Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/LbonLAb1rfwB1hvSop5P9o0f1wU.roa
File: LbonLAb1rfwB1hvSop5P9o0f1wU.roa (raw, json)
Hash identifier: 1JiXZQDPppHKI2kV67cufPibDLufCnCHC4/XATDF2os=
Subject key identifier: 2D:BA:27:2C:06:F5:AD:FC:01:D6:1B:D2:A2:9E:4F:F6:8D:1F:D7:05
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0185011FD126A36C5817937F5A6271741752
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/LbonLAb1rfwB1hvSop5P9o0f1wU.roa
Signing time: Sun 11 Dec 2022 12:19:00 +0000
ROA not before: Sun 11 Dec 2022 12:19:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202468
IP address blocks: 185.231.180.0/22 maxlen: 22
185.228.238.0/24 maxlen: 24
185.228.239.0/24 maxlen: 24
185.228.236.0/24 maxlen: 24
185.228.236.0/22 maxlen: 22
185.228.237.0/24 maxlen: 24
185.97.116.0/22 maxlen: 24
185.220.224.0/24 maxlen: 24
185.220.224.0/22 maxlen: 22
185.220.225.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
37.32.4.0/22 maxlen: 22
37.32.0.0/22 maxlen: 22
37.32.0.0/19 maxlen: 24
37.32.8.0/22 maxlen: 22
37.32.17.0/24 maxlen: 24
37.32.16.0/24 maxlen: 24
37.32.12.0/22 maxlen: 22
37.32.24.0/22 maxlen: 22
193.176.240.0/22 maxlen: 24
37.32.20.0/22 maxlen: 22
37.32.18.0/24 maxlen: 24
37.32.19.0/24 maxlen: 24
37.32.28.0/22 maxlen: 24
193.176.242.0/23 maxlen: 23
185.143.232.0/22 maxlen: 24
37.152.176.0/20 maxlen: 24
37.152.184.0/24 maxlen: 24
185.206.92.0/22 maxlen: 24
188.121.120.0/21 maxlen: 24
185.239.104.0/24 maxlen: 24
185.239.104.0/22 maxlen: 24
185.239.105.0/24 maxlen: 24
188.121.127.0/24 maxlen: 24
185.239.106.0/23 maxlen: 23
188.121.96.0/19 maxlen: 24
188.121.104.0/22 maxlen: 22
188.121.108.0/22 maxlen: 22
94.101.176.0/20 maxlen: 24
94.101.184.0/21 maxlen: 24
94.101.180.0/23 maxlen: 23
94.101.180.0/24 maxlen: 24
94.101.182.0/24 maxlen: 24
185.226.116.0/22 maxlen: 24
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/48 maxlen: 48
2a0c:a7c0:1::/48 maxlen: 48
2a07:3900::/29 maxlen: 29
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:01:1f:d1:26:a3:6c:58:17:93:7f:5a:62:71:74:17:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Dec 11 12:19:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dba272c06f5adfc01d61bd2a29e4ff68d1fd705
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d3:09:bd:e5:1e:c3:06:7c:b8:69:9d:26:31:
8c:be:f0:13:4d:fc:a8:b5:0e:f9:8c:7f:9b:0e:70:
bc:1e:40:57:8f:d3:8e:65:fb:c9:94:32:0d:24:da:
58:90:4a:54:62:87:6f:49:2b:ad:e9:b1:1d:40:e7:
7f:42:29:f5:3e:15:28:b9:a9:8f:92:98:8e:0b:d2:
1a:44:99:3d:cb:a8:23:02:1c:a0:38:ff:c0:df:44:
7b:34:b1:ff:60:8c:29:d8:1f:20:d5:3e:e9:45:51:
15:61:23:fc:a9:c0:c5:25:c5:0e:bb:05:0f:07:66:
8b:72:d9:50:f4:8c:4c:22:b8:72:d2:aa:32:d5:44:
d8:8b:ee:75:7b:79:1d:0b:d3:b0:11:4c:0f:b2:cf:
be:db:08:a0:fb:a0:74:35:dc:54:60:9e:4d:bd:65:
da:4c:7e:45:51:cb:cd:ab:8c:d8:da:ec:0c:c2:ab:
