Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/Lh9dvfWOZ6CgtYopZzFcLNzj--c.roa
File: Lh9dvfWOZ6CgtYopZzFcLNzj--c.roa (raw, json)
Hash identifier: yJSH1wHHjN4jrsyWdBGjhu86DkyPHD0/BbpGiA0SAo4=
Subject key identifier: 2E:1F:5D:BD:F5:8E:67:A0:A0:B5:8A:29:67:31:5C:2C:DC:E3:FB:E7
Certificate issuer: /CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Certificate serial: 0181F24AB101263C0814B115AF1A9FE64283
Authority key identifier: 82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/Lh9dvfWOZ6CgtYopZzFcLNzj--c.roa
Signing time: Tue 12 Jul 2022 12:03:10 +0000
ROA not before: Tue 12 Jul 2022 12:03:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 398642
IP address blocks: 144.57.48.0/21 maxlen: 21
144.57.48.0/24 maxlen: 24
144.57.49.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f2:4a:b1:01:26:3c:08:14:b1:15:af:1a:9f:e6:42:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b3dcdf31af6ef0c934eaf24884ad99516edd76
Validity
Not Before: Jul 12 12:03:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e1f5dbdf58e67a0a0b58a2967315c2cdce3fbe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e4:c8:c3:20:1b:ee:9e:9c:37:f0:68:1a:c0:
95:15:9c:3a:48:78:84:a6:a0:3e:f3:98:bc:19:43:
4f:81:41:51:e7:79:28:90:c4:ca:99:c4:71:56:46:
80:51:32:be:87:b6:16:54:66:c1:50:57:f4:24:d6:
2b:20:41:28:be:d0:6a:e3:65:0d:c4:0b:83:73:36:
fe:32:6c:ed:11:59:2e:71:86:82:09:35:f6:dc:6c:
54:4d:15:2c:3b:fe:0b:63:09:53:3b:4d:d8:5c:04:
16:4f:39:65:ad:3b:14:bc:8b:cb:3e:7e:17:0a:48:
46:18:4b:96:cc:3a:bb:b4:ac:98:33:4c:39:f9:68:
68:4e:f1:1a:8a:9e:2e:15:41:a4:61:f2:3d:ab:9b:
c6:52:9e:f7:67:bd:70:dc:b9:3b:ff:d5:e1:23:43:
06:7c:11:f6:64:73:d2:86:58:ef:66:e2:23:31:07:
5a:ef:9e:e2:f8:e5:9c:71:5d:94:d6:ce:80:4c:8a:
d2:14:b3:31:46:23:0e:14:06:5a:2a:5b:a6:83:0d:
f9:86:ca:9a:93:44:97:61:43:11:b8:79:b9:ab:66:
58:77:df:99:f2:a9:c9:b7:7d:0a:0d:3c:63:0c:cd:
a0:37:ed:ed:a1:93:86:b2:44:28:e9:d4:7c:77:b2:
14:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1F:5D:BD:F5:8E:67:A0:A0:B5:8A:29:67:31:5C:2C:DC:E3:FB:E7
X509v3 Authority Key Identifier:
keyid:82:B3:DC:DF:31:AF:6E:F0:C9:34:EA:F2:48:84:AD:99:51:6E:DD:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grPc3zGvbvDJNOrySIStmVFu3XY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/Lh9dvfWOZ6CgtYopZzFcLNzj--c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/41f4c7-9668-4cf4-9e9d-e0e0468e69d7/1/grPc3zGvbvDJNOrySIStmVFu3XY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.57.48.0/21
