Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/LftKe8YDCM8FXMcfquVeUOlO38I.roa
File: LftKe8YDCM8FXMcfquVeUOlO38I.roa (raw, json)
Hash identifier: wiXMfyk+sZBUKz6yy3vs+gCPzZhvjO7nST55hT/tMto=
Subject key identifier: 2D:FB:4A:7B:C6:03:08:CF:05:5C:C7:1F:AA:E5:5E:50:E9:4E:DF:C2
Certificate issuer: /CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Certificate serial: 36ECE33A
Authority key identifier: 8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/LftKe8YDCM8FXMcfquVeUOlO38I.roa
Signing time: Sat 01 Jan 2022 02:58:19 +0000
ROA not before: Sat 01 Jan 2022 02:58:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13105
IP address blocks: 82.118.134.0/24 maxlen: 24
82.118.148.0/24 maxlen: 24
82.118.149.0/24 maxlen: 24
82.118.146.0/23 maxlen: 23
82.118.158.0/23 maxlen: 23
95.171.224.0/24 maxlen: 24
212.38.102.0/24 maxlen: 24
95.171.227.0/24 maxlen: 24
82.118.128.0/23 maxlen: 23
95.171.248.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 921494330 (0x36ece33a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a304af55353c03146f7f3a60c6ab5804dda5ce1
Validity
Not Before: Jan 1 02:58:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dfb4a7bc60308cf055cc71faae55e50e94edfc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:98:62:ab:7c:7e:5c:e8:04:c0:55:eb:a7:08:
d0:05:f1:5c:5e:bc:d9:35:39:44:c0:25:f8:a1:7d:
9c:a6:bd:69:df:14:ef:aa:f5:6a:a7:54:5c:6e:b9:
30:d6:50:6c:df:15:6d:56:c2:5b:34:f1:60:9b:8a:
7d:f6:41:40:50:42:5d:b1:61:ba:0b:c0:36:6b:bb:
a8:d2:8a:b6:46:b4:d8:5f:7b:71:fb:00:82:80:bc:
42:a1:b9:5e:3c:39:37:53:e7:f0:34:0a:59:5e:e9:
ce:fe:1b:ac:77:51:a0:10:bb:d2:92:a2:a7:a4:40:
b2:33:82:a8:55:45:82:b5:a3:75:11:14:a2:04:67:
e9:35:5f:bc:8f:a9:ef:eb:67:c0:61:51:cc:f3:9f:
0b:05:4f:da:d6:04:1e:13:79:34:aa:9e:39:bb:2f:
86:40:5d:c6:87:f6:04:09:c6:32:e9:dc:78:64:d7:
08:ab:58:7d:3a:ea:c5:8d:63:8b:d2:ca:34:9b:5e:
50:ad:17:da:4f:db:55:ca:63:0c:84:89:af:40:ac:
47:ed:4a:50:89:bc:2c:cb:7b:1d:ae:3b:df:4e:25:
24:78:1b:25:40:23:0b:df:95:b6:a0:69:c3:4a:1c:
a0:30:e5:b7:86:ce:78:b6:3a:3d:10:6d:d3:4c:24:
05:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FB:4A:7B:C6:03:08:CF:05:5C:C7:1F:AA:E5:5E:50:E9:4E:DF:C2
X509v3 Authority Key Identifier:
keyid:8A:30:4A:F5:53:53:C0:31:46:F7:F3:A6:0C:6A:B5:80:4D:DA:5C:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ijBK9VNTwDFG9_OmDGq1gE3aXOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/LftKe8YDCM8FXMcfquVeUOlO38I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/67f631-7f07-4d8e-9e96-1f471428b363/1/ijBK9VNTwDFG9_OmDGq1gE3aXOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.128.0/23
82.118.134.0/24
82.118.146.0-82.118.149.255
82.118.158.0/23
95.171.224.0/24
95.171.227.0/24
