Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LxoT73a2QiOQqUJJZ688feT6P8s.roa
File: LxoT73a2QiOQqUJJZ688feT6P8s.roa (raw, json)
Hash identifier: xz46U42ZDZ3UkhWTFqV76dlFtvGNREyL5GtnDOBRUPI=
Subject key identifier: 2F:1A:13:EF:76:B6:42:23:90:A9:42:49:67:AF:3C:7D:E4:FA:3F:CB
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 1944BCF8
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LxoT73a2QiOQqUJJZ688feT6P8s.roa
Signing time: Tue 22 Mar 2022 10:52:54 +0000
ROA not before: Tue 22 Mar 2022 10:52:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134176
IP address blocks: 85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
185.137.182.0/24 maxlen: 24
79.174.20.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 423935224 (0x1944bcf8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 22 10:52:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f1a13ef76b6422390a9424967af3c7de4fa3fcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:79:25:ea:04:17:18:2f:fb:c7:17:12:30:3c:
51:40:14:ab:82:73:57:be:15:73:f3:2d:76:43:73:
3a:ae:c4:01:85:b4:5c:6a:ff:c7:7c:9b:bd:00:a0:
08:b5:05:16:15:f7:6e:12:0e:18:bf:57:f7:34:93:
3a:83:a5:5f:b1:1b:f6:3e:d8:3d:c1:31:8c:1b:6b:
58:27:85:13:1e:e0:23:50:4d:b5:b3:e9:05:64:f4:
4b:5b:f9:1e:64:6d:df:2b:5c:e8:16:b5:90:5d:65:
d0:cf:1f:4b:98:a8:c4:92:2b:a9:5a:bf:7a:d1:4b:
31:09:70:c0:db:e1:70:22:0b:10:b2:28:68:1b:4a:
91:33:b5:65:ba:02:3b:6e:b1:f5:1c:5c:e7:83:28:
37:a2:ff:cb:a6:18:90:a6:75:44:54:39:9d:7f:a1:
5b:df:91:62:ec:80:f9:f1:3c:61:18:eb:fd:e3:e0:
d1:b4:d5:21:db:48:56:93:a1:51:a4:29:46:b7:e2:
6f:f6:61:95:e3:c8:63:ca:10:ec:40:66:db:82:d0:
aa:c9:26:b4:bf:44:40:b6:25:3b:e7:43:c9:7b:c2:
df:7f:94:c9:2c:f8:b6:9c:da:96:7d:f0:4c:e2:73:
a9:29:61:cd:96:fd:e0:8d:d1:61:ec:11:a3:8b:0b:
58:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1A:13:EF:76:B6:42:23:90:A9:42:49:67:AF:3C:7D:E4:FA:3F:CB
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/LxoT73a2QiOQqUJJZ688feT6P8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.20.0/24
85.209.254.0/24
185.137.182.0/24
185.190.81.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:6d:a4:4b:d8:35:b4:fd:c2:da:e9:56:e3:bd:45:c1:e7:2a:
28:64:0e:4d:4f:1d:c6:a9:69:66:ff:5b:ab:24:f9:10:b1:e3:
0e:e1:12:a6:d7:11:2e:24:b8:c5:aa:0f:0e:fe:7a:25:fd:8e:
a7:f5:c7:55:11:9c:03:23:88:8c:6d:97:d4:83:e8:16:d9:8f:
a7:56:72:c7:1a:11:62:e1:f7:53:1d:f8:95:d2:06:70:e4:73:
e5:8a:60:11:7c:ba:5e:c2:5e:6a:f2:73:15:5c:24:e5:08:ba:
57:bb:d8:83:91:3e:10:be:79:5c:a0:d1:5b:93:34:2b:a4:23:
c1:a5:0e:07:7b:2c:c8:97:bc:92:b9:65:ef:d7:ed:5e:82:49:
c9:df:2e:db:da:d1:6d:22:59:e2:7a:3a:4f:20:18:3b:13:1a:
f1:b6:d0:b6:d2:6a:0f:71:a6:e4:96:7e:75:0f:9a:7f:d7:47:
61:64:2a:df:7e:74:f7:24:16:98:d4:7b:f2:56:ca:a5:a1:46:
1a:b7:59:6b:a7:7e:1a:e5:f8:02:c1:4c:d6:5b:d7:7a:cd:9b:
9b:fd:f1:6e:47:45:2d:6e:34:5a:59:c0:c0:af:47:51:c4:10:
ee:d0:89:67:25:4b:4b:03:a2:b9:94:69:bd:76:56:28:aa:65:
5f:2a:29:d5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGUS8+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMy
MjEwNTI1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYxYTEzZWY3NmI2
NDIyMzkwYTk0MjQ5NjdhZjNjN2RlNGZhM2ZjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALF5JeoEFxgv+8cXEjA8UUAUq4JzV74Vc/MtdkNzOq7EAYW0
XGr/x3ybvQCgCLUFFhX3bhIOGL9X9zSTOoOlX7Eb9j7YPcExjBtrWCeFEx7gI1BN
tbPpBWT0S1v5HmRt3ytc6Ba1kF1l0M8fS5ioxJIrqVq/etFLMQlwwNvhcCILELIo
aBtKkTO1ZboCO26x9Rxc54MoN6L/y6YYkKZ1RFQ5nX+hW9+RYuyA+fE8YRjr/ePg
0bTVIdtIVpOhUaQpRrfib/ZhlePIY8oQ7EBm24LQqskmtL9EQLYlO+dDyXvC33+U
ySz4tpzaln3wTOJzqSlhzZb94I3RYewRo4sLWKcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQvGhPvdrZCI5CpQklnrzx95Po/yzAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L0x4b1Q3M2EyUWlPUXFVSkpaNjg4ZmVUNlA4cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAE+uFAMEAFXR/gMEALmJtgMEALm+
UTANBgkqhkiG9w0BAQsFAAOCAQEAv22kS9g1tP3C2ulW471FwecqKGQOTU8dxqlp
Zv9bqyT5ELHjDuESptcRLiS4xaoPDv56Jf2Op/XHVRGcAyOIjG2X1IPoFtmPp1Zy
xxoRYuH3Ux34ldIGcORz5YpgEXy6XsJeavJzFVwk5Qi6V7vYg5E+EL55XKDRW5M0
K6QjwaUOB3ssyJe8krll79ftXoJJyd8u29rRbSJZ4no6TyAYOxMa8bbQttJqD3Gm
5JZ+dQ+af9dHYWQq33509yQWmNR78lbKpaFGGrdZa6d+GuX4AsFM1lvXes2bm/3x
bkdFLW40WlnAwK9HUcQQ7tCJZyVLSwOiuZRpvXZWKKplXyop1Q==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org