Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/mL_Tz1UXXMp28sfkPHJtB1qEeeA.roa
File: mL_Tz1UXXMp28sfkPHJtB1qEeeA.roa (raw, json)
Hash identifier: 87MIzVAaUNmIZ4hboE0NUvljjOXFpJlxChpAs1+AgeA=
Subject key identifier: 98:BF:D3:CF:55:17:5C:CA:76:F2:C7:E4:3C:72:6D:07:5A:84:79:E0
Certificate issuer: /CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Certificate serial: 088A663C
Authority key identifier: 80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/mL_Tz1UXXMp28sfkPHJtB1qEeeA.roa
Signing time: Wed 23 Feb 2022 05:33:12 +0000
ROA not before: Wed 23 Feb 2022 05:33:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199669
IP address blocks: 185.195.170.0/23 maxlen: 24
91.109.200.0/21 maxlen: 24
176.123.188.0/22 maxlen: 24
46.29.118.0/23 maxlen: 24
185.10.44.0/24 maxlen: 24
185.10.44.0/22 maxlen: 24
185.71.196.0/22 maxlen: 24
2a03:ec0::/48 maxlen: 64
2a03:ec0:1::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 143287868 (0x88a663c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Validity
Not Before: Feb 23 05:33:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=98bfd3cf55175cca76f2c7e43c726d075a8479e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:0f:e6:a5:30:d8:39:55:e7:06:5e:f1:3b:6e:
0e:42:0d:79:5f:63:d5:2f:2d:8f:d6:83:8b:62:00:
2c:f2:9d:c8:e1:a8:73:c2:19:d4:c1:81:75:ed:e8:
91:f7:78:09:51:06:0a:c1:01:ad:e5:19:5d:ef:04:
2e:a7:4b:0c:5b:5c:dc:d0:35:b8:a4:e2:54:de:28:
f2:57:c4:fe:2f:5c:aa:d5:b5:2f:1f:4c:34:85:ce:
87:30:c6:c5:3b:2e:db:11:69:04:27:bf:76:4b:2a:
d7:bb:6d:85:09:83:05:94:58:e0:fa:fd:74:a8:3b:
ed:91:c8:63:cf:51:0c:2a:41:0d:ed:50:23:cc:00:
0c:ee:a0:61:ad:6d:e6:b6:f9:ac:99:22:88:be:e0:
bf:25:74:d2:4b:df:02:35:f7:ca:a3:00:30:91:a3:
0d:8d:d4:90:3f:e9:d2:1a:1c:84:5d:b4:ba:4a:56:
82:75:fd:23:a8:b5:c3:ae:78:f3:1c:8d:47:70:82:
33:11:79:1c:af:a3:97:ec:3c:6a:8f:5f:20:c1:ee:
e6:8f:32:43:b4:cc:82:88:73:1e:ba:b3:ed:39:bd:
c9:03:37:78:1d:81:d6:9e:a5:12:4b:ca:77:36:f1:
f9:3d:f6:5a:05:5d:36:a4:7d:a9:13:93:e1:b3:01:
9f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BF:D3:CF:55:17:5C:CA:76:F2:C7:E4:3C:72:6D:07:5A:84:79:E0
X509v3 Authority Key Identifier:
keyid:80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/mL_Tz1UXXMp28sfkPHJtB1qEeeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.118.0/23
91.109.200.0/21
176.123.188.0/22
185.10.44.0/22
185.71.196.0/22
185.195.170.0/23
IPv6:
2a03:ec0::/47
Signature Algorithm: sha256WithRSAEncryption
9c:14:1a:dc:85:58:96:99:f5:36:f5:e7:77:92:08:d4:3a:3f:
c1:3d:dd:8c:25:8c:79:bf:cd:20:64:33:d7:fe:c6:e2:39:44:
