Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa
File: Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa (raw, json)
Hash identifier: NPZK7uiw/1wf4XqFbD4SkHo12JLDDdCbe58/REcxDSs=
Subject key identifier: 2D:DB:22:FA:FA:D9:22:49:FD:BC:9C:9D:E6:B5:09:23:EF:48:AA:33
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1982A55C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa
Signing time: Wed 06 Apr 2022 22:31:21 +0000
ROA not before: Wed 06 Apr 2022 22:31:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21859
IP address blocks: 91.189.186.0/24 maxlen: 32
37.10.112.0/24 maxlen: 32
185.240.218.0/24 maxlen: 32
5.253.137.0/24 maxlen: 32
185.171.3.0/24 maxlen: 32
79.143.55.0/24 maxlen: 32
193.222.103.0/24 maxlen: 32
147.78.220.0/24 maxlen: 32
193.149.160.0/24 maxlen: 32
185.224.146.0/24 maxlen: 32
185.226.73.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427992412 (0x1982a55c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 6 22:31:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ddb22fafad92249fdbc9c9de6b50923ef48aa33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:45:dd:88:25:c6:dc:41:b2:91:8f:bf:8b:00:
2f:ec:52:a2:d6:db:65:9a:23:63:1a:6f:48:93:ae:
04:e4:5d:18:94:5b:de:5a:a8:81:f4:00:7a:b5:de:
70:ba:db:8e:a9:c7:77:11:4d:39:5f:c2:8b:44:ba:
c0:18:91:f2:dc:1c:44:11:6e:b2:39:78:0c:e2:24:
4f:f3:c0:19:53:94:7e:e4:4d:b4:f8:24:06:04:40:
cf:0c:60:1b:70:c5:11:38:5d:73:7b:46:10:0d:8f:
43:97:df:30:fc:ee:da:01:cc:c0:82:91:54:37:33:
9b:76:66:7c:10:a2:de:8d:f8:25:0b:f2:31:93:08:
58:67:a6:e1:44:06:59:e8:36:d1:0d:33:cf:f9:d3:
3b:1f:cb:cd:fc:cd:70:d5:dd:bc:b5:f6:a6:3c:0d:
70:74:d3:9d:c2:43:c9:0a:d3:35:d2:95:21:e4:8e:
e1:52:7c:4d:19:17:3b:3e:c6:a1:d5:9a:d4:89:6b:
f8:47:50:0d:ff:d8:47:4d:77:f2:08:05:99:84:8c:
54:da:e4:0a:ff:b9:66:2c:fe:83:79:b8:61:1f:c8:
73:5f:05:87:bd:e7:1f:b1:28:6a:42:a1:7f:28:dd:
9c:cf:f8:26:5e:17:66:ef:cd:2c:ba:f3:aa:27:a0:
89:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:DB:22:FA:FA:D9:22:49:FD:BC:9C:9D:E6:B5:09:23:EF:48:AA:33
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/Ldsi-vrZIkn9vJyd5rUJI-9IqjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.137.0/24
37.10.112.0/24
79.143.55.0/24
91.189.186.0/24
147.78.220.0/24
185.171.3.0/24
185.224.146.0/24
185.226.73.0/24
185.240.218.0/24
193.149.160.0/24
193.222.103.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:1c:03:05:42:f9:68:93:54:66:c7:7c:7d:14:b5:61:96:ef:
23:c7:46:c7:8b:50:41:8b:1b:87:fa:23:c2:0c:10:5d:cb:7a:
d2:d5:ac:4a:ea:55:8d:eb:1d:22:ae:cf:2d:7d:aa:06:0d:e3:
0b:f0:40:92:7d:35:fd:e0:8b:12:22:c2:86:81:bb:87:43:31:
59:82:6e:a0:5d:06:2f:99:54:53:8b:fc:ac:2c:61:e7:51:5b:
a0:b9:09:35:c9:d9:53:6f:69:51:7b:cf:0c:c9:a9:9a:a7:3b:
9c:e4:74:0e:0d:d1:64:50:40:25:da:47:26:e4:9a:39:8d:c0:
89:ac:4d:59:a2:de:1a:d0:4b:96:57:b7:b3:e5:09:71:ba:ff:
13:23:12:39:59:43:65:5b:5c:40:72:35:d8:3d:46:28:9f:00:
ea:02:aa:19:3a:55:b9:2f:b2:2b:a5:2c:2c:bd:bb:6c:b7:da:
71:f6:c2:5e:73:0a:bc:64:a5:8c:b9:4a:80:5d:13:27:f6:ae:
7e:0c:7e:2e:67:40:59:5a:38:8a:1e:03:4c:72:bc:b9:31:b6:
46:e5:18:b4:4d:4e:89:d6:b1:1f:e8:6e:09:89:c4:ea:0f:68:
54:dd:76:82:47:2e:8a:b1:e1:20:df:c4:f4:30:ef:92:b0:f4:
40:1b:0c:c8
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgIEGYKlXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NjIyMzEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRkYjIyZmFmYWQ5
MjI0OWZkYmM5YzlkZTZiNTA5MjNlZjQ4YWEzMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdF3YglxtxBspGPv4sAL+xSotbbZZojYxpvSJOuBORdGJRb
3lqogfQAerXecLrbjqnHdxFNOV/Ci0S6wBiR8twcRBFusjl4DOIkT/PAGVOUfuRN
tPgkBgRAzwxgG3DFEThdc3tGEA2PQ5ffMPzu2gHMwIKRVDczm3ZmfBCi3o34JQvy
MZMIWGem4UQGWeg20Q0zz/nTOx/LzfzNcNXdvLX2pjwNcHTTncJDyQrTNdKVIeSO
4VJ8TRkXOz7GodWa1Ilr+EdQDf/YR0138ggFmYSMVNrkCv+5Ziz+g3m4YR/Ic18F
h73nH7EoakKhfyjdnM/4Jl4XZu/NLLrzqiegiXMCAwEAAaOCAkUwggJBMB0GA1Ud
DgQWBBQt2yL6+tkiSf28nJ3mtQkj70iqMzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0xkc2ktdnJaSWtuOXZKeWQ1clVKSS05SXFqTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBb
BggrBgEFBQcBBwEB/wRMMEowSAQCAAEwQgMEAAX9iQMEACUKcAMEAE+PNwMEAFu9
ugMEAJNO3AMEALmrAwMEALngkgMEALniSQMEALnw2gMEAMGVoAMEAMHeZzANBgkq
hkiG9w0BAQsFAAOCAQEAyRwDBUL5aJNUZsd8fRS1YZbvI8dGx4tQQYsbh/ojwgwQ
Xct60tWsSupVjesdIq7PLX2qBg3jC/BAkn01/eCLEiLChoG7h0MxWYJuoF0GL5lU
U4v8rCxh51FboLkJNcnZU29pUXvPDMmpmqc7nOR0Dg3RZFBAJdpHJuSaOY3AiaxN
WaLeGtBLlle3s+UJcbr/EyMSOVlDZVtcQHI12D1GKJ8A6gKqGTpVuS+yK6UsLL27
bLfacfbCXnMKvGSljLlKgF0TJ/aufgx+LmdAWVo4ih4DTHK8uTG2RuUYtE1Oidax
H+huCYnE6g9oVN12gkcuirHhIN/E9DDvkrD0QBsMyA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:17 2023 by rpki-client on console-fra.rpki-client.org