Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LfUh3aABKRt-odtaYq2Q4mkqt38.roa
File: LfUh3aABKRt-odtaYq2Q4mkqt38.roa (raw, json)
Hash identifier: oZdqbqe4jbgX9XoohoDaQzrDNrM/1eLb3EJ+xU49kEM=
Subject key identifier: 2D:F5:21:DD:A0:01:29:1B:7E:A1:DB:5A:62:AD:90:E2:69:2A:B7:7F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0183A718D697C4BDB91BF96635FEB451B9F2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LfUh3aABKRt-odtaYq2Q4mkqt38.roa
Signing time: Wed 05 Oct 2022 07:42:46 +0000
ROA not before: Wed 05 Oct 2022 07:42:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57630
IP address blocks: 194.71.0.0/23 maxlen: 23
193.234.94.0/24 maxlen: 24
192.71.0.0/24 maxlen: 24
194.103.16.0/23 maxlen: 24
193.234.116.0/22 maxlen: 22
193.183.20.0/24 maxlen: 24
193.181.34.0/24 maxlen: 24
194.103.197.0/24 maxlen: 24
194.103.95.0/24 maxlen: 24
194.14.57.0/24 maxlen: 24
193.234.3.0/24 maxlen: 24
192.165.3.0/24 maxlen: 24
194.103.145.0/24 maxlen: 24
194.132.166.0/24 maxlen: 24
194.132.164.0/24 maxlen: 24
193.183.49.0/24 maxlen: 24
193.234.144.0/24 maxlen: 24
192.165.134.0/23 maxlen: 23
194.132.186.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:18:d6:97:c4:bd:b9:1b:f9:66:35:fe:b4:51:b9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 5 07:42:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2df521dda001291b7ea1db5a62ad90e2692ab77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:06:cd:38:75:cc:23:20:0e:9b:0c:52:df:af:
be:93:06:30:04:35:58:0b:66:70:40:52:95:52:74:
26:a8:6d:90:05:4f:74:7c:48:10:db:a3:e4:e3:c8:
57:08:a8:8e:6f:aa:74:91:a5:4b:8c:5e:55:3c:3d:
78:61:f2:40:90:e3:a3:47:2d:b7:a5:51:44:53:36:
52:15:fd:bd:5e:d8:94:f8:4f:dc:e2:fc:de:8b:3c:
56:c6:66:77:43:dd:d5:dd:06:bc:2f:e7:1b:be:9c:
d3:bd:be:2d:b6:90:b6:89:8a:46:f4:f6:64:a3:71:
36:4d:05:f4:c5:28:21:a2:c0:63:13:21:2e:f9:1f:
6d:69:cc:8d:67:0f:c7:b9:9f:ee:28:d3:45:77:10:
53:39:87:5b:8e:cf:d0:d5:fd:6e:4a:f3:e6:a9:74:
d1:67:95:0b:58:ba:51:b8:b1:6f:3f:5c:8b:6e:84:
17:7b:c4:da:aa:80:05:f3:e5:69:4e:6b:6e:03:38:
1d:f4:ca:a3:fb:80:af:25:5e:69:47:4d:1e:e1:25:
84:24:e1:2c:9e:10:be:20:ec:a3:8b:65:8f:fb:06:
62:fc:e5:2b:15:7b:90:6a:92:8a:dd:27:29:30:a8:
32:02:8b:b0:7e:77:8a:6b:9e:9a:c8:29:29:39:ba:
ef:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F5:21:DD:A0:01:29:1B:7E:A1:DB:5A:62:AD:90:E2:69:2A:B7:7F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LfUh3aABKRt-odtaYq2Q4mkqt38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.0.0/24
192.165.3.0/24
192.165.134.0/23
193.181.34.0/24
193.183.20.0/24
