Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/LgrjZtziGqtDjt7gwoVy71DTHDE.roa
File: LgrjZtziGqtDjt7gwoVy71DTHDE.roa (raw, json)
Hash identifier: D1GS5slcvEl5rxj8k7tE2nVv2tYy/AypcElffRf4vqY=
Subject key identifier: 2E:0A:E3:66:DC:E2:1A:AB:43:8E:DE:E0:C2:85:72:EF:50:D3:1C:31
Certificate issuer: /CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Certificate serial: 0182455D1046BC533D754D127E881797F27B
Authority key identifier: A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/LgrjZtziGqtDjt7gwoVy71DTHDE.roa
Signing time: Thu 28 Jul 2022 15:11:43 +0000
ROA not before: Thu 28 Jul 2022 15:11:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199251
IP address blocks: 176.58.44.0/24 maxlen: 24
176.58.45.0/24 maxlen: 24
176.58.48.0/23 maxlen: 23
176.58.51.0/24 maxlen: 24
176.58.52.0/24 maxlen: 24
176.58.55.0/24 maxlen: 24
176.58.57.0/24 maxlen: 24
176.58.59.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:45:5d:10:46:bc:53:3d:75:4d:12:7e:88:17:97:f2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3674d5884a50a84e07dbdf6798ddcbb9cc2032e
Validity
Not Before: Jul 28 15:11:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e0ae366dce21aab438edee0c28572ef50d31c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8a:12:a6:04:53:bc:35:87:6d:1f:16:51:ea:
71:fd:3e:53:fb:b6:04:82:f2:ad:7c:a7:6c:d3:6c:
de:a3:f4:b2:eb:06:61:e0:4d:14:7f:2f:02:aa:57:
7f:51:1d:43:40:18:ed:92:9f:ea:57:1b:97:d6:bf:
53:7f:e6:fe:6e:60:c5:44:be:1e:10:fc:8c:ca:fa:
1a:7a:83:77:5a:2d:36:08:c0:be:52:9f:eb:cc:ff:
28:cf:ac:18:7c:02:4e:0b:39:01:ce:37:8e:e0:ac:
c8:46:c2:83:11:5b:0b:9c:13:f6:95:e1:93:b5:24:
f6:0d:a3:4b:0c:54:5d:f2:b7:de:5c:00:18:68:46:
92:fd:7c:5a:49:e9:ae:1d:f8:e7:52:ae:d0:37:ab:
6e:4e:9e:98:99:07:09:c0:6d:47:67:c3:46:35:e9:
5a:b7:5f:2c:91:3d:55:a9:30:23:dd:fb:28:c2:4c:
33:8f:cb:dc:a1:59:70:7d:fc:c0:03:d4:fc:09:4a:
70:ed:cf:d5:6c:28:43:09:60:e9:72:1c:d9:51:78:
29:bc:83:4d:f1:a1:60:f3:f4:71:7b:37:cb:31:a4:
a2:6a:b3:95:04:3c:cd:6e:29:9c:c2:e7:bd:7b:80:
89:77:51:0f:ea:0f:c9:2e:f1:54:15:a9:75:f7:4f:
7b:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:0A:E3:66:DC:E2:1A:AB:43:8E:DE:E0:C2:85:72:EF:50:D3:1C:31
X509v3 Authority Key Identifier:
keyid:A3:67:4D:58:84:A5:0A:84:E0:7D:BD:F6:79:8D:DC:BB:9C:C2:03:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o2dNWISlCoTgfb32eY3cu5zCAy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/LgrjZtziGqtDjt7gwoVy71DTHDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/806532-54e9-4b49-b8a7-9e220f04a901/1/o2dNWISlCoTgfb32eY3cu5zCAy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.44.0/23
