Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/4lNy0C8W49SreEzxA2-Lhevr920.roa
File: 4lNy0C8W49SreEzxA2-Lhevr920.roa (raw, json)
Hash identifier: TJNoYk/VPSfH1mgqTB3J/qbV5vsFec1SuSlfNV7bvXU=
Subject key identifier: E2:53:72:D0:2F:16:E3:D4:AB:78:4C:F1:03:6F:8B:85:EB:EB:F7:6D
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 0182344DB7A3D7654BD1FCADDB17654216B0
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/4lNy0C8W49SreEzxA2-Lhevr920.roa
Signing time: Mon 25 Jul 2022 07:41:24 +0000
ROA not before: Mon 25 Jul 2022 07:41:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.112.0/24 maxlen: 24
176.108.111.0/24 maxlen: 24
176.108.112.0/22 maxlen: 24
176.108.108.0/24 maxlen: 24
176.108.108.0/22 maxlen: 24
176.108.109.0/24 maxlen: 24
176.108.106.0/24 maxlen: 24
176.108.106.0/23 maxlen: 24
176.108.116.0/24 maxlen: 24
176.108.116.0/22 maxlen: 24
176.108.112.0/21 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.117.0/24 maxlen: 24
176.108.120.0/22 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
176.108.100.0/22 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.104.0/24 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:4d:b7:a3:d7:65:4b:d1:fc:ad:db:17:65:42:16:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 25 07:41:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e25372d02f16e3d4ab784cf1036f8b85ebebf76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:77:83:a4:8c:dd:23:04:d7:07:72:d1:0d:76:
4e:44:1d:6d:fb:17:3a:30:38:00:ac:17:4d:79:fe:
1f:8c:07:5a:8c:d2:f3:57:56:92:d3:65:44:ff:5f:
9c:b9:94:dd:cc:8c:83:6d:07:44:37:11:69:33:01:
aa:c2:a3:6a:69:6a:de:b2:d9:08:23:61:29:d3:6a:
0a:68:c3:ca:f9:53:28:2d:20:fe:08:d8:74:37:b4:
e2:e1:ed:34:14:4b:0f:29:a2:2b:eb:d8:72:1f:16:
8b:ed:e4:7b:76:18:1d:80:b1:dc:11:7c:ba:90:51:
ec:be:28:53:95:52:d1:64:03:5a:04:b0:fa:a9:4e:
90:9e:a6:62:a7:a8:fb:87:ea:ac:7f:63:67:c4:d8:
a5:36:3f:d1:7d:03:1f:81:41:57:1d:76:0e:ef:59:
5f:35:ab:2f:a9:c2:85:ee:07:2d:15:9e:a2:b2:e5:
a6:8a:f8:61:16:6c:3b:dc:bf:9e:4d:25:4d:a8:04:
ef:32:52:84:06:02:a5:1b:f1:98:71:19:95:be:c5:
62:4b:fc:de:8e:21:74:34:92:66:52:71:1e:ad:ac:
b2:e0:c2:ea:95:82:e3:3a:33:66:80:0c:78:5e:eb:
59:52:95:41:fe:ca:d3:bb:ce:40:eb:14:6d:b3:fd:
5f:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:53:72:D0:2F:16:E3:D4:AB:78:4C:F1:03:6F:8B:85:EB:EB:F7:6D
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/4lNy0C8W49SreEzxA2-Lhevr920.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.100.0-176.108.104.255
176.108.106.0-176.108.123.255
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
04:2f:85:e4:57:55:10:52:bc:ed:7e:33:73:0e:d0:8b:8c:fe:
c6:14:28:b8:f2:da:51:d7:bc:d4:2b:a2:8c:a8:d6:e8:7a:b3:
71:9b:61:ee:4c:77:a5:76:e3:1a:75:a1:b1:0a:82:b6:9e:bc:
6b:97:cd:30:ef:df:6b:39:1b:a1:9b:b1:61:96:f4:84:26:75:
86:21:55:f4:01:e8:79:77:c5:86:d7:d1:78:11:bf:05:6b:9d:
7b:22:c5:5b:25:c8:b6:59:5d:af:b6:0e:26:ae:fa:29:8d:27:
cc:32:b9:e5:63:cc:9f:98:bf:e0:0e:0c:bc:e3:9a:f4:66:7c:
27:35:38:f7:8e:d3:6f:ad:1e:96:17:6e:33:ef:4d:ab:bb:a5:
c1:41:b7:cb:0e:6c:57:8a:e0:41:c9:8f:3b:6b:d8:16:9d:8e:
1c:66:a1:3d:5a:a6:9a:47:1f:4e:75:3c:fe:cf:73:ba:14:95:
76:f5:09:d9:c7:04:c6:eb:47:e9:aa:3d:81:57:d3:0c:13:11:
76:10:45:42:78:22:f1:59:b3:1b:6f:97:b8:8f:93:8a:69:5d:
e2:35:8c:9b:61:03:bb:09:11:32:d5:d5:8c:72:82:14:6b:a2:
f2:c8:f7:f7:54:a5:7a:cf:60:04:8e:54:ca:f2:29:5f:98:47:
3f:5e:14:98
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYI0Tbej12VL0fyt2xdlQhawMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzI1MDc0MTI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjUzNzJkMDJmMTZlM2Q0YWI3ODRjZjEwMzZmOGI4NWViZWJmNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHeDpIzdIwTXB3LRDXZORB1t+xc6
MDgArBdNef4fjAdajNLzV1aS02VE/1+cuZTdzIyDbQdENxFpMwGqwqNqaWrestkI
I2Ep02oKaMPK+VMoLSD+CNh0N7Ti4e00FEsPKaIr69hyHxaL7eR7dhgdgLHcEXy6
kFHsvihTlVLRZANaBLD6qU6QnqZip6j7h+qsf2NnxNilNj/RfQMfgUFXHXYO71lf
NasvqcKF7gctFZ6isuWmivhhFmw73L+eTSVNqATvMlKEBgKlG/GYcRmVvsViS/ze
jiF0NJJmUnEerayy4MLqlYLjOjNmgAx4XutZUpVB/srTu85A6xRts/1fAQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOJTctAvFuPUq3hM8QNvi4Xr6/dtMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvNGxOeTBDOFc0OVNyZUV6eEEyLUxoZXZyOTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAoBAIAATAiMAwDBAKwbGQD
BACwbGgwDAMEAbBsagMEArBseAMEAsFdEDAPBAIAAjAJAwcAIAEGeARoMA0GCSqG
SIb3DQEBCwUAA4IBAQAEL4XkV1UQUrztfjNzDtCLjP7GFCi48tpR17zUK6KMqNbo
erNxm2HuTHelduMadaGxCoK2nrxrl80w799rORuhm7FhlvSEJnWGIVX0Aeh5d8WG
19F4Eb8Fa517IsVbJci2WV2vtg4mrvopjSfMMrnlY8yfmL/gDgy845r0ZnwnNTj3
jtNvrR6WF24z702ru6XBQbfLDmxXiuBByY87a9gWnY4cZqE9WqaaRx9OdTz+z3O6
FJV29QnZxwTG60fpqj2BV9MMExF2EEVCeCLxWbMbb5e4j5OKaV3iNYybYQO7CREy
1dWMcoIUa6LyyPf3VKV6z2AEjlTK8ilfmEc/XhSY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org