Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/lCdjazwJfijICXjeGt_sXoSwA1A.roa
File: lCdjazwJfijICXjeGt_sXoSwA1A.roa (raw, json)
Hash identifier: pYCIW3ogh2hQBWPRFwD8P6sKzZyHCV0RuKnE0C4lBVg=
Subject key identifier: 94:27:63:6B:3C:09:7E:28:C8:09:78:DE:1A:DF:EC:5E:84:B0:03:50
Certificate issuer: /CN=5b3358110dadf224e719914161731df5e56c4188
Certificate serial: 01841E9FAB32B17CB1779177A24C2693BDAE
Authority key identifier: 5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/lCdjazwJfijICXjeGt_sXoSwA1A.roa
Signing time: Fri 28 Oct 2022 12:44:51 +0000
ROA not before: Fri 28 Oct 2022 12:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28979
IP address blocks: 194.127.216.0/21 maxlen: 21
194.127.217.0/24 maxlen: 24
194.127.215.0/24 maxlen: 24
194.127.218.0/24 maxlen: 24
194.127.219.0/24 maxlen: 24
185.204.240.0/23 maxlen: 23
185.204.242.0/23 maxlen: 23
2a04:b647:fffe::/48 maxlen: 48
2a04:b647::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1e:9f:ab:32:b1:7c:b1:77:91:77:a2:4c:26:93:bd:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b3358110dadf224e719914161731df5e56c4188
Validity
Not Before: Oct 28 12:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9427636b3c097e28c80978de1adfec5e84b00350
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:7d:ba:22:1b:1d:5f:25:2d:f6:d4:5a:da:19:
c6:b8:40:2b:f0:c3:c5:00:84:29:a8:92:a9:43:f4:
66:3a:55:32:5e:15:03:11:f3:94:0e:bc:08:d2:e3:
f6:29:d0:04:6f:bd:fc:86:4e:5e:ad:c9:e7:88:ba:
21:a5:65:ce:37:13:5d:be:dc:0c:97:52:e3:fa:5c:
f0:3b:06:cf:9f:cd:93:d7:ca:8d:06:65:91:36:37:
cc:f9:f6:c8:33:a8:f5:61:1a:67:c4:44:70:4d:e1:
c0:4c:e2:a8:09:cd:fc:fe:4d:2e:20:b9:85:c0:36:
9a:e1:d8:7d:37:4d:a9:3d:ef:87:d9:70:60:48:fa:
87:5b:c4:6d:32:a5:e5:ef:6e:88:0e:76:72:a3:c7:
3f:3a:49:5e:48:3e:fc:bf:26:8c:c9:09:1a:0a:e6:
f6:9a:10:87:cb:c1:55:81:8e:0e:f6:09:cb:af:0c:
88:fa:ba:52:8d:9e:db:47:ed:b2:c7:ee:d7:84:ae:
dd:24:1d:dc:65:63:22:7b:87:48:d5:a8:7d:b7:04:
9c:42:f5:56:e7:44:dd:3c:34:03:ec:d7:cd:8e:d6:
0b:66:0f:ae:55:b0:79:ba:18:ae:a4:b1:92:e4:80:
8b:d7:a9:25:56:42:6f:17:0f:81:59:84:93:fa:8e:
17:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:27:63:6B:3C:09:7E:28:C8:09:78:DE:1A:DF:EC:5E:84:B0:03:50
X509v3 Authority Key Identifier:
keyid:5B:33:58:11:0D:AD:F2:24:E7:19:91:41:61:73:1D:F5:E5:6C:41:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/lCdjazwJfijICXjeGt_sXoSwA1A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/792372-3d2a-44fd-91a0-f4272eec280d/1/WzNYEQ2t8iTnGZFBYXMd9eVsQYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.240.0/22
194.127.215.0-194.127.223.255
IPv6:
2a04:b647::/32
