Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/LKlrDGc2q8J3hpc8VxP084BI5po.roa
File: LKlrDGc2q8J3hpc8VxP084BI5po.roa (raw, json)
Hash identifier: 6GgHBX/BonuH7QAw5XOKV7Xp6mWNgiPFAV+UkhpZPBE=
Subject key identifier: 2C:A9:6B:0C:67:36:AB:C2:77:86:97:3C:57:13:F4:F3:80:48:E6:9A
Certificate issuer: /CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Certificate serial: 27001082
Authority key identifier: A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/LKlrDGc2q8J3hpc8VxP084BI5po.roa
Signing time: Sat 01 Jan 2022 15:00:40 +0000
ROA not before: Sat 01 Jan 2022 15:00:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47775
IP address blocks: 213.5.105.0/24 maxlen: 24
213.5.104.0/24 maxlen: 24
213.5.104.0/22 maxlen: 22
213.5.104.0/23 maxlen: 23
213.5.106.0/24 maxlen: 24
213.5.106.0/23 maxlen: 23
213.5.107.0/24 maxlen: 24
2a02:1c8:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 654315650 (0x27001082)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a36d0ae5e2fbffcce08770ebc20c216b9fbf9485
Validity
Not Before: Jan 1 15:00:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ca96b0c6736abc27786973c5713f4f38048e69a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:62:59:38:7c:b5:c9:3d:e6:b5:60:9c:f5:3f:
e3:d5:3c:cf:34:4a:f1:32:6b:02:4a:c7:7b:2c:67:
c4:f6:a8:e6:24:52:84:83:9b:03:88:d1:59:b2:33:
8c:32:c1:bb:65:58:76:ce:99:65:b9:14:3c:31:02:
34:78:f2:c5:b1:79:33:8c:2a:63:c9:6a:7a:16:dc:
fd:fd:b3:1d:0c:21:fc:bd:cc:7d:ba:a8:b4:e6:cd:
95:e6:77:37:7e:13:28:cf:30:0d:72:55:fc:20:e7:
94:ab:fd:62:31:a6:49:01:c9:1e:7f:72:1c:0f:49:
f4:5f:32:e4:f2:72:56:b4:12:1a:e7:db:b0:3b:83:
3e:65:fe:83:d9:cd:84:7c:cf:d6:f6:f7:70:ea:cf:
ab:6a:1d:b3:12:1b:41:ae:30:0e:63:d0:df:33:c1:
97:60:99:98:85:b4:1d:22:36:51:cc:98:b7:a3:e1:
0c:36:77:c3:1d:0d:51:b9:7d:e8:24:0a:42:7d:da:
03:a5:ba:b0:8a:1b:0f:a2:e4:de:a4:7e:35:5f:04:
2d:cc:e2:90:15:da:d8:24:7d:73:44:50:e1:98:87:
46:71:96:bd:a4:51:5c:4b:85:dc:8b:ff:55:72:f2:
15:5a:7e:b2:5f:23:f0:00:25:7e:88:f9:83:f0:1a:
60:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:A9:6B:0C:67:36:AB:C2:77:86:97:3C:57:13:F4:F3:80:48:E6:9A
X509v3 Authority Key Identifier:
keyid:A3:6D:0A:E5:E2:FB:FF:CC:E0:87:70:EB:C2:0C:21:6B:9F:BF:94:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o20K5eL7_8zgh3Drwgwha5-_lIU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/LKlrDGc2q8J3hpc8VxP084BI5po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/8cac0c-3426-4f07-af20-cbb95183b27a/1/o20K5eL7_8zgh3Drwgwha5-_lIU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.5.104.0/22
IPv6:
2a02:1c8:5::/48