8d:07:1f:f8:b4:d6:5b:8e:90:48:c2:12:7c:e2:99:99:3e:92:
0a:38:60:a3:31:92:d8:3f:b9:15:f3:ae:4c:72:33:85:b9:3e:
17:4d:33:d4:15:d2:54:33:64:22:35:cf:b6:67:0c:60:77:d2:
51:d5:d1:58:a6:55:4d:12:60:71:df:5d:a5:2d:df:c4:17:b4:
ec:4a:8a:29:7d:9e:df:77:ea:d9:80:ba:2c:81:78:b4:09:24:
ba:30:e2:7d:80:34:02:eb:a6:7e:4e:c9:e3:be:95:2c:e1:df:
8d:39:a8:4c:67:4b:71:5e:8e:26:e3:9c:c9:ec:dc:64:bc:c5:
f4:7b:ae:e0:21:aa:73:ee:60:58:b4:90:48:6a:48:32:cf:b7:
78:68:db:60:85:ce:f7:18:0d:4f:73:35:78:9c:62:3e:e4:8e:
54:02:c3:d3:4c:47:06:f7:b3:f1:82:5d:c8:53:e4:19:45:f9:
55:76:42:fc:a2:25:f4:5e:bf:3d:94:83:06:e7:1b:0e:d8:c4:
84:cb:6e:b6:8f:c8:3a:a1:64:76:e3:d4:ed:b8:a7:04:9e:aa:
81:22:fb:65
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgIECIpmPDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDYxNTMxNWRjNzUwYzAzZTYwZmMzNmE3NTBjNWUzZmY2NmVhYzk0MB4XDTIyMDIy
MzA1MzMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOThiZmQzY2Y1NTE3
NWNjYTc2ZjJjN2U0M2M3MjZkMDc1YTg0NzllMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJEP5qUw2DlV5wZe8TtuDkINeV9j1S8tj9aDi2IALPKdyOGo
c8IZ1MGBde3okfd4CVEGCsEBreUZXe8ELqdLDFtc3NA1uKTiVN4o8lfE/i9cqtW1
Lx9MNIXOhzDGxTsu2xFpBCe/dksq17tthQmDBZRY4Pr9dKg77ZHIY89RDCpBDe1Q
I8wADO6gYa1t5rb5rJkiiL7gvyV00kvfAjX3yqMAMJGjDY3UkD/p0hochF20ukpW
gnX9I6i1w6548xyNR3CCMxF5HK+jl+w8ao9fIMHu5o8yQ7TMgohzHrqz7Tm9yQM3
eB2B1p6lEkvKdzbx+T32WgVdNqR9qROT4bMBn1MCAwEAAaOCAjgwggI0MB0GA1Ud
DgQWBBSYv9PPVRdcynbyx+Q8cm0HWoR54DAfBgNVHSMEGDAWgBSAYVMV3HUMA+YP
w2p1DF4/9m6slDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dHRlRGZHgxREFQbUQ4TnFkUXhlUF9adXJKUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZGU4NGNlLWQ3MDQtNDc2Ni1hMzg4LWY4ZTViMmQ4NjgwYy8x
L21MX1R6MVVYWE1wMjhzZmtQSEp0QjFxRWVlQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZGU4NGNlLWQ3MDQtNDc2Ni1hMzg4LWY4ZTViMmQ4NjgwYy8xL2dHRlRGZHgxREFQ
bUQ4TnFkUXhlUF9adXJKUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBO
BggrBgEFBQcBBwEB/wQ/MD0wKgQCAAEwJAMEAS4ddgMEA1ttyAMEArB7vAMEArkK
LAMEArlHxAMEAbnDqjAPBAIAAjAJAwcBKgMOwAAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCcFBrchViWmfU29ed3kgjUOj/BPd2MJYx5v80gZDPX/sbiOUSNBx/4tNZbjpBI
whJ84pmZPpIKOGCjMZLYP7kV865McjOFuT4XTTPUFdJUM2QiNc+2Zwxgd9JR1dFY
plVNEmBx312lLd/EF7TsSoopfZ7fd+rZgLosgXi0CSS6MOJ9gDQC66Z+TsnjvpUs
4d+NOahMZ0txXo4m45zJ7NxkvMX0e67gIapz7mBYtJBIakgyz7d4aNtghc73GA1P
czV4nGI+5I5UAsPTTEcG97Pxgl3IU+QZRflVdkL8oiX0Xr89lIMG5xsO2MSEy262
j8g6oWR249TtuKcEnqqBIvtl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:32 2024 by rpki-client on console-fra.rpki-client.org