVVd8.roa (raw, json)
Hash identifier: ruMp55SmzwO/UEggEvYkw1Zr0SRd55sbNuHFDitpE4E=
Subject key identifier: D6:59:0E:9C:64:84:60:4E:48:0F:88:9D:82:FD:47:43:32:95:55:DF
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0185018A04DA78FB533568D0CDE3C648A910
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1lkOnGSEYE5ID4idgv1HQzKVVd8.roa
Signing time: Sun 11 Dec 2022 14:15:00 +0000
ROA not before: Sun 11 Dec 2022 14:15:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200462
IP address blocks: 31.47.238.0/24 maxlen: 32
94.247.43.0/24 maxlen: 32
5.180.192.0/22 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/23 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:8a:04:da:78:fb:53:35:68:d0:cd:e3:c6:48:a9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Dec 11 14:15:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6590e9c6484604e480f889d82fd4743329555df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e1:c4:dd:d7:97:1a:1c:96:ed:a3:e5:33:ef:
89:11:21:c2:d7:bb:0a:b3:d7:a9:eb:6b:3d:16:a6:
95:2e:78:1f:b7:4b:b0:34:fc:35:26:16:79:43:d5:
65:10:a7:32:d9:4e:66:32:2a:15:73:8b:a1:66:c5:
56:b1:e8:15:51:4e:7d:1f:01:d4:f6:9e:34:85:16:
75:f6:db:07:9b:f2:98:99:12:9e:37:2a:4c:08:b6:
21:1b:78:72:6a:0d:52:54:05:d5:22:f6:a7:7c:b8:
f7:cb:b6:f7:7d:7e:3e:4e:4e:d5:ef:08:1a:c5:47:
09:b0:59:e9:55:5d:b6:aa:b1:f7:b7:ae:fc:2c:b6:
31:4d:16:9e:fa:93:0e:ff:36:a9:fa:34:3e:e8:a2:
8d:77:c4:31:99:f0:70:7d:ca:3c:8e:de:de:c6:87:
28:83:31:ac:b4:53:2c:62:f2:fc:b7:a6:f2:9a:00:
12:9b:3f:8c:7c:18:96:f9:3b:ea:05:36:fb:32:68:
74:3b:ae:29:0b:91:ed:18:a3:45:35:5c:5c:d2:d5:
26:e4:26:1d:b0:24:b0:ff:82:37:e0:df:46:71:26:
99:1f:bc:9c:b0:11:af:42:1c:7b:8b:67:09:3c:09:
cf:9b:a0:b8:45:af:35:b2:75:89:88:67:97:08:d8:
df:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:59:0E:9C:64:84:60:4E:48:0F:88:9D:82:FD:47:43:32:95:55:DF
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/1lkOnGSEYE5ID4idgv1HQzKVVd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/22
31.47.238.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
8c:37:8a:72:ab:12:47:63:cc:11:48:1b:fb:fa:a6:12:43:32:
0f:ac:24:a0:a8:82:04:01:92:cb:29:66:8e:e6:3d:cd:bc:06:
76:8d:de:47:58:29:2e:82:dd:60:ac:43:2f:18:6b:8c:e1:ef:
2d:11:c5:29:5b:4e:c9:6c:45:49:41:ac:27:e5:ce:1d:9f:bd:
b6:e2:9b:d6:08:ce:e7:56:b2:c4:a8:ee:86:a3:fa:f8:91:82:
57:57:7d:46:a8:c5:5d:0c:49:32:35:2e:9f:5b:0d:72:36:16:
03:c2:6c:2d:ec:31:20:5c:79:19:d5:d0:46:34:64:94:05:56:
e7:38:13:16:40:00:4c:44:af:4e:f1:39:e9:55:21:af:6e:03:
2b:a0:a5:a0:6e:a1:cd:4d:e8:32:e2:8a:f6:07:e6:40:c6:70:
ff:6b:1c:f8:8e:72:b2:13:8c:1d:98:5b:b1:ca:16:e6:6b:49:
fe:ff:9b:a8:79:61:da:28:7d:b7:6e:b4:47:1d:d5:f2:43:ad:
30:27:91:ec:8f:a1:0d:1c:db:f0:81:53:73:cd:41:35:7d:90:
05:ef:d2:66:63:8c:08:5f:2e:44:3e:4d:32:ce:e0:0a:a1:80:
42:53:83:d9:dd:a4:06:ce:2b:ed:ad:6a:0c:e6:18:c7:54:db:
08:91:1f:76
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYUBigTaePtTNWjQzePGSKkQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMjExMTQxNTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjU5MGU5YzY0ODQ2MDRlNDgwZjg4OWQ4MmZkNDc0MzMyOTU1NWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneHE3deXGhyW7aPlM++JESHC17sK
s9ep62s9FqaVLngft0uwNPw1JhZ5Q9VlEKcy2U5mMioVc4uhZsVWsegVUU59HwHU
9p40hRZ19tsHm/KYmRKeNypMCLYhG3hyag1SVAXVIvanfLj3y7b3fX4+Tk7V7wga
xUcJsFnpVV22qrH3t678LLYxTRae+pMO/zap+jQ+6KKNd8QxmfBwfco8jt7exoco
gzGstFMsYvL8t6bymgASmz+MfBiW+TvqBTb7Mmh0O64pC5HtGKNFNVxc0tUm5CYd
sCSw/4I34N9GcSaZH7ycsBGvQhx7i2cJPAnPm6C4Ra81snWJiGeXCNjfDwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNZZDpxkhGBOSA+InYL9R0MylVXfMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvMWxrT25HU0VZRTVJRDRpZGd2MUhRektWVmQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQC
BbTAAwQAHy/uAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAIw3inKrEkdj
zBFIG/v6phJDMg+sJKCoggQBksspZo7mPc28BnaN3kdYKS6C3WCsQy8Ya4zh7y0R
xSlbTslsRUlBrCflzh2fvbbim9YIzudWssSo7oaj+viRgldXfUaoxV0MSTI1Lp9b
DXI2FgPCbC3sMSBceRnV0EY0ZJQFVuc4ExZAAExEr07xOelVIa9uAyugpaBuoc1N
6DLiivYH5kDGcP9rHPiOcrITjB2YW7HKFuZrSf7/m6h5YdoofbdutEcd1fJDrTAn
keyPoQ0c2/CBU3PNQTV9kAXv0mZjjAhfLkQ+TTLO4AqhgEJTg9ndpAbOK+2tagzm
GMdU2wiRH3Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:44 2024 by rpki-client on console-fra.rpki-client.org