176.58.48.0/23
176.58.51.0-176.58.52.255
176.58.55.0/24
176.58.57.0/24
176.58.59.0/24
Signature Algorithm: sha256WithRSAEncryption
46:9c:ee:48:15:15:8b:f8:4c:90:62:ea:3a:69:84:d4:a0:64:
be:4e:6b:b3:58:81:21:eb:07:04:8e:b6:aa:db:fc:82:d0:5e:
63:59:0e:8d:fe:a3:3d:16:5e:f1:99:7a:9a:8d:8d:22:be:79:
15:3c:78:55:4e:b2:e8:f6:a0:7b:21:d7:01:fc:d4:f7:b1:cc:
3a:c1:9d:b3:db:c6:fd:93:b3:67:c9:a4:55:83:5a:fd:91:8d:
04:17:db:ce:16:97:f9:34:41:fa:86:fd:be:be:fa:fe:b6:df:
d9:52:13:77:8c:c9:9a:bf:7b:6c:6f:35:9c:7c:bb:c4:05:4a:
6a:d9:b5:ce:67:ef:58:8b:6e:a2:41:84:67:16:4d:ac:f7:59:
f8:f6:45:cb:53:c7:fe:cc:b3:26:81:4d:ee:f6:7b:56:ff:d7:
c7:26:bb:e1:fc:74:02:c3:cb:9e:5f:89:14:f5:6e:87:57:a2:
bf:75:bb:05:f8:c8:53:b7:9a:c7:d9:8e:8d:20:74:27:fa:f3:
77:9a:84:17:81:d7:9d:76:97:37:a6:12:8d:2f:50:89:d5:07:
35:d9:1f:25:f7:0b:20:22:07:0b:8f:52:c9:eb:55:99:31:93:
bc:8d:34:ec:06:68:30:2a:9f:c8:63:10:ab:c1:36:34:64:b7:
27:5f:00:39
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJFXRBGvFM9dU0SfogXl/J7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNjc0ZDU4ODRhNTBhODRlMDdkYmRmNjc5OGRkY2JiOWNj
MjAzMmUwHhcNMjIwNzI4MTUxMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTBhZTM2NmRjZTIxYWFiNDM4ZWRlZTBjMjg1NzJlZjUwZDMxYzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYoSpgRTvDWHbR8WUepx/T5T+7YE
gvKtfKds02zeo/Sy6wZh4E0Ufy8Cqld/UR1DQBjtkp/qVxuX1r9Tf+b+bmDFRL4e
EPyMyvoaeoN3Wi02CMC+Up/rzP8oz6wYfAJOCzkBzjeO4KzIRsKDEVsLnBP2leGT
tST2DaNLDFRd8rfeXAAYaEaS/XxaSemuHfjnUq7QN6tuTp6YmQcJwG1HZ8NGNela
t18skT1VqTAj3fsowkwzj8vcoVlwffzAA9T8CUpw7c/VbChDCWDpchzZUXgpvINN
8aFg8/RxezfLMaSiarOVBDzNbimcwue9e4CJd1EP6g/JLvFUFal190977wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFC4K42bc4hqrQ47e4MKFcu9Q0xwxMB8GA1UdIwQY
MBaAFKNnTViEpQqE4H299nmN3LucwgMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTct
OWUyMjBmMDRhOTAxLzEvTGdyalp0emlHcXREanQ3Z3dvVnk3MURUSERFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84MDY1MzItNTRlOS00YjQ5LWI4YTctOWUyMjBmMDRhOTAx
LzEvbzJkTldJU2xDb1RnZmIzMmVZM2N1NXpDQXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBsDosAwQB
sDowMAwDBACwOjMDBACwOjQDBACwOjcDBACwOjkDBACwOjswDQYJKoZIhvcNAQEL
BQADggEBAEac7kgVFYv4TJBi6jpphNSgZL5Oa7NYgSHrBwSOtqrb/ILQXmNZDo3+
oz0WXvGZepqNjSK+eRU8eFVOsuj2oHsh1wH81PexzDrBnbPbxv2Ts2fJpFWDWv2R
jQQX284Wl/k0QfqG/b6++v6239lSE3eMyZq/e2xvNZx8u8QFSmrZtc5n71iLbqJB
hGcWTaz3Wfj2RctTx/7MsyaBTe72e1b/18cmu+H8dALDy55fiRT1bodXor91uwX4
yFO3msfZjo0gdCf683eahBeB1512lzemEo0vUInVBzXZHyX3CyAiBwuPUsnrVZkx
k7yNNOwGaDAqn8hjEKvBNjRktydfADk=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:05 2025 by rpki-client