Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/le24dDpKshCyARs54H2RKa1bWa8.roa
File: le24dDpKshCyARs54H2RKa1bWa8.roa (raw, json)
Hash identifier: rdtRFHZvRKOKc0DIlRKL1/2cwqx73pLrXNOcf4s5ZTY=
Subject key identifier: 95:ED:B8:74:3A:4A:B2:10:B2:01:1B:39:E0:7D:91:29:AD:5B:59:AF
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 371B01CC
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/le24dDpKshCyARs54H2RKa1bWa8.roa
Signing time: Wed 01 Jun 2022 09:43:12 +0000
ROA not before: Wed 01 Jun 2022 09:43:12 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12430
IP address blocks: 212.122.96.0/19 maxlen: 19
81.60.0.0/15 maxlen: 18
62.82.0.0/15 maxlen: 16
89.141.0.0/16 maxlen: 16
80.173.0.0/16 maxlen: 17
62.100.96.0/19 maxlen: 19
2.154.192.0/18 maxlen: 18
84.127.229.0/24 maxlen: 24
81.202.0.0/15 maxlen: 15
62.42.0.0/15 maxlen: 16
62.117.128.0/17 maxlen: 17
5.40.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
82.158.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
81.172.0.0/17 maxlen: 17
212.22.32.0/19 maxlen: 20
89.140.0.0/16 maxlen: 16
79.108.0.0/15 maxlen: 18
80.224.0.0/16 maxlen: 16
83.173.128.0/18 maxlen: 18
62.81.0.0/16 maxlen: 24
84.120.0.0/13 maxlen: 19
83.138.192.0/18 maxlen: 18
2.154.0.0/16 maxlen: 16
81.184.0.0/16 maxlen: 16
2.152.0.0/16 maxlen: 16
2.152.0.0/14 maxlen: 17
80.174.0.0/16 maxlen: 17
62.174.0.0/15 maxlen: 19
62.101.160.0/19 maxlen: 19
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 924516812 (0x371b01cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jun 1 09:43:12 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95edb8743a4ab210b2011b39e07d9129ad5b59af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f1:ba:4a:55:e1:45:6e:c2:86:e3:9b:c0:d6:
f1:ae:76:9e:f2:e8:31:66:1a:87:2b:54:8c:9c:7b:
2f:b7:8d:7c:d4:43:3b:b0:da:9c:e1:ae:76:2c:6c:
5a:16:3d:e0:cc:2d:69:72:86:12:4f:0a:a7:fb:34:
4e:cd:15:eb:61:71:02:20:08:e4:89:e0:84:91:cd:
ff:ee:ea:ed:ce:f8:4c:7d:9f:a3:39:bd:eb:97:04:
61:69:e2:03:5f:f6:d0:98:d5:66:6e:d5:c9:15:c8:
39:7c:f9:d4:24:ce:b8:00:ef:50:41:b1:d0:38:2e:
24:b0:0d:8e:4f:e7:ac:55:9d:e8:fe:80:f5:98:43:
dc:aa:b7:bd:98:49:59:f1:7f:92:39:89:f9:b0:d9:
b1:10:57:f7:c3:9a:dd:ec:90:19:42:74:48:30:b3:
da:89:63:a9:e9:a9:f4:f8:88:2c:eb:e3:99:49:9e:
94:39:1a:60:04:0b:cc:00:2d:3a:44:d7:d1:d9:d2:
ba:be:81:89:2f:82:7b:1d:e0:32:4c:96:31:7a:f4:
b6:14:77:e0:f5:e3:03:f0:97:ae:d2:ad:c1:c4:a1:
15:06:5c:27:73:0a:f0:eb:a5:bf:01:78:12:3a:b0:
45:f4:42:03:da:80:93:5a:b2:c5:bf:f1:e9:41:83:
08:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:ED:B8:74:3A:4A:B2:10:B2:01:1B:39:E0:7D:91:29:AD:5B:59:AF
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/le24dDpKshCyARs54H2RKa1bWa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.152.0.0/14
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.101.160.0/19
62.117.128.0/17
62.174.0.0/15
79.108.0.0/15
80.173.0.0-80.174.255.255
80.224.0.0/16
81.60.0.0/15
81.172.0.0/17
