Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/lwkJUeHiERAUql5t6f4k6TZXuyQ.roa
File: lwkJUeHiERAUql5t6f4k6TZXuyQ.roa (raw, json)
Hash identifier: rs3BGKuiJTvP4ac/YYVWy6XK+GPxPEvCX8jOh1TerP0=
Subject key identifier: 97:09:09:51:E1:E2:11:10:14:AA:5E:6D:E9:FE:24:E9:36:57:BB:24
Certificate issuer: /CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Certificate serial: 051EDF0D
Authority key identifier: F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/lwkJUeHiERAUql5t6f4k6TZXuyQ.roa
Signing time: Sat 01 Jan 2022 03:56:09 +0000
ROA not before: Sat 01 Jan 2022 03:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202454
IP address blocks: 193.28.36.0/22 maxlen: 22
193.28.37.0/24 maxlen: 24
193.28.36.0/24 maxlen: 24
193.28.38.0/24 maxlen: 24
193.28.39.0/24 maxlen: 24
185.152.0.0/23 maxlen: 23
185.152.0.0/24 maxlen: 24
185.152.3.0/24 maxlen: 24
185.152.1.0/24 maxlen: 24
2a0a:2700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 85909261 (0x51edf0d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0cf4963357ddb9855f9bac4c7d995adc89a372a
Validity
Not Before: Jan 1 03:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=97090951e1e2111014aa5e6de9fe24e93657bb24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a4:8b:90:95:a3:fc:97:72:c1:47:85:39:60:
24:3f:80:d7:f3:a4:34:06:57:f3:81:4f:b1:19:60:
50:c3:c2:9f:7a:d2:99:73:66:f6:7d:2b:fe:8b:c6:
95:35:dd:5e:ed:a3:2a:a6:c0:99:6a:a6:ce:21:6a:
0e:0d:75:f3:b0:0b:ff:63:0a:98:f6:77:89:3a:fb:
e3:64:49:e8:54:ed:2b:0f:7b:cc:19:81:b1:7f:d4:
6c:70:5c:85:4c:77:b1:f8:49:72:13:35:17:7f:e2:
42:85:78:8f:45:6d:24:da:4e:b1:cc:06:78:fd:25:
03:20:9c:1a:7b:7a:e2:37:47:f8:53:e8:c0:96:37:
06:6e:65:cb:5d:07:14:2a:9b:91:e8:24:d7:b8:1f:
fc:d4:12:a4:11:9e:7f:13:48:3c:90:2c:eb:c6:fe:
7e:47:99:be:7b:51:ce:ff:9e:2f:9e:3a:1a:e2:ec:
4f:72:a6:a0:83:fd:78:9c:fd:d3:8c:49:35:ab:86:
bc:b3:b7:a4:75:74:f1:8f:71:5f:67:0f:65:4b:f0:
2d:c1:8c:74:88:fe:26:71:43:32:35:56:b8:25:c4:
1d:48:c1:34:bf:0f:27:a2:aa:b9:d1:fd:31:61:4e:
49:fa:64:95:b8:6f:aa:6f:07:99:a2:43:1d:ae:0d:
d2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:09:09:51:E1:E2:11:10:14:AA:5E:6D:E9:FE:24:E9:36:57:BB:24
X509v3 Authority Key Identifier:
keyid:F0:CF:49:63:35:7D:DB:98:55:F9:BA:C4:C7:D9:95:AD:C8:9A:37:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8M9JYzV925hV-brEx9mVrciaNyo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/lwkJUeHiERAUql5t6f4k6TZXuyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/975912-fd0c-4318-b0b0-6e056b617d2a/1/8M9JYzV925hV-brEx9mVrciaNyo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.0.0/23
185.152.3.0/24
193.28.36.0/22