Signature Algorithm: sha256WithRSAEncryption
5f:c8:1f:56:69:79:f7:9c:d6:16:19:75:89:bf:c0:ec:bd:2e:
80:31:f1:ce:1b:b1:a2:f0:83:e2:8e:64:7d:c2:55:9f:55:55:
9d:4b:82:bb:5d:b0:00:98:78:62:88:ef:17:8c:43:c5:b4:19:
76:a2:95:46:1d:13:e0:bf:40:c1:7d:57:dc:32:14:e9:a2:08:
9a:a0:12:bc:c0:07:08:47:6e:aa:67:8b:51:25:ba:57:ba:95:
01:40:0d:e2:98:2b:32:da:9a:fa:85:9b:0f:4b:fb:08:f8:e5:
33:1b:71:bf:c6:38:01:21:8a:87:62:cf:a4:5c:c0:1b:2e:e6:
26:68:2c:b8:6b:e9:d3:58:0b:88:8e:49:e1:36:02:f8:7b:38:
75:ea:71:31:8a:bf:d6:00:76:c5:d7:9f:7d:d5:e1:c9:03:38:
10:ad:cd:b6:23:c9:5c:f8:36:88:fe:18:89:57:5d:c2:e8:fd:
10:0e:08:ca:9a:ea:c0:4c:a9:f5:01:50:2c:14:b3:30:cb:22:
19:be:04:3e:3b:55:a9:cc:f5:15:41:99:05:bf:39:89:dd:c8:
b1:c8:b8:17:7d:ce:6a:aa:de:02:9d:1a:1a:12:95:14:38:8b:
9c:36:99:28:7f:51:f9:65:56:8e:18:2d:e5:af:48:0a:5d:d1:
dd:94:dd:9d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYQen6sysXyxd5F3okwmk72uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViMzM1ODExMGRhZGYyMjRlNzE5OTE0MTYxNzMxZGY1ZTU2
YzQxODgwHhcNMjIxMDI4MTI0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDI3NjM2YjNjMDk3ZTI4YzgwOTc4ZGUxYWRmZWM1ZTg0YjAwMzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg326IhsdXyUt9tRa2hnGuEAr8MPF
AIQpqJKpQ/RmOlUyXhUDEfOUDrwI0uP2KdAEb738hk5ercnniLohpWXONxNdvtwM
l1Lj+lzwOwbPn82T18qNBmWRNjfM+fbIM6j1YRpnxERwTeHATOKoCc38/k0uILmF
wDaa4dh9N02pPe+H2XBgSPqHW8RtMqXl726IDnZyo8c/OkleSD78vyaMyQkaCub2
mhCHy8FVgY4O9gnLrwyI+rpSjZ7bR+2yx+7XhK7dJB3cZWMie4dI1ah9twScQvVW
50TdPDQD7NfNjtYLZg+uVbB5uhiupLGS5ICL16klVkJvFw+BWYST+o4XrQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFJQnY2s8CX4oyAl43hrf7F6EsANQMB8GA1UdIwQY
MBaAFFszWBENrfIk5xmRQWFzHfXlbEGIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3pOWUVRMnQ4aVRuR1pGQllYTWQ5ZVZzUVlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83OTIzNzItM2QyYS00NGZkLTkxYTAt
ZjQyNzJlZWMyODBkLzEvbENkamF6d0pmaWpJQ1hqZUd0X3NYb1N3QTFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83OTIzNzItM2QyYS00NGZkLTkxYTAtZjQyNzJlZWMyODBk
LzEvV3pOWUVRMnQ4aVRuR1pGQllYTWQ5ZVZzUVlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuczwMAwD
BADCf9cDBAXCf8AwDQQCAAIwBwMFACoEtkcwDQYJKoZIhvcNAQELBQADggEBAF/I
H1Zpefec1hYZdYm/wOy9LoAx8c4bsaLwg+KOZH3CVZ9VVZ1LgrtdsACYeGKI7xeM
Q8W0GXailUYdE+C/QMF9V9wyFOmiCJqgErzABwhHbqpni1Elule6lQFADeKYKzLa
mvqFmw9L+wj45TMbcb/GOAEhiodiz6RcwBsu5iZoLLhr6dNYC4iOSeE2Avh7OHXq
cTGKv9YAdsXXn33V4ckDOBCtzbYjyVz4Noj+GIlXXcLo/RAOCMqa6sBMqfUBUCwU
szDLIhm+BD47VanM9RVBmQW/OYndyLHIuBd9zmqq3gKdGhoSlRQ4i5w2mSh/Ufll
Vo4YLeWvSApd0d2U3Z0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:20 2024 by rpki-client on console-fra.rpki-client.org