Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lwQdHRseyE52607VC3GfASG30HY.roa
File: lwQdHRseyE52607VC3GfASG30HY.roa (raw, json)
Hash identifier: Fr6/KjA/dosUEcMduXWpD6rUhVMB0DjOWUgUW24gE9k=
Subject key identifier: 97:04:1D:1D:1B:1E:C8:4E:76:EB:4E:D5:0B:71:9F:01:21:B7:D0:76
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 197F509B
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lwQdHRseyE52607VC3GfASG30HY.roa
Signing time: Wed 06 Apr 2022 18:34:07 +0000
ROA not before: Wed 06 Apr 2022 18:34:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 185.133.192.0/24 maxlen: 24
185.117.22.0/24 maxlen: 24
185.122.56.0/24 maxlen: 32
185.122.57.0/24 maxlen: 24
185.122.59.0/24 maxlen: 32
2a06:82c2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 427774107 (0x197f509b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 6 18:34:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97041d1d1b1ec84e76eb4ed50b719f0121b7d076
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:94:f5:45:5e:2a:64:d0:73:20:d2:f9:3a:ec:
d1:73:38:9a:02:e2:0e:7f:33:23:a2:d0:ee:be:a7:
e0:78:64:d2:36:82:0a:4a:27:6c:f9:3a:2a:77:36:
54:2e:ce:13:5d:8b:98:fe:ba:c4:c6:4c:fa:73:8a:
ba:3f:eb:c6:cd:25:3a:b0:87:b4:79:39:e0:65:62:
96:94:7a:85:65:c9:11:2d:7e:61:c0:c0:29:12:3d:
0c:b0:08:6f:e0:48:07:ef:ff:02:1e:ec:d7:c7:20:
bf:86:af:83:aa:ac:f7:32:90:06:7f:3e:61:38:3d:
24:0e:0d:58:bf:73:86:fd:ce:a6:9d:55:4b:82:b2:
cc:10:09:5a:da:04:32:0b:43:22:b8:71:84:1a:36:
20:c2:29:6c:94:a9:34:fc:18:ec:3f:7a:0b:31:5e:
4a:11:75:33:a0:77:88:89:b5:15:29:15:33:e3:f7:
07:28:2a:29:55:eb:b3:bb:9c:5d:3d:11:dd:85:c2:
8c:c9:d1:13:d8:68:98:b4:06:b6:a2:a2:6c:4e:09:
6b:03:ee:77:eb:53:53:65:3a:d8:77:42:0e:b2:35:
21:fd:db:f9:51:7d:9a:52:22:51:46:0c:dd:c2:70:
89:2a:6f:9c:15:5e:38:bf:bb:12:de:6f:43:79:a0:
bd:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:04:1D:1D:1B:1E:C8:4E:76:EB:4E:D5:0B:71:9F:01:21:B7:D0:76
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/lwQdHRseyE52607VC3GfASG30HY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.22.0/24
185.122.56.0/23
185.122.59.0/24
185.133.192.0/24
IPv6:
2a06:82c2::/48
Signature Algorithm: sha256WithRSAEncryption
8a:36:24:22:ab:f6:d8:ce:9e:b6:78:7b:43:65:f2:fa:4a:3a:
f4:fa:54:44:3b:66:57:7f:2d:5a:6f:e6:f1:4c:cd:26:22:25:
8d:19:83:f3:6c:31:68:dd:9d:7e:91:d4:ab:5c:44:a3:83:ea:
ea:bf:f8:b3:53:d6:33:d1:af:28:0d:d0:d7:8b:96:4e:c6:0a:
fc:90:df:e1:3c:3f:9a:52:d9:04:d7:a4:83:2a:70:1d:8d:dc:
8d:3d:74:54:1a:3d:9c:65:52:d6:10:67:62:11:6d:a7:bd:fa:
8b:e0:64:c7:d3:d3:42:04:4e:99:be:30:5c:f8:6c:8b:85:4e:
22:5c:d1:9f:8e:ad:b2:6d:68:3c:f5:9d:66:d3:06:d7:6d:e3:
1c:d0:8b:04:4e:1d:06:ed:91:6c:fd:89:b5:b1:8d:4e:02:c6:
5e:9b:65:7b:80:62:fc:c9:0e:6b:8e:4c:95:54:69:20:13:e8:
71:68:16:0a:12:9c:f0:f1:58:8d:00:14:57:a1:34:5d:ed:8b:
62:37:c7:09:03:7e:99:ba:c9:b9:76:89:bc:03:e0:56:17:c3:
5a:74:56:27:4c:8d:cf:f7:dc:9c:95:b2:b6:2e:21:1d:ee:d4:
3a:12:f6:fd:b6:73:ed:54:21:af:0c:9c:97:4a:49:8f:ad:6a:
ad:52:83:01
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEGX9QmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDQw
NjE4MzQwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTcwNDFkMWQxYjFl
Yzg0ZTc2ZWI0ZWQ1MGI3MTlmMDEyMWI3ZDA3NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMGU9UVeKmTQcyDS+Trs0XM4mgLiDn8zI6LQ7r6n4Hhk0jaC
CkonbPk6Knc2VC7OE12LmP66xMZM+nOKuj/rxs0lOrCHtHk54GVilpR6hWXJES1+
YcDAKRI9DLAIb+BIB+//Ah7s18cgv4avg6qs9zKQBn8+YTg9JA4NWL9zhv3Opp1V
S4KyzBAJWtoEMgtDIrhxhBo2IMIpbJSpNPwY7D96CzFeShF1M6B3iIm1FSkVM+P3
BygqKVXrs7ucXT0R3YXCjMnRE9homLQGtqKibE4JawPud+tTU2U62HdCDrI1If3b
+VF9mlIiUUYM3cJwiSpvnBVeOL+7Et5vQ3mgvVECAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBSXBB0dGx7ITnbrTtULcZ8BIbfQdjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L2x3UWRIUnNleUU1MjYwN1ZDM0dmQVNHMzBIWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEALl1FgMEAbl6OAMEALl6OwMEALmF
wDAPBAIAAjAJAwcAKgaCwgAAMA0GCSqGSIb3DQEBCwUAA4IBAQCKNiQiq/bYzp62
eHtDZfL6Sjr0+lREO2ZXfy1ab+bxTM0mIiWNGYPzbDFo3Z1+kdSrXESjg+rqv/iz
U9Yz0a8oDdDXi5ZOxgr8kN/hPD+aUtkE16SDKnAdjdyNPXRUGj2cZVLWEGdiEW2n
vfqL4GTH09NCBE6ZvjBc+GyLhU4iXNGfjq2ybWg89Z1m0wbXbeMc0IsETh0G7ZFs
/Ym1sY1OAsZem2V7gGL8yQ5rjkyVVGkgE+hxaBYKEpzw8ViNABRXoTRd7YtiN8cJ
A36Zusm5dom8A+BWF8NadFYnTI3P99yclbK2LiEd7tQ6Evb9tnPtVCGvDJyXSkmP
rWqtUoMB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org