Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ld8mj40fOV43EIbuKbZmBUdSsxg.roa
File: ld8mj40fOV43EIbuKbZmBUdSsxg.roa (raw, json)
Hash identifier: 770GaGhmyCTxL9tHv/cezNBc6/3HmNJBATCYCMwXffk=
Subject key identifier: 95:DF:26:8F:8D:1F:39:5E:37:10:86:EE:29:B6:66:05:47:52:B3:18
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 05CEA373
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ld8mj40fOV43EIbuKbZmBUdSsxg.roa
Signing time: Mon 07 Feb 2022 18:41:01 +0000
ROA not before: Mon 07 Feb 2022 18:41:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25211
IP address blocks: 94.26.79.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.47.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
93.152.212.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
94.26.76.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
93.152.225.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 97428339 (0x5cea373)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Feb 7 18:41:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95df268f8d1f395e371086ee29b666054752b318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:34:ce:56:b2:c6:a1:f0:bd:6d:de:69:91:72:
ec:9c:ea:c9:ac:20:2f:d6:40:1f:85:6a:55:ea:2c:
28:1e:ed:29:42:50:01:31:07:5c:f6:4d:14:ea:3e:
dc:ba:a5:23:6c:aa:05:ff:2d:de:cb:39:17:3c:0a:
c4:4b:b2:3a:bf:48:83:80:37:67:45:14:af:13:1e:
9a:81:30:68:5e:77:57:2d:b6:72:89:06:0c:a2:b1:
25:1a:36:57:f8:bd:87:1d:42:5f:2c:45:65:45:dd:
15:91:34:2f:e8:37:45:99:de:b4:d9:a9:df:08:63:
e1:8f:dc:ee:59:dd:f9:32:85:bf:1b:11:cc:c9:fa:
05:6e:3c:8a:56:f3:6a:5f:9d:b3:e2:8f:e4:d0:fd:
7f:b4:18:a9:b9:3c:17:9a:8a:aa:e4:26:e8:01:36:
1e:21:60:6a:dd:d8:1b:60:10:86:2e:03:3c:47:b4:
35:1b:aa:05:f8:fa:40:b9:5f:66:16:7b:d6:6e:5d:
3b:43:59:76:23:5b:8d:64:97:53:63:ed:27:06:b8:
f1:1c:4e:a2:8b:8a:6e:d5:31:b1:8c:3a:6a:cb:19:
a7:6c:54:bb:5f:5d:f5:c5:ae:62:34:fa:17:e5:9b:
e8:e5:18:ea:aa:79:4f:3f:f7:03:0c:49:2f:8a:46:
1a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:DF:26:8F:8D:1F:39:5E:37:10:86:EE:29:B6:66:05:47:52:B3:18
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ld8mj40fOV43EIbuKbZmBUdSsxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.158.255
91.92.35.0/24
91.92.40.0/21
93.152.212.0-93.152.214.255
93.152.216.0/24
93.152.220.0/23
93.152.225.0/24
94.26.28.0/23
94.26.76.0/22
185.96.252.0/23
185.96.255.0/24
Signature Algorithm: sha256WithRSAEncryption
40:33:42:fc:78:a4:9c:54:5c:31:91:db:b3:a2:72:da:15:97:
37:b1:6b:43:da:a3:fd:07:27:d4:19:84:d5:cb:bc:22:c4:a0:
