Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/LDhJ42W50AcmVQMm2SNd4cIMlq4.roa
File: LDhJ42W50AcmVQMm2SNd4cIMlq4.roa (raw, json)
Hash identifier: buuyr1xHkJF2bSj/e8ALy/rz04FU028fTKAo23+zKic=
Subject key identifier: 2C:38:49:E3:65:B9:D0:07:26:55:03:26:D9:23:5D:E1:C2:0C:96:AE
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0183D6BD595A7521B111D7139237D8460B3B
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/LDhJ42W50AcmVQMm2SNd4cIMlq4.roa
Signing time: Fri 14 Oct 2022 13:44:36 +0000
ROA not before: Fri 14 Oct 2022 13:44:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:bd:59:5a:75:21:b1:11:d7:13:92:37:d8:46:0b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Oct 14 13:44:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2c3849e365b9d00726550326d9235de1c20c96ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:05:38:d0:dd:77:4d:ad:9f:da:19:4e:ad:69:
0f:79:07:47:cc:f2:0b:89:23:5a:4b:f3:84:77:a0:
57:4e:c6:54:6a:46:0c:96:c2:09:0c:76:21:69:1e:
04:ca:2f:16:ad:35:8d:8e:4c:a3:a0:65:70:b4:d6:
50:4d:0f:6c:ce:85:04:57:b6:96:26:02:80:d8:7a:
f0:ee:4c:d1:6c:09:58:46:06:05:22:89:02:38:e1:
ed:fa:37:e2:6f:4f:b6:37:f0:6e:38:e9:fc:c7:a1:
bd:0b:29:d0:f3:82:dc:ea:27:81:96:fd:56:53:e8:
62:1c:d8:2e:07:91:3f:a0:e0:54:60:66:f1:56:52:
69:ae:eb:68:0b:84:14:14:6a:cc:6b:6a:11:c3:48:
5c:9e:0e:9b:30:e7:ea:ce:62:43:dd:6d:4a:b5:8f:
e8:ef:2c:91:e9:16:da:3f:c7:af:62:c8:0a:c5:18:
a2:b0:3e:7c:32:ca:6f:41:be:65:1d:d5:57:ce:a4:
86:cd:d8:4c:3f:2e:4f:f1:91:ba:43:d9:03:dc:db:
2c:90:e9:92:07:6c:56:bb:04:dc:48:db:cf:e5:a6:
ff:d1:3f:1f:c1:41:4e:cf:f3:9e:18:2b:5d:d3:30:
5e:37:62:20:0d:6a:be:f6:dd:45:75:ac:ab:5d:05:
a6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:38:49:E3:65:B9:D0:07:26:55:03:26:D9:23:5D:E1:C2:0C:96:AE
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/LDhJ42W50AcmVQMm2SNd4cIMlq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.60.0/24
217.25.91.0/24
217.25.95.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
95:81:3b:83:9e:d7:56:f4:4c:5a:5d:1d:0d:c1:4e:f2:b1:be:
47:31:47:78:83:92:16:99:52:13:f6:7a:03:c1:26:a0:06:90:
9d:44:a9:a0:9e:a8:6a:ca:ff:18:08:e4:9b:5e:24:21:07:63:
dc:4a:b7:19:9e:ca:0b:77:76:39:0a:f6:ba:30:49:c1:bd:af:
2f:4e:c7:fe:f9:71:e4:25:c6:af:dc:4b:0a:cd:24:88:3c:e3:
a3:98:ad:8c:6d:71:02:b1:d7:63:27:25:53:98:48:cc:36:eb:
4c:2e:a5:a0:6c:6f:28:db:1b:cf:10:37:4c:d5:06:e1:9f:dd:
b4:01:53:27:89:37:48:ee:44:ee:8c:21:b0:a7:ae:d9:34:14:
16:7f:27:29:fb:29:7e:ae:70:fb:6a:20:bb:34:6d:60:7a:34:
d5:da:0f:f0:55:59:9f:3b:41:16:86:1b:9a:b0:7c:f9:80:fc:
58:b1:2d:9d:7d:8c:cf:00:5f:bc:6f:f9:97:e6:af:46:5e:07:
05:e6:80:c6:ee:ae:0f:d6:af:25:bc:4b:a8:78:87:14:b8:e4:
2f:ba:02:b4:ae:79:af:d4:75:55:ac:1b:d2:af:a3:78:7e:3a:
7a:26:02:a3:29:ff:9f:64:85:0a:58:88:49:d8:37:b6:23:bb:
d5:25:ed:26
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYPWvVladSGxEdcTkjfYRgs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMDE0MTM0NDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM4NDllMzY1YjlkMDA3MjY1NTAzMjZkOTIzNWRlMWMyMGM5NmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmwU40N13Ta2f2hlOrWkPeQdHzPIL
iSNaS/OEd6BXTsZUakYMlsIJDHYhaR4Eyi8WrTWNjkyjoGVwtNZQTQ9szoUEV7aW
JgKA2Hrw7kzRbAlYRgYFIokCOOHt+jfib0+2N/BuOOn8x6G9CynQ84Lc6ieBlv1W
U+hiHNguB5E/oOBUYGbxVlJprutoC4QUFGrMa2oRw0hcng6bMOfqzmJD3W1KtY/o
7yyR6RbaP8evYsgKxRiisD58MspvQb5lHdVXzqSGzdhMPy5P8ZG6Q9kD3NsskOmS
B2xWuwTcSNvP5ab/0T8fwUFOz/OeGCtd0zBeN2IgDWq+9t1FdayrXQWmXQIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFCw4SeNludAHJlUDJtkjXeHCDJauMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvTERoSjQyVzUwQWNtVlFNbTJTTmQ0Y0lNbHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBIBAIAATBCAwQATijYAwQB
VcFcAwQAVcFfAwQAV/kyAwQAXuR6AwQAsDndAwQAuWhwAwQAuWhzAwQAvOE8AwQA
2RlbAwQA2RlfMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEBAJWB
O4Oe11b0TFpdHQ3BTvKxvkcxR3iDkhaZUhP2egPBJqAGkJ1EqaCeqGrK/xgI5Jte
JCEHY9xKtxmeygt3djkK9rowScG9ry9Ox/75ceQlxq/cSwrNJIg846OYrYxtcQKx
12MnJVOYSMw260wupaBsbyjbG88QN0zVBuGf3bQBUyeJN0juRO6MIbCnrtk0FBZ/
Jyn7KX6ucPtqILs0bWB6NNXaD/BVWZ87QRaGG5qwfPmA/FixLZ19jM8AX7xv+Zfm
r0ZeBwXmgMburg/WryW8S6h4hxS45C+6ArSuea/UdVWsG9Kvo3h+OnomAqMp/59k
hQpYiEnYN7Yju9Ul7SY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:40 2023 by rpki-client on console-ams.rpki-client.org