Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/LfhkfdmUWzuSJ3D3QyrUqQSz-FQ.roa
File: LfhkfdmUWzuSJ3D3QyrUqQSz-FQ.roa (raw, json)
Hash identifier: 5SYtjwubgizoQajCcsax/PmCNs8QgzcGCeWAnHbuFeI=
Subject key identifier: 2D:F8:64:7D:D9:94:5B:3B:92:27:70:F7:43:2A:D4:A9:04:B3:F8:54
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 07021261
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/LfhkfdmUWzuSJ3D3QyrUqQSz-FQ.roa
Signing time: Sat 01 Jan 2022 14:55:17 +0000
ROA not before: Sat 01 Jan 2022 14:55:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31435
IP address blocks: 82.146.22.0/24 maxlen: 24
82.146.20.0/23 maxlen: 23
82.146.26.0/23 maxlen: 23
84.238.208.0/21 maxlen: 21
84.238.220.0/23 maxlen: 23
84.238.220.0/22 maxlen: 22
84.238.224.0/22 maxlen: 22
84.238.222.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117576289 (0x7021261)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Jan 1 14:55:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2df8647dd9945b3b922770f7432ad4a904b3f854
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:43:5a:01:d8:10:48:1a:63:41:14:51:3d:78:
33:e4:15:e8:f8:ec:d4:5a:9f:02:93:d5:4f:49:85:
5c:ac:1e:e0:78:1b:e6:97:b7:a2:3d:25:52:af:a1:
39:49:0e:c3:af:33:46:b7:bd:4d:5f:9d:34:44:ba:
c5:73:02:a2:ff:93:eb:01:57:e1:f1:08:e9:80:a6:
fd:f9:dd:25:64:f4:fd:3a:d2:87:42:49:1d:f1:05:
7a:84:2b:d2:ba:fb:1b:b5:c7:ce:da:73:8d:95:92:
6f:1d:c7:b0:e0:cd:d9:6e:30:2c:b1:52:d7:d8:dc:
89:b6:63:6b:54:6e:4a:65:44:3d:48:81:75:55:69:
c6:27:33:bd:79:f5:f2:5f:eb:97:10:3b:6a:37:47:
92:af:c1:3a:de:9d:20:bf:86:c2:43:40:98:81:aa:
58:1a:76:42:23:12:20:32:b8:0d:c2:38:49:e2:21:
8f:3e:77:1a:43:49:fe:8b:14:fc:7d:b4:63:0b:02:
08:e6:ca:e8:20:9f:b3:12:fe:8d:54:bb:c0:f2:ce:
19:6a:c4:67:fc:a2:70:d2:36:62:50:a2:21:7c:bb:
29:65:7b:02:31:ca:de:f7:f1:a1:00:12:56:10:53:
b3:d9:63:f7:39:6a:34:5a:54:13:98:68:e5:80:6c:
d6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:F8:64:7D:D9:94:5B:3B:92:27:70:F7:43:2A:D4:A9:04:B3:F8:54
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/LfhkfdmUWzuSJ3D3QyrUqQSz-FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.20.0-82.146.22.255
82.146.26.0/23
84.238.208.0/21
84.238.220.0-84.238.227.255
Signature Algorithm: sha256WithRSAEncryption
ad:0c:23:95:fe:2f:d0:a6:f6:e6:43:4a:6d:c9:27:6b:b0:0f:
73:1d:e6:0d:f7:45:09:f7:03:0b:22:8b:22:e8:f6:9d:90:27:
84:ae:e3:da:d5:8c:47:ac:57:61:02:de:b0:c3:a7:46:84:2b:
