Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/lJFcSeu3SysnspwN_845EkDo-Yo.roa
File: lJFcSeu3SysnspwN_845EkDo-Yo.roa (raw, json)
Hash identifier: lMu7lbqLWCN4R++bm4nn5mwWcJ/hKasE1guw/dgekVc=
Subject key identifier: 94:91:5C:49:EB:B7:4B:2B:27:B2:9C:0D:FF:CE:39:12:40:E8:F9:8A
Certificate issuer: /CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Certificate serial: 01851999481368B2BE5698377E2680013E6D
Authority key identifier: 8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/lJFcSeu3SysnspwN_845EkDo-Yo.roa
Signing time: Fri 16 Dec 2022 06:22:33 +0000
ROA not before: Fri 16 Dec 2022 06:22:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35213
IP address blocks: 91.229.101.0/24 maxlen: 24
91.239.139.0/24 maxlen: 24
91.239.138.0/24 maxlen: 24
91.239.137.0/24 maxlen: 24
91.239.136.0/22 maxlen: 22
91.239.136.0/24 maxlen: 24
91.201.168.0/24 maxlen: 24
176.111.51.0/24 maxlen: 24
193.0.247.0/24 maxlen: 24
91.205.67.0/24 maxlen: 24
91.205.66.0/24 maxlen: 24
91.205.65.0/24 maxlen: 24
91.205.64.0/22 maxlen: 22
91.205.64.0/24 maxlen: 24
2001:678:31c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:19:99:48:13:68:b2:be:56:98:37:7e:26:80:01:3e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e57b1447642c14f11c04b641cf1d8de8adac784
Validity
Not Before: Dec 16 06:22:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94915c49ebb74b2b27b29c0dffce391240e8f98a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5b:02:c4:e0:6e:64:79:1c:eb:ce:ee:2f:fe:
b4:e1:14:09:1c:d9:1a:bb:d6:77:61:48:a8:04:8b:
ea:b6:4f:f2:f4:69:dd:22:a9:9e:98:b1:18:35:e1:
ab:3d:a7:8f:29:75:d5:22:a0:ae:1c:77:7c:7e:67:
c2:ce:e7:b4:53:9b:74:03:6c:d7:cc:2b:b6:79:ca:
a0:b1:e9:ff:73:db:38:73:0a:c6:06:f1:73:0f:21:
2b:3c:88:eb:02:26:27:8b:ae:1c:07:a3:21:57:ff:
05:fb:ed:61:70:65:42:32:af:2a:c4:cd:9f:cd:cd:
e5:c8:30:c5:e2:5b:24:ca:86:c2:35:8d:ee:b4:6f:
33:17:4c:ab:c4:1e:86:de:5e:8b:4d:f2:e9:ca:f4:
65:a7:78:cf:03:8b:5d:ee:d6:db:3c:50:8e:89:d8:
0f:a4:fb:38:fd:96:a2:0a:39:94:26:13:a5:44:31:
20:a3:28:67:92:55:78:a5:a3:6e:8a:33:7b:bb:26:
2e:e8:77:4b:28:8d:c3:7a:8c:50:7d:fc:9e:52:5a:
53:9c:0f:94:f8:e5:09:28:ea:3b:14:29:42:74:a0:
d8:3b:92:e6:ca:23:b7:f0:ac:1f:94:ba:a9:d6:6f:
44:bb:f4:fd:a5:9c:1d:37:16:3d:f3:e7:f1:d7:ec:
2f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:91:5C:49:EB:B7:4B:2B:27:B2:9C:0D:FF:CE:39:12:40:E8:F9:8A
X509v3 Authority Key Identifier:
keyid:8E:57:B1:44:76:42:C1:4F:11:C0:4B:64:1C:F1:D8:DE:8A:DA:C7:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlexRHZCwU8RwEtkHPHY3orax4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/lJFcSeu3SysnspwN_845EkDo-Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/e1c7c9-cc80-45d7-a6d8-af334a0a1e93/1/jlexRHZCwU8RwEtkHPHY3orax4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.168.0/24
