Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/lt4OsvvqVmlRsspwydphTe30W58.roa
File: lt4OsvvqVmlRsspwydphTe30W58.roa (raw, json)
Hash identifier: CMsuKxRECd4tvdZ+zlfMQ7w0yRDlIb3bUxNG43YlJxI=
Subject key identifier: 96:DE:0E:B2:FB:EA:56:69:51:B2:CA:70:C9:DA:61:4D:ED:F4:5B:9F
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 0BEE6519
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/lt4OsvvqVmlRsspwydphTe30W58.roa
Signing time: Wed 16 Mar 2022 12:07:24 +0000
ROA not before: Wed 16 Mar 2022 12:07:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 18
62.129.245.0/24 maxlen: 24
62.129.250.0/24 maxlen: 24
89.161.253.0/24 maxlen: 24
212.85.96.0/24 maxlen: 24
212.85.96.0/19 maxlen: 19
89.161.254.0/24 maxlen: 24
46.41.159.0/24 maxlen: 24
46.242.144.0/24 maxlen: 24
79.96.0.0/16 maxlen: 16
46.242.150.0/24 maxlen: 24
62.129.192.0/18 maxlen: 18
188.128.244.0/24 maxlen: 24
89.161.128.0/17 maxlen: 17
46.242.128.0/17 maxlen: 17
188.128.128.0/17 maxlen: 17
188.128.128.0/24 maxlen: 24
188.128.130.0/24 maxlen: 24
188.128.129.0/24 maxlen: 24
2a02:25a8:dead::/48 maxlen: 48
2a02:25ad:1a:d1::/64 maxlen: 64
2a02:25a8::/32 maxlen: 32
2a02:25a8::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 200172825 (0xbee6519)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Mar 16 12:07:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96de0eb2fbea566951b2ca70c9da614dedf45b9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b8:99:bb:6f:a5:9f:ba:9d:b0:78:89:02:1f:
12:78:93:20:84:84:a4:de:97:c4:9f:e3:e4:c0:a1:
9a:28:10:81:43:22:2f:ef:89:ac:4b:71:d6:bb:10:
69:01:c0:a0:35:70:e4:ed:76:48:d9:7c:59:a6:de:
35:a7:05:c5:1a:ed:6e:e9:35:4f:6a:52:a5:94:13:
1c:47:57:ad:b9:6f:42:32:1b:9d:2a:c1:ec:36:fe:
dc:4c:d2:d0:7f:f1:0c:14:e1:c9:ce:91:aa:d1:04:
0f:9f:04:cb:e7:eb:b8:01:44:1a:e7:1c:a6:0e:96:
9c:86:2b:6a:99:a4:c6:24:f1:e8:52:54:0f:14:e7:
1c:28:2d:ae:f2:c6:4a:b4:bd:54:94:59:f0:0d:a7:
bf:83:03:5f:44:21:7c:93:a7:c2:03:e4:e4:7a:a7:
d4:c4:f1:77:42:bd:1e:27:ac:b8:f4:5a:d1:bb:63:
2b:f8:a8:37:88:bf:1c:04:4d:69:74:39:f3:78:ba:
ff:fa:ff:a1:9b:e3:50:d6:11:ec:92:6d:2b:3a:68:
57:d6:c8:17:16:ee:24:74:ed:e5:ec:85:90:48:65:
02:16:15:ac:7d:7d:f3:09:c2:91:2f:dd:07:25:5c:
c5:9e:89:71:0f:40:23:f0:ae:51:7b:bd:60:ee:8c:
9e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:DE:0E:B2:FB:EA:56:69:51:B2:CA:70:C9:DA:61:4D:ED:F4:5B:9F
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/lt4OsvvqVmlRsspwydphTe30W58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
5a:87:3e:93:d2:55:0d:37:b8:ec:8f:de:27:84:0c:ef:a1:69:
fe:44:2d:cd:44:af:95:c3:5a:52:b0:53:df:95:0b:0b:77:e4:
d4:57:20:b4:1d:7c:64:af:55:c5:73:8e:e1:a7:0c:fb:76:2d:
ec:0f:a8:62:fa:cb:9f:8c:27:7a:50:9d:dc:ff:05:6e:dc:d6:
76:37:55:ec:69:8d:8b:0e:38:07:db:cc:39:26:a4:0b:25:d2:
cb:5d:e3:5a:cd:3c:9f:1b:26:81:44:dc:ec:ea:5e:cd:2c:b6:
7d:ed:1a:b3:1c:47:34:d1:70:5b:7c:3c:75:78:07:dd:d2:16:
b6:4b:cd:41:73:89:42:ef:1a:b9:57:f9:1f:4a:af:2c:1b:96:
e9:93:2c:82:e3:2f:ab:0b:5d:8c:bb:8a:3d:69:6a:68:02:65:
07:e3:06:d5:bf:11:32:1b:fe:df:c4:46:da:32:4d:47:90:ee:
0d:42:7e:f0:92:1c:f4:c5:39:c8:0e:63:7b:4c:5c:5b:fe:7c:
fb:33:f4:eb:86:5e:3f:a7:79:cd:c8:c0:68:28:d0:8f:f0:b3:
26:44:b6:e0:27:6d:ae:1e:e1:c1:62:8d:b1:e9:5e:fa:65:50:
b1:65:29:29:b0:2f:b4:db:ee:ab:65:3e:05:d4:f0:1c:68:38:
18:3d:11:36
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEC+5lGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjJiNDhmNjQzNTgwMTFjNzg0MmQzY2VjNWNiMmQ0NzA2OGI4MzZkMB4XDTIyMDMx
NjEyMDcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZkZTBlYjJmYmVh
NTY2OTUxYjJjYTcwYzlkYTYxNGRlZGY0NWI5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMO4mbtvpZ+6nbB4iQIfEniTIISEpN6XxJ/j5MChmigQgUMi
L++JrEtx1rsQaQHAoDVw5O12SNl8WabeNacFxRrtbuk1T2pSpZQTHEdXrblvQjIb
nSrB7Db+3EzS0H/xDBThyc6RqtEED58Ey+fruAFEGuccpg6WnIYrapmkxiTx6FJU
DxTnHCgtrvLGSrS9VJRZ8A2nv4MDX0QhfJOnwgPk5Hqn1MTxd0K9HiesuPRa0btj
K/ioN4i/HARNaXQ583i6//r/oZvjUNYR7JJtKzpoV9bIFxbuJHTt5eyFkEhlAhYV
rH198wnCkS/dByVcxZ6JcQ9AI/CuUXu9YO6MnscCAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBSW3g6y++pWaVGyynDJ2mFN7fRbnzAfBgNVHSMEGDAWgBS7K0j2Q1gBHHhC
087Fyy1HBouDbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3V5dEk5a05ZQVJ4NFF0UE94Y3N0UndhTGcyMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8x
L2x0NE9zdnZxVm1sUnNzcHd5ZHBoVGUzMFc1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
ZjY2YjZiLWNkZGUtNDBjYi1hMTgyLWM1MjI5ODYzYWViYS8xL3V5dEk5a05ZQVJ4
NFF0UE94Y3N0UndhTGcyMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwLwQCAAEwKQMEBi4pgAMEBy7ygAMEBj6BwAMDAE9g
AwQHWaGAAwQHvICAAwQF1FVgMA0EAgACMAcDBQMqAiWoMA0GCSqGSIb3DQEBCwUA
A4IBAQBahz6T0lUNN7jsj94nhAzvoWn+RC3NRK+Vw1pSsFPflQsLd+TUVyC0HXxk
r1XFc47hpwz7di3sD6hi+sufjCd6UJ3c/wVu3NZ2N1XsaY2LDjgH28w5JqQLJdLL
XeNazTyfGyaBRNzs6l7NLLZ97RqzHEc00XBbfDx1eAfd0ha2S81Bc4lC7xq5V/kf
Sq8sG5bpkyyC4y+rC12Mu4o9aWpoAmUH4wbVvxEyG/7fxEbaMk1HkO4NQn7wkhz0
xTnIDmN7TFxb/nz7M/Trhl4/p3nNyMBoKNCP8LMmRLbgJ22uHuHBYo2x6V76ZVCx
ZSkpsC+02+6rZT4F1PAcaDgYPRE2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:49 2023 by rpki-client on console-ams.rpki-client.org