95.171.248.0/24
212.38.102.0/24
Signature Algorithm: sha256WithRSAEncryption
64:1e:6f:95:64:ca:42:d1:50:fd:bc:49:b0:e9:14:3d:d1:b5:
41:40:8b:f5:f9:37:6f:b0:14:19:ef:e2:59:80:cb:f5:00:45:
2e:92:47:75:ac:84:c5:cd:8f:2b:5b:24:41:98:b6:bd:5a:15:
ff:69:76:d7:c6:6a:9d:a7:18:6b:b8:21:ac:df:46:22:81:2a:
ab:2f:10:28:de:36:75:e8:38:6e:c7:33:fb:74:d4:61:0f:d6:
37:e9:4e:39:87:8f:7a:52:b0:d0:11:60:8c:a0:6b:49:82:c0:
94:3b:41:e0:5b:52:43:07:22:4e:b1:80:11:03:c7:5a:da:a4:
0a:68:79:df:22:b9:35:28:d3:bc:ff:2e:90:e7:a9:33:34:15:
43:40:ce:f0:b1:7e:97:26:71:a2:b9:5d:00:7c:e4:e3:39:ea:
ea:1d:f1:46:15:ae:f4:3f:c9:a4:ac:75:f4:cc:74:33:1b:52:
95:56:c0:1e:0b:5f:a9:36:66:b7:c1:8e:7b:12:82:13:9f:0b:
be:e8:fd:77:33:b9:9b:74:03:e6:bd:44:90:98:87:4c:b4:ee:
f7:ce:5d:77:3f:b4:82:27:37:4f:b4:b1:fa:b0:ce:72:1e:d5:
45:52:ea:e1:58:c9:e1:7b:53:ed:8c:5b:8a:f7:8e:8c:5c:a5:
1d:08:48:48
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIENuzjOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YTMwNGFmNTUzNTNjMDMxNDZmN2YzYTYwYzZhYjU4MDRkZGE1Y2UxMB4XDTIyMDEw
MTAyNTgxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRmYjRhN2JjNjAz
MDhjZjA1NWNjNzFmYWFlNTVlNTBlOTRlZGZjMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeYYqt8flzoBMBV66cI0AXxXF682TU5RMAl+KF9nKa9ad8U
76r1aqdUXG65MNZQbN8VbVbCWzTxYJuKffZBQFBCXbFhugvANmu7qNKKtka02F97
cfsAgoC8QqG5Xjw5N1Pn8DQKWV7pzv4brHdRoBC70pKip6RAsjOCqFVFgrWjdREU
ogRn6TVfvI+p7+tnwGFRzPOfCwVP2tYEHhN5NKqeObsvhkBdxof2BAnGMunceGTX
CKtYfTrqxY1ji9LKNJteUK0X2k/bVcpjDISJr0CsR+1KUIm8LMt7Ha47304lJHgb
JUAjC9+VtqBpw0ocoDDlt4bOeLY6PRBt00wkBc0CAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBQt+0p7xgMIzwVcxx+q5V5Q6U7fwjAfBgNVHSMEGDAWgBSKMEr1U1PAMUb3
86YMarWATdpc4TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lqQks5Vk5Ud0RGRzlfT21ER3ExZ0UzYVhPRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNjdmNjMxLTdmMDctNGQ4ZS05ZTk2LTFmNDcxNDI4YjM2My8x
L0xmdEtlOFlEQ004RlhNY2ZxdVZlVU9sTzM4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NjdmNjMxLTdmMDctNGQ4ZS05ZTk2LTFmNDcxNDI4YjM2My8xL2lqQks5Vk5Ud0RG
RzlfT21ER3ExZ0UzYVhPRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwPgQCAAEwOAMEAVJ2gAMEAFJ2hjAMAwQBUnaSAwQB
UnaUAwQBUnaeAwQAX6vgAwQAX6vjAwQAX6v4AwQA1CZmMA0GCSqGSIb3DQEBCwUA
A4IBAQBkHm+VZMpC0VD9vEmw6RQ90bVBQIv1+TdvsBQZ7+JZgMv1AEUukkd1rITF
zY8rWyRBmLa9WhX/aXbXxmqdpxhruCGs30YigSqrLxAo3jZ16DhuxzP7dNRhD9Y3
6U45h496UrDQEWCMoGtJgsCUO0HgW1JDByJOsYARA8da2qQKaHnfIrk1KNO8/y6Q
56kzNBVDQM7wsX6XJnGiuV0AfOTjOerqHfFGFa70P8mkrHX0zHQzG1KVVsAeC1+p
Nma3wY57EoITnwu+6P13M7mbdAPmvUSQmIdMtO73zl13P7SCJzdPtLH6sM5yHtVF
UurhWMnhe1PtjFuK946MXKUdCEhI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:19 2023 by rpki-client on console-fra.rpki-client.org