Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/lbCgHIjNFna4Ej2pgZuOz0Fi_kg.roa
File: lbCgHIjNFna4Ej2pgZuOz0Fi_kg.roa (raw, json)
Hash identifier: Mj3WW0qUrTzkdVrcQJZQOyMV/mRixctbsTwYgn6PL6c=
Subject key identifier: 95:B0:A0:1C:88:CD:16:76:B8:12:3D:A9:81:9B:8E:CF:41:62:FE:48
Certificate issuer: /CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Certificate serial: 018ACD4490297B37BFF243260D160FB349E5
Authority key identifier: 75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/lbCgHIjNFna4Ej2pgZuOz0Fi_kg.roa
Signing time: Mon 25 Sep 2023 16:55:37 +0000
ROA not before: Mon 25 Sep 2023 16:55:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 216358
IP address blocks: 185.177.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cd:44:90:29:7b:37:bf:f2:43:26:0d:16:0f:b3:49:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7554ac4c7f451c5bb9382fbcd46d70c4c0f9de56
Validity
Not Before: Sep 25 16:55:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95b0a01c88cd1676b8123da9819b8ecf4162fe48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:87:b6:61:09:13:d6:91:bb:42:8f:2d:23:25:
46:a1:99:59:60:c2:9f:fc:ed:47:31:af:cd:5f:c6:
0c:62:f5:e9:f8:3e:98:44:0e:69:3c:bd:49:0f:a8:
93:3c:5a:4a:85:31:bc:56:76:e1:91:f5:41:f4:0c:
05:43:c6:72:54:0c:4c:b9:e5:40:28:42:f2:38:08:
ad:7f:10:1f:1d:98:7a:8b:f3:b9:0a:77:87:7d:6c:
9d:5d:5e:e5:ef:f2:56:fc:4b:40:2d:20:55:2a:3d:
8d:7e:2c:d7:02:50:33:c0:12:fd:62:fc:a0:5d:7e:
b1:40:8d:8a:26:3a:bb:f9:3b:ba:66:4b:37:f0:64:
52:0d:eb:b2:04:4a:14:5c:5a:fb:e1:e3:a3:05:bf:
9e:cf:62:7f:dc:b6:7e:d2:39:34:9d:14:db:83:97:
11:0e:c0:b1:fc:d9:81:c6:92:db:36:11:e2:80:bf:
d9:bf:ff:c3:98:44:0c:82:0f:d2:1a:13:79:0b:ac:
fa:ad:68:28:4f:0e:b5:5a:c6:f2:bb:6a:18:54:7f:
3c:36:0c:7b:7d:31:40:16:3a:7b:73:55:47:ac:78:
58:15:a8:a9:ae:d8:a4:5b:8f:81:ac:88:53:51:1b:
ef:79:3f:e7:ea:58:92:a7:77:ff:a1:40:6c:e0:fb:
6f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B0:A0:1C:88:CD:16:76:B8:12:3D:A9:81:9B:8E:CF:41:62:FE:48
X509v3 Authority Key Identifier:
keyid:75:54:AC:4C:7F:45:1C:5B:B9:38:2F:BC:D4:6D:70:C4:C0:F9:DE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dVSsTH9FHFu5OC-81G1wxMD53lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/lbCgHIjNFna4Ej2pgZuOz0Fi_kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/87a00a-b6f6-4721-a828-d9337db39d1f/1/dVSsTH9FHFu5OC-81G1wxMD53lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.231.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:9e:d4:c0:0e:93:75:b5:8b:29:a6:47:50:4f:a1:2e:35:c6:
62:08:f0:06:45:d6:a9:87:f9:16:65:9c:d0:8d:3a:77:eb:a1:
94:9e:c0:0b:47:dd:86:e1:38:e7:8c:48:43:9e:d6:11:f0:c6:
7e:ad:bd:2d:4c:c3:11:ec:9c:02:24:b6:8d:11:37:80:b5:73:
41:56:b1:6e:64:de:ef:1a:16:73:89:f4:e5:6f:54:5a:e2:5d:
8f:2a:79:0a:84:96:05:ce:2e:39:7b:eb:15:75:46:c1:c8:56:
78:7d:fd:53:db:08:8e:79:3a:15:74:72:06:96:81:7f:a2:ac:
0b:57:c9:e8:7b:d7:f5:2b:dd:85:53:b4:76:01:55:0a:10:9f:
30:ec:14:32:82:35:71:b6:8c:bc:b3:92:40:92:63:2c:ba:5f:
76:29:53:a8:e8:ae:49:84:8a:b4:e8:b7:ac:44:04:72:78:f3:
cb:62:ef:cd:66:3e:c9:51:13:e7:13:23:94:df:48:b6:81:fc:
ee:d1:dc:e2:cf:d0:92:17:a3:85:d9:07:3b:cf:c5:ba:f7:30:
17:1e:16:fa:d7:c2:3a:a6:c7:f1:23:e3:7b:6f:75:25:6e:02:
8c:fd:dd:7f:ea:9f:c8:a6:ab:0f:0a:58:56:2e:27:6a:9e:16:
8b:a8:30:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrNRJApeze/8kMmDRYPs0nlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1NTRhYzRjN2Y0NTFjNWJiOTM4MmZiY2Q0NmQ3MGM0YzBm
OWRlNTYwHhcNMjMwOTI1MTY1NTM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWIwYTAxYzg4Y2QxNjc2YjgxMjNkYTk4MTliOGVjZjQxNjJmZTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYe2YQkT1pG7Qo8tIyVGoZlZYMKf
/O1HMa/NX8YMYvXp+D6YRA5pPL1JD6iTPFpKhTG8VnbhkfVB9AwFQ8ZyVAxMueVA
KELyOAitfxAfHZh6i/O5CneHfWydXV7l7/JW/EtALSBVKj2NfizXAlAzwBL9Yvyg
XX6xQI2KJjq7+Tu6Zks38GRSDeuyBEoUXFr74eOjBb+ez2J/3LZ+0jk0nRTbg5cR
DsCx/NmBxpLbNhHigL/Zv//DmEQMgg/SGhN5C6z6rWgoTw61Wsbyu2oYVH88Ngx7
fTFAFjp7c1VHrHhYFaiprtikW4+BrIhTURvveT/n6liSp3f/oUBs4PtviQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWwoByIzRZ2uBI9qYGbjs9BYv5IMB8GA1UdIwQY
MBaAFHVUrEx/RRxbuTgvvNRtcMTA+d5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4Mjgt
ZDkzMzdkYjM5ZDFmLzEvbGJDZ0hJak5GbmE0RWoycGdadU96MEZpX2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy84N2EwMGEtYjZmNi00NzIxLWE4MjgtZDkzMzdkYjM5ZDFm
LzEvZFZTc1RIOUZIRnU1T0MtODFHMXd4TUQ1M2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubHnMA0G
CSqGSIb3DQEBCwUAA4IBAQCqntTADpN1tYsppkdQT6EuNcZiCPAGRdaph/kWZZzQ
jTp366GUnsALR92G4TjnjEhDntYR8MZ+rb0tTMMR7JwCJLaNETeAtXNBVrFuZN7v
GhZzifTlb1Ra4l2PKnkKhJYFzi45e+sVdUbByFZ4ff1T2wiOeToVdHIGloF/oqwL
V8noe9f1K92FU7R2AVUKEJ8w7BQygjVxtoy8s5JAkmMsul92KVOo6K5JhIq06Les
RARyePPLYu/NZj7JURPnEyOU30i2gfzu0dziz9CSF6OF2Qc7z8W69zAXHhb618I6
psfxI+N7b3UlbgKM/d1/6p/IpqsPClhWLidqnhaLqDA0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:59:48 2025 by rpki-client