Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Lb5tIyHBKETJJ6_n742KuUCDVOA.roa
File: Lb5tIyHBKETJJ6_n742KuUCDVOA.roa (raw, json)
Hash identifier: QeCZqjjGWWTvGysZa2uP/E/EBuxTZWxZD9T39V9dxnc=
Subject key identifier: 2D:BE:6D:23:21:C1:28:44:C9:27:AF:E7:EF:8D:8A:B9:40:83:54:E0
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018516899C0FDC33E1BC5C492C61CF8D705F
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Lb5tIyHBKETJJ6_n742KuUCDVOA.roa
Signing time: Thu 15 Dec 2022 16:06:35 +0000
ROA not before: Thu 15 Dec 2022 16:06:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200462
IP address blocks: 31.47.238.0/24 maxlen: 32
94.247.43.0/24 maxlen: 32
5.180.192.0/23 maxlen: 24
2.58.52.0/23 maxlen: 32
45.86.124.0/23 maxlen: 24
2a09:e1c0::/32 maxlen: 128
2a07:6fc0:10::/44 maxlen: 48
2a0e:de80::/29 maxlen: 48
2a00:f826:8::/48 maxlen: 48
2a0c:8900::/29 maxlen: 128
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:89:9c:0f:dc:33:e1:bc:5c:49:2c:61:cf:8d:70:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Dec 15 16:06:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dbe6d2321c12844c927afe7ef8d8ab9408354e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c8:4a:14:8a:6a:d9:5b:47:d3:d8:ff:29:4f:
2a:fc:c1:63:27:14:ea:61:71:ee:36:88:c0:ca:bd:
e0:c5:6a:93:a8:c9:d8:5f:52:bc:4a:c9:f4:6f:13:
83:88:83:9d:9f:2f:75:61:c6:cb:e7:b7:41:59:31:
43:b0:eb:cd:f0:60:b2:78:df:76:aa:ad:7f:cf:16:
7e:a8:35:24:39:a7:13:e8:93:a0:b8:d3:84:81:78:
fe:82:d4:99:d3:f7:f0:4f:df:6b:12:c6:dc:42:7c:
41:65:9f:4c:7c:03:2a:ef:3c:16:8b:7f:d7:be:10:
93:0c:9b:97:34:09:1e:1f:6d:c6:dd:ca:d9:ce:4c:
08:40:30:06:e8:50:df:d7:0a:af:de:55:05:60:43:
07:88:33:54:00:20:1c:8a:41:e5:d3:e2:19:bf:2c:
7a:9d:39:fe:f0:55:6b:0b:99:98:cc:df:17:08:df:
93:6d:33:cc:f3:b8:70:93:ff:fb:1d:85:fe:ca:f6:
54:43:b2:ac:1c:fc:65:fc:49:eb:da:df:c3:4d:a9:
85:ae:2b:da:66:76:e5:7f:01:ff:8b:e7:15:94:83:
89:02:c2:c7:46:a4:67:e5:e8:5b:0f:62:df:90:ac:
6e:cf:7f:5a:b3:94:6b:99:7c:fc:9c:4a:d2:4f:7c:
4e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BE:6D:23:21:C1:28:44:C9:27:AF:E7:EF:8D:8A:B9:40:83:54:E0
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/Lb5tIyHBKETJJ6_n742KuUCDVOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
31.47.238.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
b1:d5:43:77:47:9b:7e:e4:fa:ce:fa:37:6b:ff:e1:d7:f8:81:
28:a8:a2:d6:b9:7b:3f:53:05:ba:84:2d:97:42:69:a3:34:ce:
f3:24:18:a2:1a:94:3d:84:43:d3:71:ae:1a:c0:31:e4:4f:d7:
2f:d9:4f:29:cb:04:fc:bd:cc:12:57:86:7a:85:50:7d:f2:5f:
28:12:1d:09:3a:b9:2a:2f:cd:34:76:f1:58:23:c8:5f:8d:a0:
74:f5:08:a3:71:13:f2:6b:74:55:f3:cf:32:fd:5c:b7:41:72:
36:e5:f4:6b:bd:11:0c:15:70:1d:25:1b:a5:75:b3:5a:07:e7:
3d:63:7c:64:a2:a1:c5:ba:e6:ce:4b:a7:95:f0:a8:c7:bb:e6:
2d:76:c5:b9:01:bb:c2:b1:c9:db:0e:7c:fa:9d:6e:77:71:e6:
31:e1:17:ed:ea:bc:3f:df:86:ea:87:81:ff:47:6c:56:f9:d5:
bf:5a:f0:f8:d5:32:4f:6d:0c:9f:53:a6:30:cf:a6:18:1e:bd:
12:bb:56:1f:7c:a7:59:af:0c:1c:d2:48:34:5d:58:57:b1:62:
88:ad:cb:11:01:42:91:f1:7e:4a:82:7f:6a:4e:2c:a7:8a:03:
1b:fd:1c:ac:48:57:8f:0f:42:78:6e:dd:b4:53:5f:b7:c4:98:
b0:0b:02:84
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYUWiZwP3DPhvFxJLGHPjXBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjIxMjE1MTYwNjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGJlNmQyMzIxYzEyODQ0YzkyN2FmZTdlZjhkOGFiOTQwODM1NGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8hKFIpq2VtH09j/KU8q/MFjJxTq
YXHuNojAyr3gxWqTqMnYX1K8Ssn0bxODiIOdny91YcbL57dBWTFDsOvN8GCyeN92
qq1/zxZ+qDUkOacT6JOguNOEgXj+gtSZ0/fwT99rEsbcQnxBZZ9MfAMq7zwWi3/X
vhCTDJuXNAkeH23G3crZzkwIQDAG6FDf1wqv3lUFYEMHiDNUACAcikHl0+IZvyx6
nTn+8FVrC5mYzN8XCN+TbTPM87hwk//7HYX+yvZUQ7KsHPxl/Enr2t/DTamFriva
ZnblfwH/i+cVlIOJAsLHRqRn5ehbD2LfkKxuz39as5RrmXz8nErST3xOMQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFC2+bSMhwShEySev5++NirlAg1TgMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTGI1dEl5SEJLRVRKSjZfbjc0Mkt1VUNEVk9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQAHy/uAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBALHVQ3dHm37k
+s76N2v/4df4gSioota5ez9TBbqELZdCaaM0zvMkGKIalD2EQ9NxrhrAMeRP1y/Z
TynLBPy9zBJXhnqFUH3yXygSHQk6uSovzTR28VgjyF+NoHT1CKNxE/JrdFXzzzL9
XLdBcjbl9Gu9EQwVcB0lG6V1s1oH5z1jfGSiocW65s5Lp5XwqMe75i12xbkBu8Kx
ydsOfPqdbndx5jHhF+3qvD/fhuqHgf9HbFb51b9a8PjVMk9tDJ9TpjDPphgevRK7
Vh98p1mvDBzSSDRdWFexYoityxEBQpHxfkqCf2pOLKeKAxv9HKxIV48PQnhu3bRT
X7fEmLALAoQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:08 2023 by rpki-client on console-ams.rpki-client.org