Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/lbETkVRnHLclfqlXD66EMy9nkiE.roa
File: lbETkVRnHLclfqlXD66EMy9nkiE.roa (raw, json)
Hash identifier: /SZFsGYlbQdrCZN7pYt5edTfD/xcgtJYHf8Q7UdW4JA=
Subject key identifier: 95:B1:13:91:54:67:1C:B7:25:7E:A9:57:0F:AE:84:33:2F:67:92:21
Certificate issuer: /CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Certificate serial: 0185BE33C495EAF5BBF711A8EAD1A721696D
Authority key identifier: 58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/lbETkVRnHLclfqlXD66EMy9nkiE.roa
Signing time: Tue 17 Jan 2023 05:29:01 +0000
ROA not before: Tue 17 Jan 2023 05:29:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39040
IP address blocks: 77.95.120.64/26 maxlen: 26
77.95.120.0/26 maxlen: 26
77.95.120.192/26 maxlen: 26
77.95.120.128/27 maxlen: 27
77.95.120.160/27 maxlen: 27
77.95.120.0/24 maxlen: 24
194.187.90.0/23 maxlen: 23
194.187.89.0/24 maxlen: 24
212.103.64.0/24 maxlen: 24
2a02:388::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:33:c4:95:ea:f5:bb:f7:11:a8:ea:d1:a7:21:69:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58015cc8da1f1bbf343e26ab208df8bb26fd53ae
Validity
Not Before: Jan 17 05:29:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95b1139154671cb7257ea9570fae84332f679221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:9b:75:0a:70:c9:c6:bc:96:3f:10:87:17:01:
6c:fe:f8:fe:44:71:7f:9c:d7:83:f9:9a:4a:36:33:
28:c8:a9:af:f7:a9:cf:83:5f:4c:6f:bb:00:28:79:
9c:8b:e1:ce:57:31:e2:5f:5e:ec:d2:33:c6:74:b2:
d7:be:e1:0d:17:40:75:01:2b:a8:e4:e1:55:e9:ba:
0a:fa:4e:53:20:be:e0:bb:09:06:b9:b7:2c:60:96:
9c:4c:e9:68:1d:31:e0:e5:46:9b:35:59:d5:26:26:
31:5b:88:68:e4:2c:c4:e2:8c:d6:c1:62:df:6e:b8:
fd:99:60:d9:f5:c3:5b:1f:55:eb:78:0e:ec:8f:c7:
95:d4:ae:b8:0a:ec:c7:36:90:c5:05:df:ab:18:f0:
63:2e:b5:45:96:68:11:bd:e4:a4:a2:45:48:8a:d6:
e8:4c:88:67:1b:00:2b:66:6a:25:73:58:cf:19:26:
5f:b6:ca:f3:1b:34:b9:f2:07:88:72:24:7e:65:11:
3e:95:43:22:42:ab:f6:33:2c:41:a3:e3:0b:16:0f:
19:5a:de:1d:d6:4f:c0:1a:1e:b7:00:04:4b:e8:0d:
7a:aa:fc:53:20:ef:80:97:34:95:a4:ac:9d:f2:93:
68:14:03:af:93:97:20:1d:02:25:11:69:20:15:07:
21:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B1:13:91:54:67:1C:B7:25:7E:A9:57:0F:AE:84:33:2F:67:92:21
X509v3 Authority Key Identifier:
keyid:58:01:5C:C8:DA:1F:1B:BF:34:3E:26:AB:20:8D:F8:BB:26:FD:53:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WAFcyNofG780PiarII34uyb9U64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/lbETkVRnHLclfqlXD66EMy9nkiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/d4175d-192c-418c-972f-8ee21b74dd56/1/WAFcyNofG780PiarII34uyb9U64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.120.0/24