ca:f7:0f:7b:36:bb:fc:7b:96:4a:f8:22:41:48:41:d0:c9:9c:
8f:54:6e:7d:12:03:25:7c:38:cb:67:91:aa:33:85:9d:0d:da:
a6:7b:db:26:b4:ff:7e:62:df:10:a4:73:d7:ad:c4:12:f6:5b:
1a:8b:da:68:57:f9:53:a9:44:5e:6d:92:e5:97:12:d6:60:e1:
b8:9d:06:47:a4:cb:19:2f:18:ee:7b:63:a0:36:5d:9e:f1:93:
46:a8:f2:75:cf:5c:d4:2f:ee:3a:06:83:ce:1c:b0:ad:54:f2:
98:71:3c:43:82:32:33:73:36:ae:e2:40:31:dd:59:91:c7:45:
e5:21:5f:5c:45:f4:f1:92:ef:68:8b:ea:ce:4f:ad:74:0b:1c:
6e:ac:c6:67:19:54:51:9a:b6:69:7a:c3:42:fd:11:07:8a:95:
09:68:8d:23:7d:5b:58:7e:bf:08:17:0d:a3:b8:19:2d:78:9a:
38:73:b3:92:e6:aa:40:a0:c4:5d:ae:25:d0:56:3e:01:fe:a7:
55:26:6b:45
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEBwISYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NWRjM2NiMWUwN2Q3MTRiNzI1ZjUxYTY2ZDFkY2ZkODdhZTFjNTFhMB4XDTIyMDEw
MTE0NTUxN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRmODY0N2RkOTk0
NWIzYjkyMjc3MGY3NDMyYWQ0YTkwNGIzZjg1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRDWgHYEEgaY0EUUT14M+QV6Pjs1FqfApPVT0mFXKwe4Hgb
5pe3oj0lUq+hOUkOw68zRre9TV+dNES6xXMCov+T6wFX4fEI6YCm/fndJWT0/TrS
h0JJHfEFeoQr0rr7G7XHztpzjZWSbx3HsODN2W4wLLFS19jcibZja1RuSmVEPUiB
dVVpxiczvXn18l/rlxA7ajdHkq/BOt6dIL+GwkNAmIGqWBp2QiMSIDK4DcI4SeIh
jz53GkNJ/osU/H20YwsCCObK6CCfsxL+jVS7wPLOGWrEZ/yicNI2YlCiIXy7KWV7
AjHK3vfxoQASVhBTs9lj9zlqNFpUE5ho5YBs1tUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQt+GR92ZRbO5IncPdDKtSpBLP4VDAfBgNVHSMEGDAWgBQV3Dyx4H1xS3Jf
UaZtHc/YeuHFGjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZkdzhzZUI5Y1V0eVgxR21iUjNQMkhyaHhSby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGQvYTljYzVkLTY5ZTAtNDU5Ny1hZDY0LWZlMmNiNDMxY2YyZi8x
L0xmaGtmZG1VV3p1U0ozRDNReXJVcVFTei1GUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGQv
YTljYzVkLTY5ZTAtNDU5Ny1hZDY0LWZlMmNiNDMxY2YyZi8xL0ZkdzhzZUI5Y1V0
eVgxR21iUjNQMkhyaHhSby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQCUpIUAwQAUpIWAwQBUpIaAwQD
VO7QMAwDBAJU7twDBAJU7uAwDQYJKoZIhvcNAQELBQADggEBAK0MI5X+L9Cm9uZD
Sm3JJ2uwD3Md5g33RQn3AwsiiyLo9p2QJ4Su49rVjEesV2EC3rDDp0aEK8r3D3s2
u/x7lkr4IkFIQdDJnI9Ubn0SAyV8OMtnkaozhZ0N2qZ72ya0/35i3xCkc9etxBL2
WxqL2mhX+VOpRF5tkuWXEtZg4bidBkekyxkvGO57Y6A2XZ7xk0ao8nXPXNQv7joG
g84csK1U8phxPEOCMjNzNq7iQDHdWZHHReUhX1xF9PGS72iL6s5PrXQLHG6sxmcZ
VFGatml6w0L9EQeKlQlojSN9W1h+vwgXDaO4GS14mjhzs5LmqkCgxF2uJdBWPgH+
p1Uma0U=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:53 2023 by rpki-client on console-ams.rpki-client.org