Signature Algorithm: sha256WithRSAEncryption
9c:44:ee:f4:b7:6d:44:ed:13:09:e7:a7:30:a7:1f:67:cc:63:
e8:c6:6f:11:de:14:c0:42:27:92:11:7d:3d:13:0a:38:30:00:
a9:83:5a:2f:3c:aa:96:9a:bc:9a:7f:b3:7a:ed:aa:df:64:d3:
7d:ce:97:e8:da:a9:0d:9a:e0:89:04:df:27:cc:db:20:35:b6:
8a:1f:c9:49:0d:71:8e:0c:bb:e1:aa:c2:3e:d3:7d:1b:d9:6a:
b7:4a:b6:4b:30:40:0f:37:88:6b:8b:07:bf:75:1e:8c:58:1a:
5a:ad:82:8e:d5:7c:e8:5d:d8:b9:96:30:b6:4b:07:56:f0:ab:
3c:c1:66:65:66:23:a3:77:b1:3c:4d:48:d2:f9:36:04:1d:1d:
98:d9:5e:7a:23:a7:e7:55:57:14:a4:1b:05:06:5b:e9:34:d3:
51:74:68:a9:7c:62:c3:b1:84:18:0e:db:dd:9b:29:2f:57:25:
21:85:45:6f:bf:e1:01:d8:97:89:0f:e6:c4:8c:d3:ea:de:41:
0e:0b:f5:03:f7:b3:56:c3:50:ee:8a:68:0f:df:53:a8:7c:d3:
4d:a7:e3:cf:7c:98:a1:24:8d:1f:43:3e:d8:eb:8e:d2:fe:b5:
a3:21:f6:fa:10:a4:b0:42:ac:81:28:0a:d1:a1:93:84:73:3f:
0a:2d:27:04
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEJwAQgjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MzZkMGFlNWUyZmJmZmNjZTA4NzcwZWJjMjBjMjE2YjlmYmY5NDg1MB4XDTIyMDEw
MTE1MDA0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNhOTZiMGM2NzM2
YWJjMjc3ODY5NzNjNTcxM2Y0ZjM4MDQ4ZTY5YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZiWTh8tck95rVgnPU/49U8zzRK8TJrAkrHeyxnxPao5iRS
hIObA4jRWbIzjDLBu2VYds6ZZbkUPDECNHjyxbF5M4wqY8lqehbc/f2zHQwh/L3M
fbqotObNleZ3N34TKM8wDXJV/CDnlKv9YjGmSQHJHn9yHA9J9F8y5PJyVrQSGufb
sDuDPmX+g9nNhHzP1vb3cOrPq2odsxIbQa4wDmPQ3zPBl2CZmIW0HSI2UcyYt6Ph
DDZ3wx0NUbl96CQKQn3aA6W6sIobD6Lk3qR+NV8ELczikBXa2CR9c0RQ4ZiHRnGW
vaRRXEuF3Iv/VXLyFVp+sl8j8AAlfoj5g/AaYGMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQsqWsMZzarwneGlzxXE/TzgEjmmjAfBgNVHSMEGDAWgBSjbQrl4vv/zOCH
cOvCDCFrn7+UhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L28yMEs1ZUw3Xzh6Z2gzRHJ3Z3doYTUtX2xJVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTAvOGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8x
L0xLbHJER2MycThKM2hwYzhWeFAwODRCSTVwby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTAv
OGNhYzBjLTM0MjYtNGYwNy1hZjIwLWNiYjk1MTgzYjI3YS8xL28yMEs1ZUw3Xzh6
Z2gzRHJ3Z3doYTUtX2xJVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAtUFaDAPBAIAAjAJAwcAKgIByAAF
MA0GCSqGSIb3DQEBCwUAA4IBAQCcRO70t21E7RMJ56cwpx9nzGPoxm8R3hTAQieS
EX09Ewo4MACpg1ovPKqWmryaf7N67arfZNN9zpfo2qkNmuCJBN8nzNsgNbaKH8lJ
DXGODLvhqsI+030b2Wq3SrZLMEAPN4hriwe/dR6MWBparYKO1XzoXdi5ljC2SwdW
8Ks8wWZlZiOjd7E8TUjS+TYEHR2Y2V56I6fnVVcUpBsFBlvpNNNRdGipfGLDsYQY
DtvdmykvVyUhhUVvv+EB2JeJD+bEjNPq3kEOC/UD97NWw1DuimgP31OofNNNp+PP
fJihJI0fQz7Y647S/rWjIfb6EKSwQqyBKArRoZOEcz8KLScE
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:53 2024 by rpki-client on console-fra.rpki-client.org