Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lNfjSqTUEZhdTEJqUbsTYtthfsI.roa
File: lNfjSqTUEZhdTEJqUbsTYtthfsI.roa (raw, json)
Hash identifier: crgPIL56YVcKan6uqjiOuOxiwSE4BKuBP9URkwAXCYo=
Subject key identifier: 94:D7:E3:4A:A4:D4:11:98:5D:4C:42:6A:51:BB:13:62:DB:61:7E:C2
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 17978C0E
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lNfjSqTUEZhdTEJqUbsTYtthfsI.roa
Signing time: Sat 01 Jan 2022 04:53:55 +0000
ROA not before: Sat 01 Jan 2022 04:53:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 18526
IP address blocks: 85.209.252.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395807758 (0x17978c0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:53:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94d7e34aa4d411985d4c426a51bb1362db617ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:19:bf:63:b7:ec:06:c1:e4:20:a4:a5:f6:8f:
dd:14:53:05:28:b6:7a:c3:2a:01:1d:4f:10:5f:1b:
b3:ab:ba:48:5b:5f:d1:72:97:8d:6e:27:84:d8:6c:
87:e5:3f:ea:f5:63:17:46:bd:f1:3e:15:01:92:73:
65:f6:95:e4:9b:f1:4d:7f:4d:56:11:51:da:44:6f:
95:d0:70:39:97:11:6d:eb:e0:fd:b1:59:9e:78:8a:
b1:21:76:dc:b1:68:d8:2a:c7:25:e0:6a:4f:5d:1b:
1c:16:22:4d:86:72:02:58:41:bc:d3:4e:ea:01:5f:
4f:c5:d2:0d:11:d0:0b:e8:a6:67:d5:d2:65:73:b2:
34:90:c6:c5:88:b9:31:08:dc:7f:54:d1:aa:14:67:
e3:8f:ea:98:bc:16:fe:4a:a2:eb:ba:15:84:b9:be:
a9:c2:7e:78:08:bd:4d:e1:93:e9:1f:49:82:0c:b9:
f6:c2:59:3f:cc:0a:3a:9f:43:25:65:bf:4b:f3:25:
40:e7:0c:3b:c1:6e:c3:ab:29:db:22:b2:11:b4:5d:
ad:bf:c9:d0:d8:e8:2a:9e:98:09:00:0b:54:0f:9b:
45:f4:12:c7:97:5d:8b:24:71:82:ac:c4:e7:31:ad:
23:cf:7e:28:5f:aa:21:77:ab:f2:1d:2b:6e:fd:a7:
a9:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:D7:E3:4A:A4:D4:11:98:5D:4C:42:6A:51:BB:13:62:DB:61:7E:C2
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lNfjSqTUEZhdTEJqUbsTYtthfsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.252.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c5:b1:dc:30:23:6e:43:7c:bf:1d:0c:35:bd:77:2f:d9:1d:
38:37:3f:19:a1:54:08:d3:2b:cf:ab:de:e1:a7:8f:0a:36:3b:
0b:b3:47:cf:65:fc:8f:ac:f1:c8:26:38:ee:50:6b:f2:aa:d3:
0b:1c:7c:aa:0b:66:98:b5:9d:ef:c0:8d:db:32:55:fe:50:a1:
8e:82:0e:fa:e3:67:95:60:55:cd:0f:b2:52:c6:c9:6f:4e:4a:
1f:dc:ec:af:d0:3d:9b:38:fe:32:dc:95:d1:37:f7:64:32:72:
68:30:de:73:0f:a5:17:33:7b:f9:68:f0:87:09:e3:84:f0:4d:
37:51:ba:48:66:2b:ec:c8:9f:a1:24:55:3c:5b:3d:57:89:80:
c9:45:6e:5f:72:ff:57:c0:5c:29:96:50:83:d8:6c:af:33:74:
e3:05:9a:58:ec:93:86:19:5c:13:ed:64:8d:54:ee:6d:03:43:
e0:56:46:8c:73:b0:0e:b4:5c:23:36:3b:d9:6b:90:5a:08:2f:
99:cd:ca:16:43:41:43:1c:6f:b3:71:ce:cf:a9:24:ab:4b:fd:
f4:59:18:79:85:54:94:19:d9:c7:90:c2:b4:8e:1f:73:4a:82:
3e:0c:5b:cc:f0:bb:f2:06:9f:7d:32:60:95:50:88:3c:93:09:
7f:ab:03:0e
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEF5eMDjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRkN2UzNGFhNGQ0
MTE5ODVkNGM0MjZhNTFiYjEzNjJkYjYxN2VjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANMZv2O37AbB5CCkpfaP3RRTBSi2esMqAR1PEF8bs6u6SFtf
0XKXjW4nhNhsh+U/6vVjF0a98T4VAZJzZfaV5JvxTX9NVhFR2kRvldBwOZcRbevg
/bFZnniKsSF23LFo2CrHJeBqT10bHBYiTYZyAlhBvNNO6gFfT8XSDRHQC+imZ9XS
ZXOyNJDGxYi5MQjcf1TRqhRn44/qmLwW/kqi67oVhLm+qcJ+eAi9TeGT6R9Jggy5
9sJZP8wKOp9DJWW/S/MlQOcMO8Fuw6sp2yKyEbRdrb/J0NjoKp6YCQALVA+bRfQS
x5ddiyRxgqzE5zGtI89+KF+qIXer8h0rbv2nqfECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSU1+NKpNQRmF1MQmpRuxNi22F+wjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2xOZmpTcVRVRVpoZFRFSnFVYnNUWXR0aGZzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXR/DANBgkqhkiG9w0BAQsFAAOC
AQEAUsWx3DAjbkN8vx0MNb13L9kdODc/GaFUCNMrz6ve4aePCjY7C7NHz2X8j6zx
yCY47lBr8qrTCxx8qgtmmLWd78CN2zJV/lChjoIO+uNnlWBVzQ+yUsbJb05KH9zs
r9A9mzj+MtyV0Tf3ZDJyaDDecw+lFzN7+WjwhwnjhPBNN1G6SGYr7MifoSRVPFs9
V4mAyUVuX3L/V8BcKZZQg9hsrzN04wWaWOyThhlcE+1kjVTubQND4FZGjHOwDrRc
IzY72WuQWggvmc3KFkNBQxxvs3HOz6kkq0v99FkYeYVUlBnZx5DCtI4fc0qCPgxb
zPC78gaffTJglVCIPJMJf6sDDg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org