a1:b9:73:b9:d3:d2:9e:f9:52:2f:00:8a:1d:37:51:8c:5b:6b:
ba:ad:d2:72:03:99:10:a2:0d:14:74:09:82:b2:12:4f:d8:91:
f6:ca:f2:43:00:45:b8:8b:aa:66:a5:cf:d0:e3:b0:81:8e:0f:
15:1a:de:35:90:64:7f:31:bc:41:55:bb:87:3a:42:8c:28:86:
41:cf:d0:56:93:bc:ff:95:e5:2a:0f:26:93:b9:73:8d:d7:00:
d8:9b:20:c2:7e:a5:c1:2c:89:cc:38:49:d1:b8:a3:b3:b2:cd:
98:50:c2:ac:52:ff:ae:29:bc:0c:31:e7:3b:d0:54:a1:82:7f:
80:1d:37:51:b2:64:44:84:ef:77:6e:c1:c6:e0:79:f9:2b:d0:
29:9a:2e:86:de:17:78:4c:6a:31:25:d5:f7:6d:5a:00:81:4e:
cb:ad:47:6d:74:43:05:09:8c:49:61:38:56:27:f6:6d:f3:c1:
1c:bb:7d:bd:45:40:a7:84:25:93:ba:22:46:0d:22:3a:22:8d:
c3:e7:d8:ee:8c:aa:b0:c0:56:0b:6a:92:47:0f:04:29:35:e3:
16:76:36:36
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgIEBc6jczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZDFjYWE2OTM1OGY4Yzk4ZjdhNzE5ZjI1OTdkNWRhZGRiZDAwMThjMB4XDTIyMDIw
NzE4NDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVkZjI2OGY4ZDFm
Mzk1ZTM3MTA4NmVlMjliNjY2MDU0NzUyYjMxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ0zlayxqHwvW3eaZFy7JzqyawgL9ZAH4VqVeosKB7tKUJQ
ATEHXPZNFOo+3LqlI2yqBf8t3ss5FzwKxEuyOr9Ig4A3Z0UUrxMemoEwaF53Vy22
cokGDKKxJRo2V/i9hx1CXyxFZUXdFZE0L+g3RZnetNmp3whj4Y/c7lnd+TKFvxsR
zMn6BW48ilbzal+ds+KP5ND9f7QYqbk8F5qKquQm6AE2HiFgat3YG2AQhi4DPEe0
NRuqBfj6QLlfZhZ71m5dO0NZdiNbjWSXU2PtJwa48RxOoouKbtUxsYw6assZp2xU
u19d9cWuYjT6F+Wb6OUY6qp5Tz/3AwxJL4pGGhcCAwEAAaOCAn4wggJ6MB0GA1Ud
DgQWBBSV3yaPjR85XjcQhu4ptmYFR1KzGDAfBgNVHSMEGDAWgBQtHKppNY+MmPen
GfJZfV2t29ABjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xSeXFhVFdQakpqM3B4bnlXWDFkcmR2UUFZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvYTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8x
L2xkOG1qNDBmT1Y0M0VJYnVLYlptQlVkU3N4Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
YTkzNjk5LTE4OGItNDcwYS05NmI3LTI5YjA4NWRkMjNhZC8xL0xSeXFhVFdQakpq
M3B4bnlXWDFkcmR2UUFZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAU6fgAMEAE6fgwMEAk6fiDAM
AwQATp+VAwQATp+WAwQCTp+YMAwDBABOn50DBABOn54DBABbXCMDBANbXCgwDAME
Al2Y1AMEAF2Y1gMEAF2Y2AMEAV2Y3AMEAF2Y4QMEAV4aHAMEAl4aTAMEAblg/AME
ALlg/zANBgkqhkiG9w0BAQsFAAOCAQEAQDNC/HiknFRcMZHbs6Jy2hWXN7FrQ9qj
/Qcn1BmE1cu8IsSgoblzudPSnvlSLwCKHTdRjFtruq3ScgOZEKINFHQJgrIST9iR
9sryQwBFuIuqZqXP0OOwgY4PFRreNZBkfzG8QVW7hzpCjCiGQc/QVpO8/5XlKg8m
k7lzjdcA2Jsgwn6lwSyJzDhJ0bijs7LNmFDCrFL/rim8DDHnO9BUoYJ/gB03UbJk
RITvd27BxuB5+SvQKZouht4XeExqMSXV921aAIFOy61HbXRDBQmMSWE4Vif2bfPB
HLt9vUVAp4Qlk7oiRg0iOiKNw+fY7oyqsMBWC2qSRw8EKTXjFnY2Ng==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:07 2023 by rpki-client on console-fra.rpki-client.org