Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/lgRDHPyqR7XZLQCoFR0xEksIjng.roa
File: lgRDHPyqR7XZLQCoFR0xEksIjng.roa (raw, json)
Hash identifier: 0BVnINkEyaszK4mN8sP4JspFpMe5z6erqWiv+Y75f6E=
Subject key identifier: 96:04:43:1C:FC:AA:47:B5:D9:2D:00:A8:15:1D:31:12:4B:08:8E:78
Certificate issuer: /CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Certificate serial: 0183F9F5B2508368948F4FB21AE598781379
Authority key identifier: 42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/lgRDHPyqR7XZLQCoFR0xEksIjng.roa
Signing time: Fri 21 Oct 2022 09:52:52 +0000
ROA not before: Fri 21 Oct 2022 09:52:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213035
IP address blocks: 194.99.47.0/24 maxlen: 24
31.210.23.0/24 maxlen: 24
194.59.216.0/22 maxlen: 24
162.12.204.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f9:f5:b2:50:83:68:94:8f:4f:b2:1a:e5:98:78:13:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=424feffb576e411de511871dc1e0bd7a20e2c4d7
Validity
Not Before: Oct 21 09:52:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9604431cfcaa47b5d92d00a8151d31124b088e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:34:f1:19:7f:8d:27:cb:f7:90:88:03:65:cd:
89:c6:b9:d0:64:26:cd:b6:d9:ab:a4:3a:0c:5c:cb:
66:74:bb:c9:14:0d:e2:8e:f0:24:47:86:0f:be:4c:
90:ec:30:49:6e:82:fc:84:c1:64:80:d2:62:42:06:
9d:da:85:23:0a:1e:9a:63:da:93:ef:fa:69:4f:5e:
03:21:93:3e:fa:61:8a:50:46:d9:19:4a:6f:b2:c7:
c4:9e:cb:89:97:10:c0:d6:d8:bd:82:c5:32:25:77:
a9:af:97:13:20:08:b7:5c:de:dd:a5:80:e6:5b:e7:
b6:24:5e:d9:21:a5:f5:7a:22:12:c1:7e:a2:e8:dd:
7c:2b:1a:56:f4:7f:24:84:27:6c:b9:d1:62:f8:13:
4a:79:eb:b8:2c:98:bc:66:25:47:82:f2:df:d2:a7:
04:7b:64:dd:06:84:ea:4c:2d:9d:04:26:2c:d5:0e:
50:98:df:07:cf:ce:44:a7:44:d5:77:b2:41:89:2f:
1f:20:8f:1e:82:0a:2b:7e:d0:bd:00:21:6b:d5:5d:
46:3c:0e:4f:17:7b:aa:ff:56:4b:10:a0:8f:28:e7:
6b:10:bd:0f:d3:a8:29:0d:b5:bf:31:b9:a9:ed:87:
f6:ba:84:95:35:98:4c:9d:39:12:c4:c3:94:42:c1:
87:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:04:43:1C:FC:AA:47:B5:D9:2D:00:A8:15:1D:31:12:4B:08:8E:78
X509v3 Authority Key Identifier:
keyid:42:4F:EF:FB:57:6E:41:1D:E5:11:87:1D:C1:E0:BD:7A:20:E2:C4:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qk_v-1duQR3lEYcdweC9eiDixNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/lgRDHPyqR7XZLQCoFR0xEksIjng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/613508-0832-41f6-acb7-831f7e6f5ccd/1/Qk_v-1duQR3lEYcdweC9eiDixNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.23.0/24
162.12.204.0/23
