Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/LVXTKzxqOSwzaHA1eiFS43C6KPU.roa
File: LVXTKzxqOSwzaHA1eiFS43C6KPU.roa (raw, json)
Hash identifier: EG+yekhOYbqfc6DgRLYJ98VfIZg+HRBQKJ1vX8wcMLg=
Subject key identifier: 2D:55:D3:2B:3C:6A:39:2C:33:68:70:35:7A:21:52:E3:70:BA:28:F5
Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Certificate serial: 1C3CF86C
Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/LVXTKzxqOSwzaHA1eiFS43C6KPU.roa
Signing time: Sat 01 Jan 2022 14:57:59 +0000
ROA not before: Sat 01 Jan 2022 14:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61025
IP address blocks: 185.17.236.0/23 maxlen: 23
2a03:dd40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473757804 (0x1c3cf86c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Validity
Not Before: Jan 1 14:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d55d32b3c6a392c336870357a2152e370ba28f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f2:67:50:80:56:cf:89:07:f5:41:de:cc:82:
50:e1:ec:17:05:34:b5:87:5b:c8:d9:dc:f7:6e:90:
bb:12:7c:cc:a0:40:07:e4:d5:55:f6:21:bb:8a:c7:
78:f9:fb:ed:88:05:c2:f4:e0:ba:1f:7d:25:d2:82:
83:59:bb:f6:8c:78:66:4b:4e:28:59:34:bf:b2:c3:
19:66:5a:1b:73:2a:4d:8a:a2:36:ac:27:4f:c3:51:
0a:63:26:61:f8:f9:ed:a1:d4:76:13:b2:f6:24:a7:
82:df:c0:2c:ff:af:4d:e2:39:bf:a7:5f:76:4a:d7:
c8:6c:61:30:de:90:37:70:34:45:92:d2:48:b6:62:
69:51:93:a7:0e:b7:d3:04:af:15:1f:0a:42:c3:3c:
74:e8:92:0e:61:30:fe:94:c5:23:3e:98:14:47:50:
92:19:1d:f1:cb:1a:2a:2d:1a:50:db:51:da:e9:46:
7c:de:83:9e:12:2b:63:7e:8c:6f:92:24:0d:35:a7:
d4:e0:8f:75:3f:2f:d7:4b:5a:e3:04:5c:7b:c1:de:
4d:1b:80:96:7a:ee:83:4b:27:99:f3:12:fe:4c:10:
d6:29:5c:44:36:1f:ba:e8:b5:d5:c3:ab:cb:4a:6b:
28:91:bc:2d:43:69:e9:84:22:ab:32:1c:0c:cf:40:
8e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:55:D3:2B:3C:6A:39:2C:33:68:70:35:7A:21:52:E3:70:BA:28:F5
X509v3 Authority Key Identifier:
keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/LVXTKzxqOSwzaHA1eiFS43C6KPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.236.0/23
IPv6:
2a03:dd40::/32
Signature Algorithm: sha256WithRSAEncryption
3d:68:6f:e0:1f:6e:9f:fa:e1:cb:e6:ba:27:23:0d:d0:6a:90:
4b:80:56:73:e7:72:d4:cf:2a:8f:69:32:19:ba:ef:23:30:10:
a4:61:54:c0:9b:d1:15:68:47:99:05:28:e7:8d:a2:4c:4e:dd:
a2:c3:75:ee:03:1a:63:cc:c1:40:76:ae:08:64:d8:1f:03:97:
92:31:2c:8c:b1:69:ab:8d:04:25:7b:6e:b7:4c:db:15:f4:39:
b6:70:0e:8c:0f:57:b0:d8:e3:58:61:97:76:12:ee:3f:ad:a9:
f5:0b:64:69:a8:6f:f2:3c:a3:72:f8:ed:34:ae:60:e8:7f:aa:
ce:73:ec:05:4b:7e:9d:8c:5c:13:29:f9:f2:a0:5b:7a:62:52:
2c:35:d7:89:09:e2:1b:1f:ec:8b:c0:aa:cb:b8:a4:45:88:6e:
f8:12:b5:6a:89:13:4a:80:46:56:6c:b7:53:37:05:0c:a5:c8:
5a:02:d8:a8:0d:21:8a:23:e6:26:22:c5:d0:96:05:2b:13:97:
b5:32:9f:77:72:bc:0c:e1:bf:46:ac:60:34:29:cf:cf:4b:3c:
c9:17:fa:af:18:d4:d5:b9:84:61:60:80:ec:2c:64:07:1d:12:
11:f6:96:de:b5:44:93:0c:4c:e0:94:bd:f9:58:0a:3b:f4:4b:
50:66:3c:62
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHDz4bDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzQ5YWNhODVkYzY2YzgzY2U1NWVjZGMwNDVjOTYwNzVjYTdkZWJjMB4XDTIyMDEw
MTE0NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmQ1NWQzMmIzYzZh
MzkyYzMzNjg3MDM1N2EyMTUyZTM3MGJhMjhmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANbyZ1CAVs+JB/VB3syCUOHsFwU0tYdbyNnc926QuxJ8zKBA
B+TVVfYhu4rHePn77YgFwvTguh99JdKCg1m79ox4ZktOKFk0v7LDGWZaG3MqTYqi
NqwnT8NRCmMmYfj57aHUdhOy9iSngt/ALP+vTeI5v6dfdkrXyGxhMN6QN3A0RZLS
SLZiaVGTpw630wSvFR8KQsM8dOiSDmEw/pTFIz6YFEdQkhkd8csaKi0aUNtR2ulG
fN6DnhIrY36Mb5IkDTWn1OCPdT8v10ta4wRce8HeTRuAlnrug0snmfMS/kwQ1ilc
RDYfuui11cOry0prKJG8LUNp6YQiqzIcDM9AjnsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQtVdMrPGo5LDNocDV6IVLjcLoo9TAfBgNVHSMEGDAWgBSnSayoXcZsg85V
7NwEXJYHXKfevDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AwbXNxRjNHYklQT1ZlemNCRnlXQjF5bjNydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvMzNlNTA4LTEyN2QtNDk0Ni1iM2NjLTRjOWY0M2Y4NzhhYi8x
L0xWWFRLenhxT1N3emFIQTFlaUZTNDNDNktQVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
MzNlNTA4LTEyN2QtNDk0Ni1iM2NjLTRjOWY0M2Y4NzhhYi8xL3AwbXNxRjNHYklQ
T1ZlemNCRnlXQjF5bjNydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbkR7DANBAIAAjAHAwUAKgPdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAPWhv4B9un/rhy+a6JyMN0GqQS4BWc+dy1M8qj2ky
GbrvIzAQpGFUwJvRFWhHmQUo542iTE7dosN17gMaY8zBQHauCGTYHwOXkjEsjLFp
q40EJXtut0zbFfQ5tnAOjA9XsNjjWGGXdhLuP62p9Qtkaahv8jyjcvjtNK5g6H+q
znPsBUt+nYxcEyn58qBbemJSLDXXiQniGx/si8Cqy7ikRYhu+BK1aokTSoBGVmy3
UzcFDKXIWgLYqA0hiiPmJiLF0JYFKxOXtTKfd3K8DOG/RqxgNCnPz0s8yRf6rxjU
1bmEYWCA7CxkBx0SEfaW3rVEkwxM4JS9+VgKO/RLUGY8Yg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:38 2025 by rpki-client