81.184.0.0/16
81.202.0.0/15
82.158.0.0/15
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
89.140.0.0/15
212.22.32.0/19
212.122.96.0/19
Signature Algorithm: sha256WithRSAEncryption
0b:d2:27:aa:3a:9f:90:34:f1:ae:92:be:45:7a:17:ab:5c:b2:
25:02:e3:b3:ab:a1:09:58:7d:e0:be:55:df:9a:ed:99:ac:68:
2b:86:35:e3:a2:c6:7c:b0:4a:05:4c:96:63:ab:e3:4d:3a:6c:
de:df:cd:0f:89:4e:82:ae:a6:a0:b9:82:e3:52:cd:e0:50:af:
88:63:a8:79:bb:17:5f:8e:5f:dd:c8:29:69:ec:24:89:e0:18:
07:84:b8:e4:c3:1b:fb:f7:6e:04:e2:77:0b:56:9c:ee:8f:0e:
74:a9:32:f5:18:69:0d:3c:f1:0b:70:cb:da:d3:20:73:51:27:
f5:63:a8:68:f6:f6:73:2c:d6:4c:b8:48:2b:46:d0:4e:53:8e:
7d:8b:d8:fd:33:74:8d:4b:1b:ba:cb:76:ae:b9:18:8d:a7:0a:
93:e1:ff:1b:95:f3:76:07:1b:1c:31:82:96:0c:ce:92:60:74:
51:e2:d4:c8:fe:1a:91:42:28:38:2f:16:5d:95:78:20:71:ef:
69:9b:76:a1:d5:89:79:d3:61:11:ca:84:77:1e:1f:0a:1e:59:
5c:ec:1d:72:c0:98:32:55:a4:61:5a:d9:9a:25:ad:4f:47:be:
48:13:e6:11:a4:c6:4b:6d:c8:93:22:f3:ef:a5:bb:c3:da:78:
52:55:b0:df
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIENxsBzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDM0ZjE2ODYxMDI4NzZjNjIxNmJjZWEyOGE1ZTUwMmVjMGQ3YjZiMB4XDTIyMDYw
MTA5NDMxMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVlZGI4NzQzYTRh
YjIxMGIyMDExYjM5ZTA3ZDkxMjlhZDViNTlhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrxukpV4UVuwobjm8DW8a52nvLoMWYahytUjJx7L7eNfNRD
O7DanOGudixsWhY94MwtaXKGEk8Kp/s0Ts0V62FxAiAI5InghJHN/+7q7c74TH2f
ozm965cEYWniA1/20JjVZm7VyRXIOXz51CTOuADvUEGx0DguJLANjk/nrFWd6P6A
9ZhD3Kq3vZhJWfF/kjmJ+bDZsRBX98Oa3eyQGUJ0SDCz2oljqemp9PiILOvjmUme
lDkaYAQLzAAtOkTX0dnSur6BiS+Cex3gMkyWMXr0thR34PXjA/CXrtKtwcShFQZc
J3MK8OulvwF4EjqwRfRCA9qAk1qyxb/x6UGDCN0CAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBSV7bh0OkqyELIBGzngfZEprVtZrzAfBgNVHSMEGDAWgBTUNPFoYQKHbGIW
vOoopeUC7A17azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFEVHhhR0VDaDJ4aUZyenFLS1hsQXV3TmUycy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvNzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8x
L2xlMjRkRHBLc2hDeUFSczU0SDJSS2ExYldhOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
NzI2YmI0LTVkODctNDAyZC05MWNlLTU3MTJkOTVhZTYzOC8xLzFEVHhhR0VDaDJ4
aUZyenFLS1hsQXV3TmUycy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgZYEAgABMIGPAwMCApgDAwAFKAMDAT4qAwMA
PjkwCgMDAD5RAwMCPlADBAU+ZGADBAU+ZaADBAc+dYADAwE+rgMDAU9sMAoDAwBQ
rQMDAFCuAwMAUOADAwFRPAMEB1GsAAMDAFG4AwMBUcoDAwFSngMEBlLVgAMEBlOK
wAMEBlOtgAMDA1R4AwMBWYwDBAXUFiADBAXUemAwDQYJKoZIhvcNAQELBQADggEB
AAvSJ6o6n5A08a6SvkV6F6tcsiUC47OroQlYfeC+Vd+a7ZmsaCuGNeOixnywSgVM
lmOr4006bN7fzQ+JToKupqC5guNSzeBQr4hjqHm7F1+OX93IKWnsJIngGAeEuOTD
G/v3bgTidwtWnO6PDnSpMvUYaQ088Qtwy9rTIHNRJ/VjqGj29nMs1ky4SCtG0E5T
jn2L2P0zdI1LG7rLdq65GI2nCpPh/xuV83YHGxwxgpYMzpJgdFHi1Mj+GpFCKDgv
Fl2VeCBx72mbdqHViXnTYRHKhHceHwoeWVzsHXLAmDJVpGFa2ZolrU9HvkgT5hGk
xkttyJMi8++lu8PaeFJVsN8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:48 2023 by rpki-client on console-ams.rpki-client.org