Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/LxgZHaDRBstm_gFAVjmUJh_TLZs.roa
File: LxgZHaDRBstm_gFAVjmUJh_TLZs.roa (raw, json)
Hash identifier: RA6xyYtLQ8tawz3Ps8ShcRzSGihoZqIz+mIOM/l//JU=
Subject key identifier: 2F:18:19:1D:A0:D1:06:CB:66:FE:01:40:56:39:94:26:1F:D3:2D:9B
Certificate issuer: /CN=411dea53467b6c7143eb23d284569a8183b2e82f
Certificate serial: 0181D83D5B2C4D0F64F10482388FDF3CF0B6
Authority key identifier: 41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/LxgZHaDRBstm_gFAVjmUJh_TLZs.roa
Signing time: Thu 07 Jul 2022 10:38:28 +0000
ROA not before: Thu 07 Jul 2022 10:38:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5541
IP address blocks: 84.239.0.0/22 maxlen: 22
84.239.10.0/24 maxlen: 24
84.239.7.0/24 maxlen: 24
84.239.6.0/24 maxlen: 24
84.239.5.0/24 maxlen: 24
84.239.13.0/24 maxlen: 24
84.239.12.0/24 maxlen: 24
84.239.48.0/24 maxlen: 24
84.239.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d8:3d:5b:2c:4d:0f:64:f1:04:82:38:8f:df:3c:f0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=411dea53467b6c7143eb23d284569a8183b2e82f
Validity
Not Before: Jul 7 10:38:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f18191da0d106cb66fe0140563994261fd32d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:b5:94:d9:d1:05:f9:2a:03:aa:9d:ed:57:10:
22:70:af:02:9c:6f:7b:1a:a8:ab:9b:70:b6:7b:d7:
87:5a:87:57:09:3a:99:78:a3:15:10:f1:79:30:e6:
5c:f2:fe:88:36:23:3a:cc:f9:c7:af:91:90:b8:69:
b8:50:92:24:d6:98:2b:c3:7c:93:26:11:53:57:1b:
20:ed:c3:2a:a5:25:6d:6a:7b:c6:50:1d:51:ac:4e:
98:80:ae:40:cf:5e:b1:27:3c:40:e3:f1:44:42:b5:
a4:34:0d:41:cf:9e:02:3e:3b:d0:75:0a:8d:8e:8c:
3e:98:e0:8b:df:f2:02:a5:9c:c3:6d:62:25:67:3c:
e4:9a:53:2f:e3:ac:17:74:5d:ae:26:3b:2c:72:62:
6a:fe:5d:e5:e1:4f:ec:3b:5e:65:68:25:9c:e2:5f:
be:b0:28:77:03:e2:e3:79:21:b9:6f:9a:18:5e:9f:
26:2c:49:ad:80:a0:fb:ae:23:b4:27:ab:c9:26:28:
47:75:0c:9e:fc:b3:99:34:80:6e:f4:f3:1a:39:31:
29:4b:fe:d6:ba:b7:63:cd:ee:8f:cc:85:20:36:b8:
78:56:4d:10:96:71:29:42:08:4f:25:3c:e6:5e:41:
7a:7c:69:51:80:7d:69:cc:86:21:c0:50:1b:2f:d4:
d2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:18:19:1D:A0:D1:06:CB:66:FE:01:40:56:39:94:26:1F:D3:2D:9B
X509v3 Authority Key Identifier:
keyid:41:1D:EA:53:46:7B:6C:71:43:EB:23:D2:84:56:9A:81:83:B2:E8:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QR3qU0Z7bHFD6yPShFaagYOy6C8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/LxgZHaDRBstm_gFAVjmUJh_TLZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/eacce5-e4dd-4d9f-8ec1-47120b9069b7/1/QR3qU0Z7bHFD6yPShFaagYOy6C8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.239.0.0/22