194.59.216.0/22
194.99.47.0/24
Signature Algorithm: sha256WithRSAEncryption
42:a4:ad:c1:65:5b:6d:e5:3e:f1:e3:d2:57:d7:33:53:8d:00:
6e:6f:cb:1c:10:c7:ed:12:b7:a9:7f:3c:73:0c:7f:30:a5:53:
92:48:df:ab:40:3a:f6:1d:3c:55:9d:c9:e3:50:5c:71:b9:83:
85:7a:8e:c8:5f:b1:1c:0c:66:09:81:66:63:21:5d:d8:de:92:
24:57:27:60:95:8d:46:82:d2:01:32:e4:2c:84:65:5c:06:7b:
38:8e:b1:53:86:ea:bd:ff:01:29:35:cf:25:0d:bc:93:e8:2f:
f4:fd:dc:c9:cc:de:ff:d9:8c:21:c3:4b:76:81:c1:b7:d5:de:
38:54:d0:42:bb:91:51:8b:dd:bb:d3:76:e0:32:fb:54:92:cd:
28:22:4b:f6:88:5d:8e:4d:5e:52:19:ac:63:e5:f5:6d:a5:32:
b8:45:50:65:35:fc:fb:0d:36:69:30:fc:a4:fd:5e:02:57:0c:
bb:cf:f6:ab:1c:9a:8b:3c:90:e2:87:e8:0f:93:c9:9b:4c:df:
bd:d1:54:c2:10:ec:fc:ad:20:74:20:9c:be:6c:ac:ad:23:79:
24:37:40:6c:7e:16:fb:cd:d7:3e:a4:8e:ff:11:f3:5a:1b:c9:
b4:84:91:aa:6b:54:7a:48:d9:fe:b5:99:e7:7c:23:00:e2:55:
4b:e2:e3:73
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP59bJQg2iUj0+yGuWYeBN5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyNGZlZmZiNTc2ZTQxMWRlNTExODcxZGMxZTBiZDdhMjBl
MmM0ZDcwHhcNMjIxMDIxMDk1MjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA0NDMxY2ZjYWE0N2I1ZDkyZDAwYTgxNTFkMzExMjRiMDg4ZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszTxGX+NJ8v3kIgDZc2JxrnQZCbN
ttmrpDoMXMtmdLvJFA3ijvAkR4YPvkyQ7DBJboL8hMFkgNJiQgad2oUjCh6aY9qT
7/ppT14DIZM++mGKUEbZGUpvssfEnsuJlxDA1ti9gsUyJXepr5cTIAi3XN7dpYDm
W+e2JF7ZIaX1eiISwX6i6N18KxpW9H8khCdsudFi+BNKeeu4LJi8ZiVHgvLf0qcE
e2TdBoTqTC2dBCYs1Q5QmN8Hz85Ep0TVd7JBiS8fII8eggorftC9ACFr1V1GPA5P
F3uq/1ZLEKCPKOdrEL0P06gpDbW/Mbmp7Yf2uoSVNZhMnTkSxMOUQsGHNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJYEQxz8qke12S0AqBUdMRJLCI54MB8GA1UdIwQY
MBaAFEJP7/tXbkEd5RGHHcHgvXog4sTXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjct
ODMxZjdlNmY1Y2NkLzEvbGdSREhQeXFSN1haTFFDb0ZSMHhFa3NJam5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy82MTM1MDgtMDgzMi00MWY2LWFjYjctODMxZjdlNmY1Y2Nk
LzEvUWtfdi0xZHVRUjNsRVljZHdlQzllaURpeE5jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAH9IXAwQB
ogzMAwQCwjvYAwQAwmMvMA0GCSqGSIb3DQEBCwUAA4IBAQBCpK3BZVtt5T7x49JX
1zNTjQBub8scEMftErepfzxzDH8wpVOSSN+rQDr2HTxVncnjUFxxuYOFeo7IX7Ec
DGYJgWZjIV3Y3pIkVydglY1GgtIBMuQshGVcBns4jrFThuq9/wEpNc8lDbyT6C/0
/dzJzN7/2Ywhw0t2gcG31d44VNBCu5FRi92703bgMvtUks0oIkv2iF2OTV5SGaxj
5fVtpTK4RVBlNfz7DTZpMPyk/V4CVwy7z/arHJqLPJDih+gPk8mbTN+90VTCEOz8
rSB0IJy+bKytI3kkN0Bsfhb7zdc+pI7/EfNaG8m0hJGqa1R6SNn+tZnnfCMA4lVL
4uNz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:57 2023 by rpki-client on console-fra.rpki-client.org