Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/L9KLgD4TpdbFQXqUPgRGfoJHvsM.roa
File: L9KLgD4TpdbFQXqUPgRGfoJHvsM.roa (raw, json)
Hash identifier: 5pH7sCPe5Fj4V3rQCjiVmXLRZPixiTtfYLhMSFPmiYI=
Subject key identifier: 2F:D2:8B:80:3E:13:A5:D6:C5:41:7A:94:3E:04:46:7E:82:47:BE:C3
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 09283AEA
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/L9KLgD4TpdbFQXqUPgRGfoJHvsM.roa
Signing time: Sat 01 Jan 2022 03:56:39 +0000
ROA not before: Sat 01 Jan 2022 03:56:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48037
IP address blocks: 144.43.192.0/19 maxlen: 24
144.43.0.0/17 maxlen: 24
144.43.224.0/20 maxlen: 24
144.43.0.0/16 maxlen: 24
144.43.128.0/18 maxlen: 24
144.43.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153631466 (0x9283aea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 1 03:56:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fd28b803e13a5d6c5417a943e04467e8247bec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:71:49:3c:7a:c8:1d:e4:40:89:08:a8:39:ed:
19:82:62:fc:7c:66:9b:2c:1b:b5:7f:d0:06:72:30:
7b:e7:3c:86:fa:28:1a:b6:6d:c6:05:76:d7:8f:01:
d8:c1:57:f1:3a:aa:28:5d:d9:29:4d:ea:bb:47:26:
d0:54:0b:99:b3:72:91:77:9f:fa:4d:cb:af:d9:bd:
f1:e1:f6:b6:8d:11:65:ab:44:7f:72:2e:a4:d6:18:
d4:83:bb:33:27:19:c5:da:72:1d:57:bd:a8:01:dd:
e4:97:6c:91:1a:68:5d:a9:fa:da:ab:80:dd:b3:64:
40:25:9f:20:71:27:78:c3:a7:aa:f4:89:91:92:4f:
eb:b5:2c:b4:92:bd:3b:12:32:21:a9:42:57:2b:a9:
84:1e:84:dc:24:ba:b0:35:4f:bb:32:ca:78:8b:86:
ae:32:b3:7d:5f:52:20:3e:f2:1f:04:6d:6c:a8:bb:
aa:d4:ca:c9:99:0c:09:49:95:1e:cf:c4:c8:8b:0a:
80:d5:da:d2:83:82:10:85:59:aa:61:61:19:d1:bf:
b7:fc:f6:a5:5d:70:a8:94:f2:fd:1f:4f:70:70:9f:
53:6f:99:ee:c7:e0:2e:75:96:ef:6a:b9:c4:5f:62:
d7:2f:b4:b7:92:8e:8b:a9:cc:84:23:da:73:f0:a0:
d9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D2:8B:80:3E:13:A5:D6:C5:41:7A:94:3E:04:46:7E:82:47:BE:C3
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/L9KLgD4TpdbFQXqUPgRGfoJHvsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b8:3e:fa:1e:68:f5:6a:85:99:da:2e:32:f3:de:97:aa:82:e5:
fc:77:31:cd:3f:03:5a:3e:ad:f2:18:e9:de:f4:76:cc:21:64:
91:54:67:e0:3d:56:be:4b:b8:36:92:a2:e8:24:cb:df:ce:09:
70:cc:c9:f1:c1:96:0f:39:89:9c:9a:30:b2:bf:14:5a:63:d1:
2d:c2:2f:0f:9a:10:b1:dc:b2:fc:71:77:9e:87:8c:fa:56:64:
e0:38:43:c4:7e:e2:51:99:20:4b:b8:24:a8:8c:22:7f:d9:e6:
84:9e:74:31:01:2d:76:5b:56:f3:45:67:40:8b:1c:aa:6f:9b:
a8:c4:aa:7d:34:df:49:90:c4:e8:e0:ff:38:2b:35:8d:9b:be:
6d:88:bc:10:63:a4:d4:57:f0:b2:63:24:52:7f:79:89:57:d2:
bf:92:c2:9b:7b:0d:01:68:34:52:21:ad:67:05:43:4e:a7:2c:
a2:67:25:33:c4:c8:f3:63:83:d5:12:5b:8e:51:ae:55:e5:ee:
90:e9:15:59:9d:36:c7:90:4f:e2:53:cf:f1:93:8a:ae:5a:cf:
0f:1d:ac:ba:46:ed:62:1a:f2:f6:01:28:b2:81:2c:af:28:dd:
c9:f2:53:67:f6:76:80:41:b8:b3:8b:65:c9:2b:5d:de:dc:5b:
cd:97:8f:39
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECSg66jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZDA2OWUxOWUxMmMxMDQwMDRlOGI0Yjc1ZjhhNzc4OWI3ZTExMzk2MB4XDTIyMDEw
MTAzNTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmZkMjhiODAzZTEz
YTVkNmM1NDE3YTk0M2UwNDQ2N2U4MjQ3YmVjMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKJxSTx6yB3kQIkIqDntGYJi/HxmmywbtX/QBnIwe+c8hvoo
GrZtxgV2148B2MFX8TqqKF3ZKU3qu0cm0FQLmbNykXef+k3Lr9m98eH2to0RZatE
f3IupNYY1IO7MycZxdpyHVe9qAHd5JdskRpoXan62quA3bNkQCWfIHEneMOnqvSJ
kZJP67UstJK9OxIyIalCVyuphB6E3CS6sDVPuzLKeIuGrjKzfV9SID7yHwRtbKi7
qtTKyZkMCUmVHs/EyIsKgNXa0oOCEIVZqmFhGdG/t/z2pV1wqJTy/R9PcHCfU2+Z
7sfgLnWW72q5xF9i1y+0t5KOi6nMhCPac/Cg2fsCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQv0ouAPhOl1sVBepQ+BEZ+gke+wzAfBgNVHSMEGDAWgBRtBp4Z4SwQQATo
tLdfineJt+ETljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JRYWVHZUVzRUVBRTZMUzNYNHAzaWJmaEU1WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvY2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8x
L0w5S0xnRDRUcGRiRlFYcVVQZ1JHZm9KSHZzTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
Y2Y2NGY2LTA3ODktNDNlMy1iZDZiLTdiZmYyOTZjNmIwMi8xL2JRYWVHZUVzRUVB
RTZMUzNYNHAzaWJmaEU1WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJArMA0GCSqGSIb3DQEBCwUAA4IB
AQC4PvoeaPVqhZnaLjLz3peqguX8dzHNPwNaPq3yGOne9HbMIWSRVGfgPVa+S7g2
kqLoJMvfzglwzMnxwZYPOYmcmjCyvxRaY9Etwi8PmhCx3LL8cXeeh4z6VmTgOEPE
fuJRmSBLuCSojCJ/2eaEnnQxAS12W1bzRWdAixyqb5uoxKp9NN9JkMTo4P84KzWN
m75tiLwQY6TUV/CyYyRSf3mJV9K/ksKbew0BaDRSIa1nBUNOpyyiZyUzxMjzY4PV
EluOUa5V5e6Q6RVZnTbHkE/iU8/xk4quWs8PHay6Ru1iGvL2ASiygSyvKN3J8lNn
9naAQbizi2XJK13e3FvNl485
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:40 2023 by rpki-client on console-ams.rpki-client.org