193.183.49.0/24
193.234.3.0/24
193.234.94.0/24
193.234.116.0/22
193.234.144.0/24
194.14.57.0/24
194.71.0.0/23
194.103.16.0/23
194.103.95.0/24
194.103.145.0/24
194.103.197.0/24
194.132.164.0/24
194.132.166.0/24
194.132.186.0/24
Signature Algorithm: sha256WithRSAEncryption
57:b2:1d:a2:9d:42:8b:ac:0f:3b:4a:1d:2c:08:1a:af:60:e9:
eb:ec:b4:94:e4:36:10:58:46:33:8f:45:ec:08:dc:ce:a7:1b:
1c:50:a0:03:43:ec:61:d8:fc:4e:23:20:63:8b:da:2e:a6:0a:
3d:d3:99:5c:f3:19:7f:b7:f4:d1:20:88:21:56:3f:e3:79:4b:
0c:44:26:db:c1:4d:d2:e3:fc:be:14:8e:fb:04:89:20:de:83:
77:48:db:71:9e:ed:b0:5c:92:a7:57:2b:80:66:ff:11:1f:07:
bb:07:d6:3a:20:ea:59:21:0d:83:c7:3c:4f:a1:6e:93:0d:d1:
95:72:15:04:10:70:9c:bb:89:c7:c3:1a:6f:f6:b8:96:3b:1b:
93:07:6e:7a:be:a4:21:29:9f:3f:f9:90:5b:45:e6:5c:10:fd:
d9:dd:68:55:28:e3:58:3c:c5:df:71:51:fd:c9:01:04:9b:c8:
51:7f:32:42:f2:8b:b3:92:15:9f:28:2a:44:3b:ef:eb:53:25:
4e:08:60:ed:e0:cf:c7:1c:d4:c9:85:29:a8:7c:3e:01:7a:b6:
63:0a:c4:8d:49:c7:10:bd:6b:66:a6:f8:40:ec:1b:c5:51:83:
35:c3:2e:4b:d0:44:9b:5b:16:9f:14:76:13:e7:50:b8:81:2c:
fe:8b:a7:7c
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYOnGNaXxL25G/lmNf60UbnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMDA1MDc0MjQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGY1MjFkZGEwMDEyOTFiN2VhMWRiNWE2MmFkOTBlMjY5MmFiNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQbNOHXMIyAOmwxS36++kwYwBDVY
C2ZwQFKVUnQmqG2QBU90fEgQ26Pk48hXCKiOb6p0kaVLjF5VPD14YfJAkOOjRy23
pVFEUzZSFf29XtiU+E/c4vzeizxWxmZ3Q93V3Qa8L+cbvpzTvb4ttpC2iYpG9PZk
o3E2TQX0xSghosBjEyEu+R9tacyNZw/HuZ/uKNNFdxBTOYdbjs/Q1f1uSvPmqXTR
Z5ULWLpRuLFvP1yLboQXe8TaqoAF8+VpTmtuAzgd9Mqj+4CvJV5pR00e4SWEJOEs
nhC+IOyji2WP+wZi/OUrFXuQapKK3ScpMKgyAouwfneKa56ayCkpObrv2QIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFC31Id2gASkbfqHbWmKtkOJpKrd/MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTGZVaDNhQUJLUnQtb2R0YVlxMlE0bWtxdDM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAMBHAAME
AMClAwMEAcClhgMEAMG1IgMEAMG3FAMEAMG3MQMEAMHqAwMEAMHqXgMEAsHqdAME
AMHqkAMEAMIOOQMEAcJHAAMEAcJnEAMEAMJnXwMEAMJnkQMEAMJnxQMEAMKEpAME
AMKEpgMEAMKEujANBgkqhkiG9w0BAQsFAAOCAQEAV7Idop1Ci6wPO0odLAgar2Dp
6+y0lOQ2EFhGM49F7AjczqcbHFCgA0PsYdj8TiMgY4vaLqYKPdOZXPMZf7f00SCI
IVY/43lLDEQm28FN0uP8vhSO+wSJIN6Dd0jbcZ7tsFySp1crgGb/ER8HuwfWOiDq
WSENg8c8T6Fukw3RlXIVBBBwnLuJx8Mab/a4ljsbkwduer6kISmfP/mQW0XmXBD9
2d1oVSjjWDzF33FR/ckBBJvIUX8yQvKLs5IVnygqRDvv61MlTghg7eDPxxzUyYUp
qHw+AXq2YwrEjUnHEL1rZqb4QOwbxVGDNcMuS9BEm1sWnxR2E+dQuIEs/ounfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org