IPv6:
2a0a:2700::/29
Signature Algorithm: sha256WithRSAEncryption
b9:45:b1:54:29:d1:87:6b:0a:79:61:e4:70:b4:8c:00:0d:55:
88:3b:ad:c0:17:b9:23:6b:21:e6:87:44:89:23:f0:b4:f8:cc:
c1:c5:06:87:f3:b8:c1:7c:50:d1:3d:d6:84:62:6e:31:b0:c8:
cd:d2:b8:94:ec:62:27:e6:13:37:c5:5e:7d:31:02:68:b7:c7:
2c:ea:46:db:bd:7d:30:3e:42:87:c0:95:07:48:59:13:9a:dc:
1b:e8:ff:5b:67:29:d5:69:27:d9:b8:5b:93:17:2a:6d:65:48:
88:8a:0e:e1:af:20:94:0b:a6:52:05:9b:49:96:aa:ff:d4:0c:
9c:16:07:f1:d1:f9:f3:8f:56:ec:58:d5:cb:18:a1:56:02:c6:
f9:11:d1:d3:34:b2:79:86:c4:ed:d3:b6:17:14:c5:76:e9:26:
ad:ad:6e:63:31:41:4c:6f:75:c1:bc:1e:96:9d:86:40:e6:06:
bc:6e:5b:50:0e:2f:8a:59:c5:2e:9d:58:d7:34:82:56:b2:07:
1f:a1:0d:58:0f:e7:41:d4:b8:11:31:e1:23:5f:15:b1:80:6d:
73:58:76:bc:05:32:0f:03:77:df:b6:48:c8:b1:29:8d:a8:bf:
b2:89:00:21:66:22:41:6f:c4:8d:32:0b:09:39:e1:16:cf:de:
b6:40:f2:ca
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEBR7fDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
MGNmNDk2MzM1N2RkYjk4NTVmOWJhYzRjN2Q5OTVhZGM4OWEzNzJhMB4XDTIyMDEw
MTAzNTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTcwOTA5NTFlMWUy
MTExMDE0YWE1ZTZkZTlmZTI0ZTkzNjU3YmIyNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKSki5CVo/yXcsFHhTlgJD+A1/OkNAZX84FPsRlgUMPCn3rS
mXNm9n0r/ovGlTXdXu2jKqbAmWqmziFqDg1187AL/2MKmPZ3iTr742RJ6FTtKw97
zBmBsX/UbHBchUx3sfhJchM1F3/iQoV4j0VtJNpOscwGeP0lAyCcGnt64jdH+FPo
wJY3Bm5ly10HFCqbkegk17gf/NQSpBGefxNIPJAs68b+fkeZvntRzv+eL546GuLs
T3KmoIP9eJz904xJNauGvLO3pHV08Y9xX2cPZUvwLcGMdIj+JnFDMjVWuCXEHUjB
NL8PJ6KqudH9MWFOSfpklbhvqm8HmaJDHa4N0sUCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSXCQlR4eIREBSqXm3p/iTpNle7JDAfBgNVHSMEGDAWgBTwz0ljNX3bmFX5
usTH2ZWtyJo3KjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzhNOUpZelY5MjVoVi1ickV4OW1WcmNpYU55by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmUvOTc1OTEyLWZkMGMtNDMxOC1iMGIwLTZlMDU2YjYxN2QyYS8x
L2x3a0pVZUhpRVJBVXFsNXQ2ZjRrNlRaWHV5US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmUv
OTc1OTEyLWZkMGMtNDMxOC1iMGIwLTZlMDU2YjYxN2QyYS8xLzhNOUpZelY5MjVo
Vi1ickV4OW1WcmNpYU55by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAbmYAAMEALmYAwMEAsEcJDANBAIA
AjAHAwUDKgonADANBgkqhkiG9w0BAQsFAAOCAQEAuUWxVCnRh2sKeWHkcLSMAA1V
iDutwBe5I2sh5odEiSPwtPjMwcUGh/O4wXxQ0T3WhGJuMbDIzdK4lOxiJ+YTN8Ve
fTECaLfHLOpG2719MD5Ch8CVB0hZE5rcG+j/W2cp1Wkn2bhbkxcqbWVIiIoO4a8g
lAumUgWbSZaq/9QMnBYH8dH5849W7FjVyxihVgLG+RHR0zSyeYbE7dO2FxTFdukm
ra1uYzFBTG91wbwelp2GQOYGvG5bUA4vilnFLp1Y1zSCVrIHH6ENWA/nQdS4ETHh
I18VsYBtc1h2vAUyDwN337ZIyLEpjai/sokAIWYiQW/EjTILCTnhFs/etkDyyg==
-----END CERTIFICATE-----
Generated at Sat Apr 19 10:17:07 2025 by rpki-client