Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/lZwlMdMqWE4bGRGK-6iSWcEnq4I.roa
File: lZwlMdMqWE4bGRGK-6iSWcEnq4I.roa (raw, json)
Hash identifier: lKo5PuPBPDhgg/RRJVTyA8JasNA4pWFzc1Et0qrYgKk=
Subject key identifier: 95:9C:25:31:D3:2A:58:4E:1B:19:11:8A:FB:A8:92:59:C1:27:AB:82
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 01855AEE4156BDDAA6F1B51C7860FF80C344
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/lZwlMdMqWE4bGRGK-6iSWcEnq4I.roa
Signing time: Wed 28 Dec 2022 22:50:41 +0000
ROA not before: Wed 28 Dec 2022 22:50:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49305
IP address blocks: 185.228.251.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:5a:ee:41:56:bd:da:a6:f1:b5:1c:78:60:ff:80:c3:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Dec 28 22:50:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=959c2531d32a584e1b19118afba89259c127ab82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:78:57:90:e2:27:d5:4c:05:03:f4:1c:76:89:
c6:05:75:9d:ce:a7:f3:af:0b:fe:1b:0f:0e:d4:f4:
34:da:36:d7:46:42:a3:6f:d7:25:fe:d8:c5:6a:84:
c7:2d:7e:6c:cb:5f:a2:64:87:6e:7a:ef:f5:11:8f:
ea:e5:e5:09:57:2d:44:40:c7:ff:fa:b5:f9:4b:85:
e4:e9:14:66:d4:4a:81:af:dc:69:05:40:91:98:70:
a9:5e:13:3a:82:1b:43:59:8b:3b:b8:ed:ba:9b:07:
98:78:ac:94:22:3f:84:cf:5f:9a:72:3c:4b:7a:96:
bc:7e:77:8f:05:da:0c:f4:72:4e:88:17:bb:0c:7d:
6a:0a:22:48:12:75:33:42:40:cb:4e:24:f0:de:12:
f9:83:64:0c:10:5f:19:11:c8:9d:91:56:31:b3:dc:
55:4a:52:11:1b:04:f7:28:a6:1f:86:6b:ff:78:0a:
46:e6:42:a9:7f:c5:ad:26:9d:79:e2:fe:d1:6f:69:
8c:d8:aa:a6:6a:dd:f8:ba:bd:d8:b2:ff:41:6a:fa:
cd:2d:ce:3c:8d:23:1c:ec:10:b5:ab:59:03:f8:7a:
15:05:fb:55:26:3b:d1:46:de:da:06:6f:27:b8:7a:
bb:bd:71:a6:44:70:49:0a:dc:a6:20:cb:5a:68:08:
06:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9C:25:31:D3:2A:58:4E:1B:19:11:8A:FB:A8:92:59:C1:27:AB:82
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/lZwlMdMqWE4bGRGK-6iSWcEnq4I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.228.251.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a7:b5:ef:1e:17:43:5d:4a:ef:b8:5e:15:de:37:17:45:34:
24:b5:0b:3e:c9:fe:5f:83:51:05:f9:ff:cd:3e:1e:55:ca:05:
3c:e1:d1:fe:34:8d:a8:dc:47:77:9e:30:45:0a:27:40:69:3e:
08:4e:e4:09:40:0a:28:56:d3:e2:df:2d:ef:59:a2:13:ed:c9:
9f:18:47:22:0f:1d:66:af:2e:cf:cb:a8:0b:53:b6:98:d3:80:
02:60:3f:1e:f5:81:80:19:d6:e3:7c:cb:b4:91:44:a5:aa:cb:
d2:4d:10:2d:43:ff:f9:a5:c9:b3:d4:a3:c8:84:ac:2c:c7:27:
58:59:7f:9a:16:b8:ca:06:ea:84:8f:26:e4:0b:34:58:2a:a9:
17:2d:71:75:4b:2e:c8:a6:d9:8d:ac:74:d6:01:c2:bf:16:7e:
94:23:07:94:e3:0c:0a:1c:bc:b3:df:45:02:a0:17:71:2c:6e:
59:ea:85:55:42:be:a0:04:d5:09:20:b8:3b:32:c9:96:5a:63:
3e:73:64:9c:8a:9b:68:82:5b:71:be:56:ed:0a:47:13:b6:61:
f7:58:a1:4c:50:39:4f:6e:ca:c5:b3:f8:24:db:a2:dd:a8:69:
42:af:39:7c:54:dc:89:89:c8:4b:1c:01:de:80:95:25:64:28:
72:85:3f:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVa7kFWvdqm8bUceGD/gMNEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjIxMjI4MjI1MDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTljMjUzMWQzMmE1ODRlMWIxOTExOGFmYmE4OTI1OWMxMjdhYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhHhXkOIn1UwFA/QcdonGBXWdzqfz
rwv+Gw8O1PQ02jbXRkKjb9cl/tjFaoTHLX5sy1+iZIdueu/1EY/q5eUJVy1EQMf/
+rX5S4Xk6RRm1EqBr9xpBUCRmHCpXhM6ghtDWYs7uO26mweYeKyUIj+Ez1+acjxL
epa8fnePBdoM9HJOiBe7DH1qCiJIEnUzQkDLTiTw3hL5g2QMEF8ZEcidkVYxs9xV
SlIRGwT3KKYfhmv/eApG5kKpf8WtJp154v7Rb2mM2Kqmat34ur3Ysv9BavrNLc48
jSMc7BC1q1kD+HoVBftVJjvRRt7aBm8nuHq7vXGmRHBJCtymIMtaaAgGBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWcJTHTKlhOGxkRivuoklnBJ6uCMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvbFp3bE1kTXFXRTRiR1JHSy02aVNXY0VucTRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAueT7MA0G
CSqGSIb3DQEBCwUAA4IBAQBnp7XvHhdDXUrvuF4V3jcXRTQktQs+yf5fg1EF+f/N
Ph5VygU84dH+NI2o3Ed3njBFCidAaT4ITuQJQAooVtPi3y3vWaIT7cmfGEciDx1m
ry7Py6gLU7aY04ACYD8e9YGAGdbjfMu0kUSlqsvSTRAtQ//5pcmz1KPIhKwsxydY
WX+aFrjKBuqEjybkCzRYKqkXLXF1Sy7IptmNrHTWAcK/Fn6UIweU4wwKHLyz30UC
oBdxLG5Z6oVVQr6gBNUJILg7MsmWWmM+c2SciptogltxvlbtCkcTtmH3WKFMUDlP
bsrFs/gk26LdqGlCrzl8VNyJichLHAHegJUlZChyhT+m
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:39 2024 by rpki-client on console-fra.rpki-client.org