99:95:7b:91:3e:80:19:6c:89:02:4f:62:f6:f0:51:
a3:78:7c:e2:ac:59:e3:b9:61:7b:ad:ed:bd:a5:9a:
9a:7e:d7:87:0b:2d:16:21:e6:11:a8:52:46:64:d1:
12:f2:61:b5:12:42:80:44:82:96:b0:1c:48:36:42:
22:c9:d8:99:76:4c:10:7c:52:9a:6b:eb:bb:43:d5:
8f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:BA:27:2C:06:F5:AD:FC:01:D6:1B:D2:A2:9E:4F:F6:8D:1F:D7:05
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/LbonLAb1rfwB1hvSop5P9o0f1wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.0.0/19
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
91:25:02:00:e7:76:92:1f:d1:11:e7:cf:91:37:cb:0b:26:2a:
0f:d1:f2:a8:fb:29:c3:75:3a:d0:31:e3:41:c0:6b:5b:89:1f:
78:d7:36:b7:f1:31:b8:5d:6b:27:2c:8b:c0:eb:5e:55:42:01:
83:e7:c3:99:f3:9e:d6:4e:b7:3a:ec:83:c6:9a:d9:50:2f:da:
e0:f5:7a:a0:83:05:71:9b:42:54:ef:35:21:4f:e3:24:0e:f9:
6d:cf:de:02:5d:91:ca:04:ec:74:53:7e:cb:16:2f:a4:8c:8d:
1b:6e:a6:ac:1c:70:97:6a:f3:d6:d3:fc:3c:2b:d1:7c:d5:c0:
1e:7c:f1:dc:49:5d:96:c9:a5:21:9a:7f:c7:e5:6a:50:37:3a:
07:08:30:f2:71:a4:72:5a:d6:4a:37:45:3d:6a:2a:42:24:38:
39:31:3c:d0:b4:d2:29:98:6e:6b:e9:02:7f:2c:69:6b:33:3e:
2b:d2:cc:97:17:c0:ad:2c:05:c2:4c:2e:8e:44:d6:10:34:2e:
6e:79:d6:38:73:13:03:7c:6e:b8:8b:c2:ef:42:d1:92:1c:9f:
4d:58:a7:0b:aa:41:3f:6f:e4:90:61:87:f5:1c:ec:43:e8:63:
c0:09:49:6a:da:46:2d:e0:cc:77:1b:0e:d6:81:45:72:39:cd:
d9:62:6a:f3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYUBH9Emo2xYF5N/WmJxdBdSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIxMjExMTIxOTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGJhMjcyYzA2ZjVhZGZjMDFkNjFiZDJhMjllNGZmNjhkMWZkNzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdMJveUewwZ8uGmdJjGMvvATTfyo
tQ75jH+bDnC8HkBXj9OOZfvJlDINJNpYkEpUYodvSSut6bEdQOd/Qin1PhUouamP
kpiOC9IaRJk9y6gjAhygOP/A30R7NLH/YIwp2B8g1T7pRVEVYSP8qcDFJcUOuwUP
B2aLctlQ9IxMIrhy0qoy1UTYi+51e3kdC9OwEUwPss++2wig+6B0NdxUYJ5NvWXa
TH5FUcvNq4zY2uwMwquZlXuRPoAZbIkCT2L28FGjeHzirFnjuWF7re29pZqafteH
Cy0WIeYRqFJGZNES8mG1EkKARIKWsBxINkIiydiZdkwQfFKaa+u7Q9WPFQIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFC26JywG9a38AdYb0qKeT/aNH9cFMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvTGJvbkxBYjFyZndCMWh2U29wNVA5bzBmMXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBUBAIAATBOAwQFJSAAAwQE
JZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0AwQCueTsAwQC
uee0AwQCue9oAwQFvHlgAwQCwbDwMBYEAgACMBADBQMqBzkAAwcCKgynwAAAMA0G
CSqGSIb3DQEBCwUAA4IBAQCRJQIA53aSH9ER58+RN8sLJioP0fKo+ynDdTrQMeNB
wGtbiR941za38TG4XWsnLIvA615VQgGD58OZ857WTrc67IPGmtlQL9rg9XqggwVx
m0JU7zUhT+MkDvltz94CXZHKBOx0U37LFi+kjI0bbqasHHCXavPW0/w8K9F81cAe
fPHcSV2WyaUhmn/H5WpQNzoHCDDycaRyWtZKN0U9aipCJDg5MTzQtNIpmG5r6QJ/
LGlrMz4r0syXF8CtLAXCTC6ORNYQNC5uedY4cxMDfG64i8LvQtGSHJ9NWKcLqkE/
b+SQYYf1HOxD6GPACUlq2kYt4Mx3Gw7WgUVyOc3ZYmrz
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org