194.187.89.0-194.187.91.255
212.103.64.0/24
IPv6:
2a02:388::/32
Signature Algorithm: sha256WithRSAEncryption
06:5b:ca:72:45:9c:47:af:0e:7b:d3:2f:18:1b:32:28:12:e1:
3b:eb:90:80:39:89:0c:70:e9:ce:61:31:3d:f1:13:c1:c3:77:
79:b2:ff:da:a8:d4:fc:e2:77:d6:4a:52:6e:91:51:11:3b:0d:
36:9f:d4:37:0d:4c:ee:89:c7:e1:3a:d8:b8:f4:74:e7:de:be:
d9:05:a8:74:02:fc:43:38:88:9e:1a:57:0f:e7:7e:28:77:27:
d6:f4:16:a8:65:e3:6c:0b:11:81:06:c0:bd:1c:7c:77:5a:ea:
f9:b9:7d:5a:8b:ae:a7:9d:fa:e6:8b:a0:35:a0:8b:24:a5:62:
78:a8:54:dc:dd:40:86:8f:ae:aa:af:7c:63:16:08:c3:33:b6:
27:34:e3:23:d0:0a:cd:7a:2d:dc:0c:cd:3a:d3:98:44:98:d8:
8a:01:6b:99:31:5c:a7:4e:6a:af:c8:23:9c:f1:cf:97:0f:41:
7c:f5:53:e5:a2:38:5b:0e:3f:ba:4c:7e:30:cd:62:7b:aa:43:
f3:a6:c6:fc:82:a5:5a:1b:59:d1:d8:39:a2:34:42:c6:59:bd:
e4:57:11:08:83:3d:64:90:c0:a3:36:7c:0a:b3:b0:a9:8a:b5:
df:4a:17:76:2f:dd:0e:29:9e:4c:85:ff:b0:cf:f9:87:d7:7c:
f5:90:a8:22
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYW+M8SV6vW79xGo6tGnIWltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MDE1Y2M4ZGExZjFiYmYzNDNlMjZhYjIwOGRmOGJiMjZm
ZDUzYWUwHhcNMjMwMTE3MDUyOTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWIxMTM5MTU0NjcxY2I3MjU3ZWE5NTcwZmFlODQzMzJmNjc5MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsJt1CnDJxryWPxCHFwFs/vj+RHF/
nNeD+ZpKNjMoyKmv96nPg19Mb7sAKHmci+HOVzHiX17s0jPGdLLXvuENF0B1ASuo
5OFV6boK+k5TIL7guwkGubcsYJacTOloHTHg5UabNVnVJiYxW4ho5CzE4ozWwWLf
brj9mWDZ9cNbH1XreA7sj8eV1K64CuzHNpDFBd+rGPBjLrVFlmgRveSkokVIitbo
TIhnGwArZmolc1jPGSZftsrzGzS58geIciR+ZRE+lUMiQqv2MyxBo+MLFg8ZWt4d
1k/AGh63AARL6A16qvxTIO+AlzSVpKyd8pNoFAOvk5cgHQIlEWkgFQchtwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFJWxE5FUZxy3JX6pVw+uhDMvZ5IhMB8GA1UdIwQY
MBaAFFgBXMjaHxu/ND4mqyCN+Lsm/VOuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYt
OGVlMjFiNzRkZDU2LzEvbGJFVGtWUm5ITGNsZnFsWEQ2NkVNeTlua2lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9kNDE3NWQtMTkyYy00MThjLTk3MmYtOGVlMjFiNzRkZDU2
LzEvV0FGY3lOb2ZHNzgwUGlhcklJMzR1eWI5VTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQATV94MAwD
BADCu1kDBALCu1gDBADUZ0AwDQQCAAIwBwMFACoCA4gwDQYJKoZIhvcNAQELBQAD
ggEBAAZbynJFnEevDnvTLxgbMigS4TvrkIA5iQxw6c5hMT3xE8HDd3my/9qo1Pzi
d9ZKUm6RURE7DTaf1DcNTO6Jx+E62Lj0dOfevtkFqHQC/EM4iJ4aVw/nfih3J9b0
Fqhl42wLEYEGwL0cfHda6vm5fVqLrqed+uaLoDWgiySlYnioVNzdQIaPrqqvfGMW
CMMztic04yPQCs16LdwMzTrTmESY2IoBa5kxXKdOaq/II5zxz5cPQXz1U+WiOFsO
P7pMfjDNYnuqQ/OmxvyCpVobWdHYOaI0QsZZveRXEQiDPWSQwKM2fAqzsKmKtd9K
F3Yv3Q4pnkyF/7DP+YfXfPWQqCI=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:17 2025 by rpki-client