91.205.64.0/22
91.229.101.0/24
91.239.136.0/22
176.111.51.0/24
193.0.247.0/24
IPv6:
2001:678:31c::/48
Signature Algorithm: sha256WithRSAEncryption
64:b8:d8:3e:75:19:d3:b7:38:e3:67:7c:08:37:81:9f:51:57:
02:96:f8:c2:78:e0:01:c8:7f:cf:4e:5e:f5:53:0b:35:eb:53:
b3:ec:e2:bb:66:80:92:d6:b9:35:2e:f7:89:ed:44:fc:ae:b8:
55:9f:52:85:76:f5:2e:3e:2e:1a:69:d6:40:78:92:05:e9:9a:
1a:72:7c:c6:d0:7a:aa:5d:5f:12:d1:5e:82:b1:a8:5a:2c:8b:
8b:a2:1b:cc:e1:58:c2:d0:51:26:f5:88:92:33:1e:1b:0f:a7:
0a:fb:e5:e5:20:c2:29:f2:84:1a:fd:ac:2c:df:70:8c:53:80:
88:65:da:8a:4a:bd:b7:95:d4:0a:ae:e0:21:8f:f2:ca:f2:07:
a6:bb:cb:99:fa:7d:82:ca:08:2f:19:35:4e:09:6b:f1:db:43:
c5:69:ec:d5:b3:96:44:9e:bc:d9:15:08:db:72:75:34:fd:5b:
e4:64:8e:60:5e:a1:c5:2f:13:9c:3a:73:40:b3:68:a0:35:95:
d7:c8:70:2c:72:e5:91:7c:06:70:e0:e3:b9:f2:56:9b:08:f2:
b0:7b:c6:d3:f2:06:42:f6:d9:bc:59:e1:e4:6e:b3:83:2f:fa:
af:9f:c0:f5:59:a7:6e:ba:5e:88:40:a2:b1:5d:fc:77:1b:3c:
9b:21:69:e6
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYUZmUgTaLK+Vpg3fiaAAT5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNTdiMTQ0NzY0MmMxNGYxMWMwNGI2NDFjZjFkOGRlOGFk
YWM3ODQwHhcNMjIxMjE2MDYyMjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDkxNWM0OWViYjc0YjJiMjdiMjljMGRmZmNlMzkxMjQwZThmOThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFsCxOBuZHkc687uL/604RQJHNka
u9Z3YUioBIvqtk/y9GndIqmemLEYNeGrPaePKXXVIqCuHHd8fmfCzue0U5t0A2zX
zCu2ecqgsen/c9s4cwrGBvFzDyErPIjrAiYni64cB6MhV/8F++1hcGVCMq8qxM2f
zc3lyDDF4lskyobCNY3utG8zF0yrxB6G3l6LTfLpyvRlp3jPA4td7tbbPFCOidgP
pPs4/ZaiCjmUJhOlRDEgoyhnklV4paNuijN7uyYu6HdLKI3DeoxQffyeUlpTnA+U
+OUJKOo7FClCdKDYO5LmyiO38KwflLqp1m9Eu/T9pZwdNxY98+fx1+wvCwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJSRXEnrt0srJ7KcDf/OORJA6PmKMB8GA1UdIwQY
MBaAFI5XsUR2QsFPEcBLZBzx2N6K2seEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamxleFJIWkN3VThSd0V0a0hQSFkzb3JheDRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC9lMWM3YzktY2M4MC00NWQ3LWE2ZDgt
YWYzMzRhMGExZTkzLzEvbEpGY1NldTNTeXNuc3B3Tl84NDVFa0RvLVlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC9lMWM3YzktY2M4MC00NWQ3LWE2ZDgtYWYzMzRhMGExZTkz
LzEvamxleFJIWkN3VThSd0V0a0hQSFkzb3JheDRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAqBAIAATAkAwQAW8moAwQC
W81AAwQAW+VlAwQCW++IAwQAsG8zAwQAwQD3MA8EAgACMAkDBwAgAQZ4AxwwDQYJ
KoZIhvcNAQELBQADggEBAGS42D51GdO3OONnfAg3gZ9RVwKW+MJ44AHIf89OXvVT
CzXrU7Ps4rtmgJLWuTUu94ntRPyuuFWfUoV29S4+Lhpp1kB4kgXpmhpyfMbQeqpd
XxLRXoKxqFosi4uiG8zhWMLQUSb1iJIzHhsPpwr75eUgwinyhBr9rCzfcIxTgIhl
2opKvbeV1Aqu4CGP8sryB6a7y5n6fYLKCC8ZNU4Ja/HbQ8Vp7NWzlkSevNkVCNty
dTT9W+RkjmBeocUvE5w6c0CzaKA1ldfIcCxy5ZF8BnDg47nyVpsI8rB7xtPyBkL2
2bxZ4eRus4Mv+q+fwPVZp266XohAorFd/HcbPJshaeY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org