Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/lAM9ZpU-1-Uf3E4z1w80ojxe0LE.roa
File: lAM9ZpU-1-Uf3E4z1w80ojxe0LE.roa (raw, json)
Hash identifier: TCQOURvh9JiYjPD0doUgpgZtrT2Xlt8fT+3BoJo8KAw=
Subject key identifier: 94:03:3D:66:95:3E:D7:E5:1F:DC:4E:33:D7:0F:34:A2:3C:5E:D0:B1
Certificate issuer: /CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
Certificate serial: 1171C560
Authority key identifier: 8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/lAM9ZpU-1-Uf3E4z1w80ojxe0LE.roa
Signing time: Sat 01 Jan 2022 04:56:26 +0000
ROA not before: Sat 01 Jan 2022 04:56:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205697
IP address blocks: 185.161.98.0/24 maxlen: 24
185.161.96.0/24 maxlen: 24
185.161.96.0/22 maxlen: 24
185.161.97.0/24 maxlen: 24
185.161.99.0/24 maxlen: 24
2a0b:ef01::/32 maxlen: 32
2a0b:ef04::/32 maxlen: 32
2a0b:ef05::/32 maxlen: 32
2a0b:ef02::/32 maxlen: 32
2a0b:ef00::/29 maxlen: 32
2a0b:ef03::/32 maxlen: 32
2a0b:ef07::/32 maxlen: 32
2a0b:ef00::/32 maxlen: 32
2a0b:ef06::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 292668768 (0x1171c560)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e52a3954e30e4753e2e00a0ef816966d6d60db6
Validity
Not Before: Jan 1 04:56:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94033d66953ed7e51fdc4e33d70f34a23c5ed0b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:92:d4:ee:42:f1:e3:d8:23:98:b5:2c:48:60:
dc:d7:2c:32:db:88:38:35:b7:8c:24:ef:b7:38:d3:
0b:78:b5:94:84:b7:fb:fc:68:a3:24:20:cd:f9:9d:
c4:98:43:45:84:85:2d:84:81:94:db:45:bb:87:35:
5f:e8:a1:90:7a:a2:85:2b:11:0d:6b:aa:46:0a:a0:
5f:7f:49:bf:bf:25:31:29:0a:b6:46:a9:ca:df:8d:
cc:a2:e7:8d:1f:db:e4:be:5d:30:67:76:85:c0:ab:
c3:dd:03:11:c1:80:77:67:c0:34:84:0d:0d:e2:c9:
d3:28:4f:cd:4a:de:e9:b8:42:09:a9:5c:4c:2f:85:
27:89:f0:89:e7:84:33:cb:12:d3:75:3c:ec:61:4e:
56:f8:04:23:43:87:94:7a:a5:d3:ec:9b:4c:74:bc:
ff:e0:5d:6d:8d:e2:f2:c8:37:f0:21:02:e0:00:f9:
35:bc:4f:b4:0c:54:7f:f4:5d:b1:be:cf:b2:91:c0:
48:cb:dc:d1:e8:f8:7b:0b:d9:31:02:76:29:25:26:
d5:bb:6c:3e:3a:89:5f:a5:8e:9a:2f:39:82:62:99:
43:b6:3f:7f:2d:c1:39:64:80:4a:5f:c0:56:45:0b:
a3:40:e6:ea:69:04:c1:ed:0b:00:a1:8e:4b:73:45:
6f:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:03:3D:66:95:3E:D7:E5:1F:DC:4E:33:D7:0F:34:A2:3C:5E:D0:B1
X509v3 Authority Key Identifier:
keyid:8E:52:A3:95:4E:30:E4:75:3E:2E:00:A0:EF:81:69:66:D6:D6:0D:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jlKjlU4w5HU-LgCg74FpZtbWDbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/lAM9ZpU-1-Uf3E4z1w80ojxe0LE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/1177a2-219c-4b60-b901-b856db33c6c6/1/jlKjlU4w5HU-LgCg74FpZtbWDbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.96.0/22