84.239.5.0-84.239.7.255
84.239.10.0/24
84.239.12.0/23
84.239.47.0-84.239.48.255
Signature Algorithm: sha256WithRSAEncryption
76:46:b3:26:7e:d2:dd:c7:4d:3c:72:13:78:cc:cd:71:fc:96:
3e:35:3d:a4:e4:f6:a0:14:c8:6e:73:a2:66:a8:92:f7:7f:54:
d9:ec:55:13:c8:4e:f4:28:21:3b:77:09:e9:80:81:18:77:42:
d0:12:dc:5d:35:5d:9c:dd:cd:77:ad:41:5c:27:f1:16:e3:51:
12:07:b8:77:c2:72:2b:96:a2:3b:89:d7:fc:9d:de:04:d0:76:
bc:dc:09:98:e9:4a:a2:40:6c:08:3c:ad:5c:48:d9:a0:cf:5a:
d2:3b:44:f2:3c:57:34:73:71:37:ef:10:7d:86:54:5c:ae:46:
9f:e8:9f:14:c8:84:3e:ba:74:3d:92:0c:50:66:b4:8e:ca:cd:
00:cc:b4:e9:c5:d0:dd:3e:5c:5d:4d:3c:e2:7f:2f:a3:59:86:
e8:9c:02:da:e7:8d:72:a5:0c:78:ea:23:6f:66:6d:2d:c8:7e:
3e:3d:72:5f:19:86:91:f9:36:0e:30:f8:c4:64:7b:75:c2:a6:
4f:e8:a7:38:da:96:ba:19:cf:44:5e:6c:ad:8e:86:2f:ce:a0:
4e:30:23:73:84:cd:f1:79:38:af:6c:ba:a8:e6:cd:96:64:a5:
7a:9e:77:12:e5:f6:ce:c6:5e:c3:49:3b:f7:0f:55:24:ac:30:
4b:07:84:81
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYHYPVssTQ9k8QSCOI/fPPC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMWRlYTUzNDY3YjZjNzE0M2ViMjNkMjg0NTY5YTgxODNi
MmU4MmYwHhcNMjIwNzA3MTAzODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjE4MTkxZGEwZDEwNmNiNjZmZTAxNDA1NjM5OTQyNjFmZDMyZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAobWU2dEF+SoDqp3tVxAicK8CnG97
Gqirm3C2e9eHWodXCTqZeKMVEPF5MOZc8v6INiM6zPnHr5GQuGm4UJIk1pgrw3yT
JhFTVxsg7cMqpSVtanvGUB1RrE6YgK5Az16xJzxA4/FEQrWkNA1Bz54CPjvQdQqN
jow+mOCL3/ICpZzDbWIlZzzkmlMv46wXdF2uJjsscmJq/l3l4U/sO15laCWc4l++
sCh3A+LjeSG5b5oYXp8mLEmtgKD7riO0J6vJJihHdQye/LOZNIBu9PMaOTEpS/7W
urdjze6PzIUgNrh4Vk0QlnEpQghPJTzmXkF6fGlRgH1pzIYhwFAbL9TSkwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFC8YGR2g0QbLZv4BQFY5lCYf0y2bMB8GA1UdIwQY
MBaAFEEd6lNGe2xxQ+sj0oRWmoGDsugvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEt
NDcxMjBiOTA2OWI3LzEvTHhnWkhhRFJCc3RtX2dGQVZqbVVKaF9UTFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYWNjZTUtZTRkZC00ZDlmLThlYzEtNDcxMjBiOTA2OWI3
LzEvUVIzcVUwWjdiSEZENnlQU2hGYWFnWU95NkM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCVO8AMAwD
BABU7wUDBANU7wADBABU7woDBAFU7wwwDAMEAFTvLwMEAFTvMDANBgkqhkiG9w0B
AQsFAAOCAQEAdkazJn7S3cdNPHITeMzNcfyWPjU9pOT2oBTIbnOiZqiS939U2exV
E8hO9CghO3cJ6YCBGHdC0BLcXTVdnN3Nd61BXCfxFuNREge4d8JyK5aiO4nX/J3e
BNB2vNwJmOlKokBsCDytXEjZoM9a0jtE8jxXNHNxN+8QfYZUXK5Gn+ifFMiEPrp0
PZIMUGa0jsrNAMy06cXQ3T5cXU084n8vo1mG6JwC2ueNcqUMeOojb2ZtLch+Pj1y
XxmGkfk2DjD4xGR7dcKmT+inONqWuhnPRF5srY6GL86gTjAjc4TN8Xk4r2y6qObN
lmSlep53EuX2zsZew0k79w9VJKwwSweEgQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:54 2024 by rpki-client on console-ams.rpki-client.org