Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/LnaAqHs_WBzwm4doODy-TvVYmOA.roa
File: LnaAqHs_WBzwm4doODy-TvVYmOA.roa (raw, json)
Hash identifier: aAnmVLL5S0T5cyZ+CBQFLsLz0deok/ioLAc3mdf1hLE=
Subject key identifier: 2E:76:80:A8:7B:3F:58:1C:F0:9B:87:68:38:3C:BE:4E:F5:58:98:E0
Certificate issuer: /CN=0849757e3e35aaab5d57c5186243a437173e4d36
Certificate serial: 03DE7CE3
Authority key identifier: 08:49:75:7E:3E:35:AA:AB:5D:57:C5:18:62:43:A4:37:17:3E:4D:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEl1fj41qqtdV8UYYkOkNxc-TTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/LnaAqHs_WBzwm4doODy-TvVYmOA.roa
Signing time: Sat 01 Jan 2022 11:03:06 +0000
ROA not before: Sat 01 Jan 2022 11:03:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49769
IP address blocks: 185.153.156.0/23 maxlen: 23
185.153.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64912611 (0x3de7ce3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0849757e3e35aaab5d57c5186243a437173e4d36
Validity
Not Before: Jan 1 11:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e7680a87b3f581cf09b8768383cbe4ef55898e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:41:dc:96:27:a5:e5:d4:b9:bf:90:ff:05:82:
96:1c:29:95:26:38:73:a9:52:71:f5:43:1d:02:19:
50:ab:24:07:b3:06:e2:e0:00:27:ca:03:93:19:20:
2b:f0:52:f9:e6:84:69:9c:98:4e:79:5a:8e:af:08:
17:54:3c:ff:7f:32:20:ad:cc:c1:ea:72:ca:1d:88:
c5:ca:94:d5:47:c2:c5:33:17:dd:b8:a3:3e:24:8a:
3b:3a:5d:4c:c0:ac:bd:5b:76:4b:a1:75:6b:00:67:
2c:e4:84:a5:cd:7f:72:b3:2d:54:63:ea:c9:0c:6e:
81:d5:05:58:d1:43:df:a5:8f:e8:63:7a:d6:21:65:
ac:50:db:1c:9a:4c:84:b5:70:77:17:99:48:8d:6d:
14:fe:81:11:b8:0a:c1:ac:c3:bc:1e:f8:bd:d5:98:
cc:98:fe:0a:51:1d:98:0b:d4:cc:d2:12:6f:2f:4e:
a4:cb:84:1f:6b:6d:8f:f4:06:b5:b0:b6:bb:14:a7:
41:f9:da:48:1b:e5:bb:d1:cc:b2:4f:25:fb:d3:c7:
75:de:fe:e2:15:67:a6:bc:5e:72:35:86:c2:0d:d5:
7a:3a:39:91:d7:71:80:67:c7:ed:6c:e3:dd:70:79:
29:d5:63:4c:00:03:91:db:e8:8d:84:17:bd:d8:34:
16:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:76:80:A8:7B:3F:58:1C:F0:9B:87:68:38:3C:BE:4E:F5:58:98:E0
X509v3 Authority Key Identifier:
keyid:08:49:75:7E:3E:35:AA:AB:5D:57:C5:18:62:43:A4:37:17:3E:4D:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEl1fj41qqtdV8UYYkOkNxc-TTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/LnaAqHs_WBzwm4doODy-TvVYmOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/CEl1fj41qqtdV8UYYkOkNxc-TTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.156.0-185.153.158.255
Signature Algorithm: sha256WithRSAEncryption