Signature Algorithm: sha256WithRSAEncryption
47:07:be:8b:a6:1a:d5:ac:7c:27:40:d3:4c:c2:a2:32:2f:97:
fb:9a:fa:51:80:60:3f:3c:eb:f4:1f:4e:43:49:0f:1f:75:e9:
d3:67:0a:18:91:ab:c6:31:de:b4:c0:77:48:56:06:96:15:20:
76:b4:79:c6:2a:2f:fd:67:06:31:34:29:96:df:47:ec:0b:01:
75:07:85:7f:ab:d2:9e:21:5e:ec:6d:d6:f1:ef:81:43:24:38:
8d:3a:04:48:89:63:9e:6a:39:aa:b3:ee:ef:4c:d5:eb:c9:6e:
83:03:8e:10:43:eb:04:bc:d4:79:14:da:86:a5:72:cb:47:ae:
d5:c3:b4:2c:b8:8b:c6:46:27:b3:68:e9:bc:1d:8f:10:71:6c:
63:30:70:c3:47:44:ef:34:6e:6b:fb:9f:c0:47:bb:35:7b:0c:
5b:b9:ca:61:80:b1:9b:fe:ea:ad:cd:11:6e:07:51:c0:ab:03:
7a:e7:e2:96:da:59:10:21:77:50:48:04:dc:a3:ee:a2:b6:ca:
c8:88:6c:cf:7f:d5:92:f8:2d:dc:77:60:79:62:56:77:70:64:
f8:3d:27:31:f9:f7:08:90:2e:e7:24:22:84:d6:36:69:2e:a4:
c8:11:54:38:3d:0f:32:fc:83:52:4f:4e:04:27:b7:b5:64:79:
9f:7a:a2:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYHySrEBJjwIFLEVrxqf5kKDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjNkY2RmMzFhZjZlZjBjOTM0ZWFmMjQ4ODRhZDk5NTE2
ZWRkNzYwHhcNMjIwNzEyMTIwMzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTFmNWRiZGY1OGU2N2EwYTBiNThhMjk2NzMxNWMyY2RjZTNmYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+TIwyAb7p6cN/BoGsCVFZw6SHiE
pqA+85i8GUNPgUFR53kokMTKmcRxVkaAUTK+h7YWVGbBUFf0JNYrIEEovtBq42UN
xAuDczb+MmztEVkucYaCCTX23GxUTRUsO/4LYwlTO03YXAQWTzllrTsUvIvLPn4X
CkhGGEuWzDq7tKyYM0w5+WhoTvEaip4uFUGkYfI9q5vGUp73Z71w3Lk7/9XhI0MG
fBH2ZHPShljvZuIjMQda757i+OWccV2U1s6ATIrSFLMxRiMOFAZaKlumgw35hsqa
k0SXYUMRuHm5q2ZYd9+Z8qnJt30KDTxjDM2gN+3toZOGskQo6dR8d7IU7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC4fXb31jmegoLWKKWcxXCzc4/vnMB8GA1UdIwQY
MBaAFIKz3N8xr27wyTTq8kiErZlRbt12MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQt
ZTBlMDQ2OGU2OWQ3LzEvTGg5ZHZmV09aNkNndFlvcFp6RmNMTnpqLS1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC80MWY0YzctOTY2OC00Y2Y0LTllOWQtZTBlMDQ2OGU2OWQ3
LzEvZ3JQYzN6R3ZidkRKTk9yeVNJU3RtVkZ1M1hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDkDkwMA0G
CSqGSIb3DQEBCwUAA4IBAQBHB76LphrVrHwnQNNMwqIyL5f7mvpRgGA/POv0H05D
SQ8fdenTZwoYkavGMd60wHdIVgaWFSB2tHnGKi/9ZwYxNCmW30fsCwF1B4V/q9Ke
IV7sbdbx74FDJDiNOgRIiWOeajmqs+7vTNXryW6DA44QQ+sEvNR5FNqGpXLLR67V
w7QsuIvGRiezaOm8HY8QcWxjMHDDR0TvNG5r+5/AR7s1ewxbucphgLGb/uqtzRFu
B1HAqwN65+KW2lkQIXdQSATco+6itsrIiGzPf9WS+C3cd2B5YlZ3cGT4PScx+fcI
kC7nJCKE1jZpLqTIEVQ4PQ8y/INST04EJ7e1ZHmfeqLL
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:28 2023 by rpki-client on console-fra.rpki-client.org