Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/LtuSLqYXS3RFUan98sS7Fcdgu48.roa
File: LtuSLqYXS3RFUan98sS7Fcdgu48.roa (raw, json)
Hash identifier: c80xII5wZhUBqzUXOrQUvjH8qMccTOnuLlB43Mnh2qU=
Subject key identifier: 2E:DB:92:2E:A6:17:4B:74:45:51:A9:FD:F2:C4:BB:15:C7:60:BB:8F
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01869CA33D9F02B1155D0268A1B7F00BD741
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/LtuSLqYXS3RFUan98sS7Fcdgu48.roa
Signing time: Wed 01 Mar 2023 10:06:29 +0000
ROA not before: Wed 01 Mar 2023 10:06:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.137.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:9c:a3:3d:9f:02:b1:15:5d:02:68:a1:b7:f0:0b:d7:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Mar 1 10:06:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2edb922ea6174b744551a9fdf2c4bb15c760bb8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:19:fb:8e:3e:09:3a:ab:9e:d2:12:d0:b1:ff:
e1:fd:b3:ab:30:a6:cf:08:d9:dc:fa:49:a4:33:12:
40:2e:0a:c7:c8:f5:b7:89:5c:42:50:e9:6b:d5:1f:
68:18:6d:a6:2b:be:73:0d:9f:ec:fb:67:d5:bd:0b:
ef:a0:d3:c0:9f:42:b9:dd:27:cc:7f:99:6d:36:3e:
43:1f:98:0b:03:0d:1f:3d:b7:e2:a0:d3:3f:bf:9a:
33:cd:ae:75:8f:c2:32:ed:e1:8d:9d:13:d6:6e:c3:
fc:79:c4:2c:0b:d7:4c:9b:d5:7c:9f:8e:ae:a2:55:
e4:02:6f:db:46:77:f3:2c:2f:f9:75:db:00:11:bf:
3f:41:09:c1:70:d3:21:c8:36:dc:d3:ed:99:98:4f:
9a:e8:de:b3:31:08:66:9c:e8:38:93:e7:88:e1:a7:
6a:10:00:9c:e1:41:37:b8:ad:ef:b9:3d:34:dc:82:
dd:4f:00:c3:39:47:d9:ed:94:de:bc:9f:2e:92:1d:
f2:a2:fd:7b:9b:78:7d:db:4b:5b:e8:e2:49:ca:fc:
8d:c7:35:a5:50:4c:5c:6b:56:71:dc:a0:10:fc:02:
d3:0a:ff:14:58:6d:8a:b3:79:0b:f5:c9:33:36:ea:
a2:67:ee:85:03:31:ca:75:ab:82:bb:a0:32:03:9f:
07:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DB:92:2E:A6:17:4B:74:45:51:A9:FD:F2:C4:BB:15:C7:60:BB:8F
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/LtuSLqYXS3RFUan98sS7Fcdgu48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.137.61.0/24
Signature Algorithm: sha256WithRSAEncryption
66:8a:c0:b0:37:56:d0:fd:9f:07:62:0d:07:d4:fd:cf:9e:b1:
2d:73:71:7c:37:c7:52:35:b9:73:2c:7d:a4:7b:d9:19:ad:22:
3f:21:77:df:b7:f5:35:1a:b9:7b:35:f5:90:e3:d4:7b:a5:0a:
79:62:f8:88:4c:2f:7f:81:85:75:eb:4c:1b:48:75:ec:30:4e:
02:56:69:dd:de:5c:dd:a7:ec:e0:b5:f5:b4:be:45:6e:66:37:
1b:02:8f:2f:02:37:8e:54:be:13:69:97:af:93:3d:fc:fc:93:
96:7f:f2:4f:0f:c6:6c:92:f7:b0:e6:d3:85:0d:26:a3:e7:fa:
79:f2:5c:8f:16:2a:e0:fc:35:9e:27:ba:52:0b:30:f9:37:7a:
f6:8b:68:ea:e9:79:d2:1d:14:a6:93:5e:00:fb:20:46:ca:7f:
e1:e2:3d:03:0a:f5:84:f1:14:a8:77:ff:7e:48:93:05:80:68:
28:61:f9:50:b0:4b:06:9d:4a:e1:31:31:58:c9:2f:03:d8:01:
f3:be:c5:24:ba:da:2e:2a:56:df:93:c3:8a:b1:3d:c1:47:47:
b0:66:8d:b9:e6:e9:35:25:1e:f9:54:61:64:ec:f6:97:c5:a5:
02:08:b4:80:26:56:b4:b9:5d:f3:1b:f7:d6:6d:ff:e1:4f:d6:
68:87:ba:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYacoz2fArEVXQJoobfwC9dBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjMwMzAxMTAwNjI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRiOTIyZWE2MTc0Yjc0NDU1MWE5ZmRmMmM0YmIxNWM3NjBiYjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBn7jj4JOque0hLQsf/h/bOrMKbP
CNnc+kmkMxJALgrHyPW3iVxCUOlr1R9oGG2mK75zDZ/s+2fVvQvvoNPAn0K53SfM
f5ltNj5DH5gLAw0fPbfioNM/v5ozza51j8Iy7eGNnRPWbsP8ecQsC9dMm9V8n46u
olXkAm/bRnfzLC/5ddsAEb8/QQnBcNMhyDbc0+2ZmE+a6N6zMQhmnOg4k+eI4adq
EACc4UE3uK3vuT003ILdTwDDOUfZ7ZTevJ8ukh3yov17m3h920tb6OJJyvyNxzWl
UExca1Zx3KAQ/ALTCv8UWG2Ks3kL9ckzNuqiZ+6FAzHKdauCu6AyA58HyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7bki6mF0t0RVGp/fLEuxXHYLuPMB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvTHR1U0xxWVhTM1JGVWFuOThzUzdGY2RndTQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYk9MA0G
CSqGSIb3DQEBCwUAA4IBAQBmisCwN1bQ/Z8HYg0H1P3PnrEtc3F8N8dSNblzLH2k
e9kZrSI/IXfft/U1Grl7NfWQ49R7pQp5YviITC9/gYV160wbSHXsME4CVmnd3lzd
p+zgtfW0vkVuZjcbAo8vAjeOVL4TaZevkz38/JOWf/JPD8Zskvew5tOFDSaj5/p5
8lyPFirg/DWeJ7pSCzD5N3r2i2jq6XnSHRSmk14A+yBGyn/h4j0DCvWE8RSod/9+
SJMFgGgoYflQsEsGnUrhMTFYyS8D2AHzvsUkutouKlbfk8OKsT3BR0ewZo255uk1
JR75VGFk7PaXxaUCCLSAJla0uV3zG/fWbf/hT9Zoh7rF
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:14:22 2025 by rpki-client