Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/lnr7xiI4ifFXqCEE7--kgyJhqV8.roa
File: lnr7xiI4ifFXqCEE7--kgyJhqV8.roa (raw, json)
Hash identifier: DY1G2+3ILNEYl/47hkQok5m/qyRteUxeqX7Q9OiTMZI=
Subject key identifier: 96:7A:FB:C6:22:38:89:F1:57:A8:21:04:EF:EF:A4:83:22:61:A9:5F
Certificate issuer: /CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Certificate serial: 08BA9F33
Authority key identifier: DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/lnr7xiI4ifFXqCEE7--kgyJhqV8.roa
Signing time: Sat 01 Jan 2022 14:04:34 +0000
ROA not before: Sat 01 Jan 2022 14:04:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12748
IP address blocks: 185.225.140.0/22 maxlen: 22
45.137.56.0/22 maxlen: 22
193.104.216.0/24 maxlen: 24
194.31.198.0/24 maxlen: 24
2a0d:d400::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146448179 (0x8ba9f33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de37812bd45273ea3b2a53d9e96f6dba215826f3
Validity
Not Before: Jan 1 14:04:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=967afbc6223889f157a82104efefa4832261a95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6d:9a:74:85:92:c8:3c:28:38:fd:39:e3:8a:
30:8a:f2:04:33:c2:d6:ef:eb:bc:57:47:e0:92:f8:
61:1c:34:ad:a0:92:13:b2:1e:f6:4d:4b:b6:36:02:
f0:f2:de:17:b5:99:63:c8:2f:1e:67:36:87:88:51:
4f:98:9e:1f:26:68:fe:cf:19:2d:d6:07:ab:e6:33:
79:b7:2e:e2:46:84:1b:c6:d2:2b:23:60:e9:be:ef:
ac:8f:ab:0b:69:6e:62:1c:bf:25:47:ce:95:17:95:
87:e9:86:2c:2d:48:a2:8d:f1:5b:3b:b6:ee:a3:4c:
55:44:2a:46:14:01:3b:ff:cc:c1:2b:c9:c7:45:59:
07:4a:93:f7:da:bf:76:8e:6a:db:b8:f6:12:a1:bb:
8f:5a:cd:f3:45:c3:ba:e7:9b:5d:40:28:6a:c0:ee:
7d:a5:b6:38:48:fa:8a:7c:7b:b8:89:80:b8:0b:e6:
f4:b5:69:e0:78:ae:ed:b1:7b:1b:46:bd:d2:f9:11:
56:6b:21:65:2d:3a:d0:2e:b6:d6:7c:c8:0a:25:bc:
f9:7f:fa:1d:8f:93:e2:ec:67:e3:a1:ab:f6:1c:c3:
7e:f8:dc:ea:a7:cf:16:66:bb:5b:53:2e:28:ad:e2:
fe:77:01:6d:38:14:68:ea:5e:2f:2d:03:15:af:61:
ec:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7A:FB:C6:22:38:89:F1:57:A8:21:04:EF:EF:A4:83:22:61:A9:5F
X509v3 Authority Key Identifier:
keyid:DE:37:81:2B:D4:52:73:EA:3B:2A:53:D9:E9:6F:6D:BA:21:58:26:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/lnr7xiI4ifFXqCEE7--kgyJhqV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/b26c44-9d16-4c3d-9f1d-af646c8f4af6/1/3jeBK9RSc-o7KlPZ6W9tuiFYJvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.56.0/22
185.225.140.0/22
193.104.216.0/24
194.31.198.0/24
IPv6:
2a0d:d400::/29
Signature Algorithm: sha256WithRSAEncryption
15:e5:83:ee:39:02:b8:90:c4:7e:1d:94:f7:6f:e2:bc:c7:20:
aa:dd:de:d4:3d:2f:e9:99:65:1d:f5:7c:b8:a2:be:d2:fb:09:
2c:ef:e9:a8:12:f4:28:60:9f:3b:16:92:fd:69:c4:cf:9b:b7:
79:a2:b6:22:1c:f3:b7:78:a6:39:3d:00:a7:b6:2d:ce:97:3f:
96:52:a9:98:d8:ac:6b:63:53:c2:bc:05:75:ed:16:24:8c:07:
5a:ea:8c:b7:f8:69:91:00:83:72:49:49:41:9d:00:b4:0e:7c:
7d:22:b0:cd:42:50:09:37:8b:19:e2:25:94:c1:dc:6d:4f:a2:
06:54:e5:c1:ab:4c:d5:26:63:08:f2:0b:20:c4:77:df:4d:50:
5b:2f:54:44:c8:47:c2:c0:f3:41:64:bb:52:ac:e3:42:ba:c6:
5c:b6:c6:d1:ef:5c:c5:c1:8f:c1:fd:b1:f6:b5:85:07:18:dd:
2b:49:4e:7d:70:76:60:ad:c9:1c:46:01:90:f3:bc:9f:48:c2:
9f:71:36:0f:20:17:2f:17:f3:88:f0:4c:ed:2a:ae:02:de:e4:
1b:72:98:85:c2:8f:e3:ff:9f:c3:7c:1f:8d:47:a1:9c:24:11:
ce:1f:26:b9:51:d2:ad:10:7c:04:2c:a6:57:86:5e:2a:1e:77:
f1:4d:29:7c
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECLqfMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTM3ODEyYmQ0NTI3M2VhM2IyYTUzZDllOTZmNmRiYTIxNTgyNmYzMB4XDTIyMDEw
MTE0MDQzNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY3YWZiYzYyMjM4
ODlmMTU3YTgyMTA0ZWZlZmE0ODMyMjYxYTk1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALptmnSFksg8KDj9OeOKMIryBDPC1u/rvFdH4JL4YRw0raCS
E7Ie9k1LtjYC8PLeF7WZY8gvHmc2h4hRT5ieHyZo/s8ZLdYHq+Yzebcu4kaEG8bS
KyNg6b7vrI+rC2luYhy/JUfOlReVh+mGLC1Ioo3xWzu27qNMVUQqRhQBO//MwSvJ
x0VZB0qT99q/do5q27j2EqG7j1rN80XDuuebXUAoasDufaW2OEj6inx7uImAuAvm
9LVp4Hiu7bF7G0a90vkRVmshZS060C621nzICiW8+X/6HY+T4uxn46Gr9hzDfvjc
6qfPFma7W1MuKK3i/ncBbTgUaOpeLy0DFa9h7JECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBSWevvGIjiJ8VeoIQTv76SDImGpXzAfBgNVHSMEGDAWgBTeN4Er1FJz6jsq
U9npb226IVgm8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNqZUJLOVJTYy1vN0tsUFo2Vzl0dWlGWUp2TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjAvYjI2YzQ0LTlkMTYtNGMzZC05ZjFkLWFmNjQ2YzhmNGFmNi8x
L2xucjd4aUk0aWZGWHFDRUU3LS1rZ3lKaHFWOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjAv
YjI2YzQ0LTlkMTYtNGMzZC05ZjFkLWFmNjQ2YzhmNGFmNi8xLzNqZUJLOVJTYy1v
N0tsUFo2Vzl0dWlGWUp2TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAi2JOAMEArnhjAMEAMFo2AMEAMIf
xjANBAIAAjAHAwUDKg3UADANBgkqhkiG9w0BAQsFAAOCAQEAFeWD7jkCuJDEfh2U
92/ivMcgqt3e1D0v6ZllHfV8uKK+0vsJLO/pqBL0KGCfOxaS/WnEz5u3eaK2Ihzz
t3imOT0Ap7Ytzpc/llKpmNisa2NTwrwFde0WJIwHWuqMt/hpkQCDcklJQZ0AtA58
fSKwzUJQCTeLGeIllMHcbU+iBlTlwatM1SZjCPILIMR3301QWy9URMhHwsDzQWS7
UqzjQrrGXLbG0e9cxcGPwf2x9rWFBxjdK0lOfXB2YK3JHEYBkPO8n0jCn3E2DyAX
LxfziPBM7SquAt7kG3KYhcKP4/+fw3wfjUehnCQRzh8muVHSrRB8BCymV4ZeKh53
8U0pfA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:14 2023 by rpki-client on console-fra.rpki-client.org