IPv6:
2a0b:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
eb:11:49:89:3c:48:9f:05:f8:15:56:99:0f:c1:58:6b:f8:0e:
2b:6b:4a:0c:ae:9f:92:83:57:1b:e0:dc:3b:07:25:ea:f3:a7:
db:f5:b0:9e:f2:76:63:72:8e:97:8b:92:a8:2c:6c:26:16:e4:
ca:d7:2c:2b:d3:11:25:b7:7a:4d:91:0f:a9:aa:e6:e2:78:4b:
36:a1:2b:82:74:67:5f:1b:7f:19:42:04:9c:43:9a:1b:d1:87:
3e:8e:f9:ef:08:ba:c4:cf:48:84:99:55:4b:52:e0:81:c3:05:
a4:a4:1d:c7:34:cc:63:2b:32:82:47:95:a6:71:b9:d8:76:a6:
d0:1b:34:12:0f:51:58:b5:3d:75:4a:4b:1e:e7:9c:f1:76:12:
b9:93:fc:28:15:ae:69:6d:2e:a8:25:f3:6c:12:61:57:c5:7f:
da:e0:4a:df:5b:55:a3:51:3e:b5:f6:d0:de:79:8c:f9:ce:ea:
d0:d0:9a:48:89:12:ab:dd:2d:dc:43:03:e5:27:29:85:2f:30:
d1:f9:a9:a2:d4:85:3b:6a:52:f5:ff:12:f3:99:1d:2d:1d:fc:
e9:dd:dc:4f:a7:83:96:55:df:6d:c0:46:99:17:8d:b7:af:6c:
b7:bb:86:34:c6:fe:43:fe:3a:38:8e:77:59:bf:19:73:86:6e:
10:e3:e9:b1
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEXHFYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZTUyYTM5NTRlMzBlNDc1M2UyZTAwYTBlZjgxNjk2NmQ2ZDYwZGI2MB4XDTIyMDEw
MTA0NTYyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTQwMzNkNjY5NTNl
ZDdlNTFmZGM0ZTMzZDcwZjM0YTIzYzVlZDBiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOuS1O5C8ePYI5i1LEhg3NcsMtuIODW3jCTvtzjTC3i1lIS3
+/xooyQgzfmdxJhDRYSFLYSBlNtFu4c1X+ihkHqihSsRDWuqRgqgX39Jv78lMSkK
tkapyt+NzKLnjR/b5L5dMGd2hcCrw90DEcGAd2fANIQNDeLJ0yhPzUre6bhCCalc
TC+FJ4nwieeEM8sS03U87GFOVvgEI0OHlHql0+ybTHS8/+BdbY3i8sg38CEC4AD5
NbxPtAxUf/Rdsb7PspHASMvc0ej4ewvZMQJ2KSUm1btsPjqJX6WOmi85gmKZQ7Y/
fy3BOWSASl/AVkULo0Dm6mkEwe0LAKGOS3NFb2MCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSUAz1mlT7X5R/cTjPXDzSiPF7QsTAfBgNVHSMEGDAWgBSOUqOVTjDkdT4u
AKDvgWlm1tYNtjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2psS2psVTR3NUhVLUxnQ2c3NEZwWnRiV0RiWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvMTE3N2EyLTIxOWMtNGI2MC1iOTAxLWI4NTZkYjMzYzZjNi8x
L2xBTTlacFUtMS1VZjNFNHoxdzgwb2p4ZTBMRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
MTE3N2EyLTIxOWMtNGI2MC1iOTAxLWI4NTZkYjMzYzZjNi8xL2psS2psVTR3NUhV
LUxnQ2c3NEZwWnRiV0RiWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmhYDANBAIAAjAHAwUDKgvvADAN
BgkqhkiG9w0BAQsFAAOCAQEA6xFJiTxInwX4FVaZD8FYa/gOK2tKDK6fkoNXG+Dc
Owcl6vOn2/WwnvJ2Y3KOl4uSqCxsJhbkytcsK9MRJbd6TZEPqarm4nhLNqErgnRn
Xxt/GUIEnEOaG9GHPo757wi6xM9IhJlVS1LggcMFpKQdxzTMYysygkeVpnG52Ham
0Bs0Eg9RWLU9dUpLHuec8XYSuZP8KBWuaW0uqCXzbBJhV8V/2uBK31tVo1E+tfbQ
3nmM+c7q0NCaSIkSq90t3EMD5ScphS8w0fmpotSFO2pS9f8S85kdLR386d3cT6eD
llXfbcBGmReNt69st7uGNMb+Q/46OI53Wb8Zc4ZuEOPpsQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:23 2025 by rpki-client