Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LP_6hpMVKddmtVeAaIIqXxH9H28.roa
File: LP_6hpMVKddmtVeAaIIqXxH9H28.roa (raw, json)
Hash identifier: 6smosapPvMPdkKtJ1zDFc4FPpB8jmkq7ptVlgThwFlU=
Subject key identifier: 2C:FF:FA:86:93:15:29:D7:66:B5:57:80:68:82:2A:5F:11:FD:1F:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0189AB64599974D00F1F5BC1ACA35A448102
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LP_6hpMVKddmtVeAaIIqXxH9H28.roa
Signing time: Mon 31 Jul 2023 10:00:27 +0000
ROA not before: Mon 31 Jul 2023 10:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49999
IP address blocks: 194.87.136.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:64:59:99:74:d0:0f:1f:5b:c1:ac:a3:5a:44:81:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jul 31 10:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cfffa86931529d766b5578068822a5f11fd1f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d1:6c:59:80:bf:71:4b:a4:72:23:00:db:b3:
d1:20:c3:37:ce:05:4c:64:e6:b8:08:fd:6d:2d:4b:
05:c1:af:d2:d3:c8:a2:d8:a5:2c:f1:74:1f:67:b2:
10:a8:c9:a8:5e:35:38:0a:9f:b4:78:26:08:c4:60:
85:b8:10:6e:98:99:f0:f4:3a:c0:4c:92:b2:03:0d:
f1:5a:db:3c:68:59:55:f9:f0:e4:a6:bc:c3:ee:56:
dc:76:f6:5e:38:37:94:2f:cf:f9:4b:b6:70:94:db:
7f:57:0b:c0:d7:55:1a:a0:89:d0:a8:7d:f3:33:df:
4f:db:61:81:08:bb:7f:fe:05:c8:4e:fe:93:0a:67:
76:07:63:d5:b8:79:fd:a5:cf:bc:48:8f:a4:fd:68:
3d:72:db:48:52:f9:9a:fb:c1:76:e0:b3:17:76:59:
96:d0:22:79:86:f0:29:cd:e5:e1:03:e0:77:8c:28:
6f:d4:3f:48:57:b2:ca:d6:bb:6d:b4:41:b6:47:57:
bf:18:d6:5e:ef:cf:dd:43:9d:e4:df:35:d3:1c:23:
5c:7f:e7:9a:9e:8b:a8:96:09:2e:1e:e6:32:6b:c3:
b1:91:a7:e4:4f:d6:40:9f:38:d1:b9:85:de:bf:56:
c6:15:6e:a0:08:4c:3e:1d:89:6d:41:02:f6:9b:7a:
a4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:FF:FA:86:93:15:29:D7:66:B5:57:80:68:82:2A:5F:11:FD:1F:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/LP_6hpMVKddmtVeAaIIqXxH9H28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.136.0/24
Signature Algorithm: sha256WithRSAEncryption
36:aa:07:ea:27:1c:f4:17:72:e6:82:31:6b:d7:c0:57:8a:14:
3d:48:45:c3:ce:cb:75:ed:22:e2:dd:b0:10:e9:2e:8c:e4:86:
3a:30:02:a0:5c:e7:95:f0:5a:77:64:eb:28:36:78:a4:ff:a6:
aa:4d:6f:a7:43:5f:4a:d0:f1:e7:64:a6:3e:0b:20:fc:17:fa:
ec:17:2a:f1:39:07:82:e6:6a:9a:f2:89:86:ae:f7:83:84:00:
35:bc:e6:12:4e:f3:25:b5:a4:a9:bf:ac:e3:ee:b7:2a:a9:63:
7c:ba:3d:95:62:90:de:bb:a0:fd:d2:e4:10:2c:ab:b0:26:2e:
ab:40:10:06:65:c3:57:9b:5d:24:bb:eb:5b:5a:eb:55:49:b5:
84:cf:54:b4:61:af:eb:f5:a7:b7:1d:9f:bc:ce:dd:30:2b:6f:
83:dd:01:66:30:83:cd:79:0b:72:c2:2c:c9:92:cd:e9:5e:cd:
a3:dc:e5:a2:72:99:1a:ce:04:9a:ab:69:6e:af:97:35:47:93:
9c:47:e6:93:05:c0:1b:49:d1:18:d2:e6:cd:05:41:2e:29:60:
97:41:e4:71:f5:89:ac:01:62:81:24:f2:ea:a4:fa:4e:ce:73:
d0:ac:85:ad:4e:4f:11:24:70:09:b2:66:ec:4f:5a:59:be:90:
55:3d:48:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmrZFmZdNAPH1vBrKNaRIECMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwNzMxMTAwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2ZmZmE4NjkzMTUyOWQ3NjZiNTU3ODA2ODgyMmE1ZjExZmQxZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNFsWYC/cUukciMA27PRIMM3zgVM
ZOa4CP1tLUsFwa/S08ii2KUs8XQfZ7IQqMmoXjU4Cp+0eCYIxGCFuBBumJnw9DrA
TJKyAw3xWts8aFlV+fDkprzD7lbcdvZeODeUL8/5S7ZwlNt/VwvA11UaoInQqH3z
M99P22GBCLt//gXITv6TCmd2B2PVuHn9pc+8SI+k/Wg9cttIUvma+8F24LMXdlmW
0CJ5hvApzeXhA+B3jChv1D9IV7LK1rtttEG2R1e/GNZe78/dQ53k3zXTHCNcf+ea
nouolgkuHuYya8OxkafkT9ZAnzjRuYXev1bGFW6gCEw+HYltQQL2m3qkNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCz/+oaTFSnXZrVXgGiCKl8R/R9vMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvTFBfNmhwTVZLZGRtdFZlQWFJSXFYeEg5SDI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwleIMA0G
CSqGSIb3DQEBCwUAA4IBAQA2qgfqJxz0F3LmgjFr18BXihQ9SEXDzst17SLi3bAQ
6S6M5IY6MAKgXOeV8Fp3ZOsoNnik/6aqTW+nQ19K0PHnZKY+CyD8F/rsFyrxOQeC
5mqa8omGrveDhAA1vOYSTvMltaSpv6zj7rcqqWN8uj2VYpDeu6D90uQQLKuwJi6r
QBAGZcNXm10ku+tbWutVSbWEz1S0Ya/r9ae3HZ+8zt0wK2+D3QFmMIPNeQtywizJ
ks3pXs2j3OWicpkazgSaq2lur5c1R5OcR+aTBcAbSdEY0ubNBUEuKWCXQeRx9Yms
AWKBJPLqpPpOznPQrIWtTk8RJHAJsmbsT1pZvpBVPUjR
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:11:00 2025 by rpki-client