60:d0:73:c6:f7:fb:68:31:39:60:aa:2f:c2:33:57:b3:2d:a0:
25:9d:df:fb:23:fa:78:50:e8:31:46:a3:0a:b1:c1:52:5c:f2:
56:6f:5d:71:3c:b7:31:4d:3e:fc:96:0b:05:2e:e8:04:1b:76:
9c:4c:81:ed:1d:57:c9:8b:1e:bd:99:a5:f9:44:4c:8f:d7:11:
7d:54:d0:36:e9:1a:ee:9c:06:7e:c7:04:7d:f5:d8:20:1f:5b:
3f:83:66:38:0f:11:67:c0:92:a4:b8:ae:59:4d:d0:a7:e5:ed:
41:c2:89:fa:97:1d:00:f7:a8:4f:19:81:ee:43:c0:11:d3:49:
41:73:1b:61:38:c6:22:37:f8:71:25:fb:de:cf:85:c6:0c:f4:
7d:bb:58:76:9f:e8:8e:99:6f:1b:fa:e4:e0:5a:90:46:49:df:
ac:84:e8:75:8d:f5:4c:31:31:84:d8:1f:73:10:3b:f7:99:01:
57:f0:67:05:11:5b:4d:fe:9f:35:20:eb:eb:55:6d:3e:d7:c6:
02:45:27:16:9e:94:50:a9:db:d2:7d:16:c8:47:09:9e:81:04:
10:a8:2e:26:2c:24:92:20:ed:7a:38:cd:53:ce:1a:0f:eb:0e:
6d:85:32:7c:5b:a6:b4:36:69:06:aa:dd:ab:c2:b3:17:c0:31:
de:11:7d:a4
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEA9584zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODQ5NzU3ZTNlMzVhYWFiNWQ1N2M1MTg2MjQzYTQzNzE3M2U0ZDM2MB4XDTIyMDEw
MTExMDMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU3NjgwYTg3YjNm
NTgxY2YwOWI4NzY4MzgzY2JlNGVmNTU4OThlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBB3JYnpeXUub+Q/wWClhwplSY4c6lScfVDHQIZUKskB7MG
4uAAJ8oDkxkgK/BS+eaEaZyYTnlajq8IF1Q8/38yIK3Mwepyyh2IxcqU1UfCxTMX
3bijPiSKOzpdTMCsvVt2S6F1awBnLOSEpc1/crMtVGPqyQxugdUFWNFD36WP6GN6
1iFlrFDbHJpMhLVwdxeZSI1tFP6BEbgKwazDvB74vdWYzJj+ClEdmAvUzNISby9O
pMuEH2ttj/QGtbC2uxSnQfnaSBvlu9HMsk8l+9PHdd7+4hVnprxecjWGwg3Vejo5
kddxgGfH7Wzj3XB5KdVjTAADkdvojYQXvdg0FmMCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQudoCoez9YHPCbh2g4PL5O9ViY4DAfBgNVHSMEGDAWgBQISXV+PjWqq11X
xRhiQ6Q3Fz5NNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NFbDFmajQxcXF0ZFY4VVlZa09rTnhjLVRUWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZmIyNDAxLWU0NzAtNGMwNS05OWI4LWY4ZWVjYjQyNTA4Ny8x
L0xuYUFxSHNfV0J6d200ZG9PRHktVHZWWW1PQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZmIyNDAxLWU0NzAtNGMwNS05OWI4LWY4ZWVjYjQyNTA4Ny8xL0NFbDFmajQxcXF0
ZFY4VVlZa09rTnhjLVRUWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQCuZmcAwQAuZmeMA0GCSqGSIb3
DQEBCwUAA4IBAQBg0HPG9/toMTlgqi/CM1ezLaAlnd/7I/p4UOgxRqMKscFSXPJW
b11xPLcxTT78lgsFLugEG3acTIHtHVfJix69maX5REyP1xF9VNA26RrunAZ+xwR9
9dggH1s/g2Y4DxFnwJKkuK5ZTdCn5e1Bwon6lx0A96hPGYHuQ8AR00lBcxthOMYi
N/hxJfvez4XGDPR9u1h2n+iOmW8b+uTgWpBGSd+shOh1jfVMMTGE2B9zEDv3mQFX
8GcFEVtN/p81IOvrVW0+18YCRScWnpRQqdvSfRbIRwmegQQQqC4mLCSSIO16OM1T
zhoP6w5thTJ8W6a0NmkGqt2rwrMXwDHeEX2k
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:08 2023 by rpki-client on console-fra.rpki-client.org