Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/LW7ablJXtJgToyBpcS0I9KggyXg.roa
File: LW7ablJXtJgToyBpcS0I9KggyXg.roa (raw, json)
Hash identifier: Ay3/jMd9KUPnkx7xF/PklQf6duea0xvkGIBkXHlv13k=
Subject key identifier: 2D:6E:DA:6E:52:57:B4:98:13:A3:20:69:71:2D:08:F4:A8:20:C9:78
Certificate issuer: /CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Certificate serial: 0185E2C4AAC63318D556F77E27798EA76E4F
Authority key identifier: 9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/LW7ablJXtJgToyBpcS0I9KggyXg.roa
Signing time: Tue 24 Jan 2023 07:53:37 +0000
ROA not before: Tue 24 Jan 2023 07:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12297
IP address blocks: 178.160.245.0/24 maxlen: 24
178.160.248.0/22 maxlen: 24
178.160.251.0/24 maxlen: 24
178.160.252.0/22 maxlen: 24
46.70.0.0/15 maxlen: 24
87.241.128.0/18 maxlen: 24
178.160.192.0/18 maxlen: 24
212.73.64.0/19 maxlen: 24
2a00:f38:0:111e::/64 maxlen: 64
2a00:f38:0:111c::/64 maxlen: 64
2a00:f38:0:111d::/64 maxlen: 64
2a00:f38::/29 maxlen: 48
2a00:f38:0:101d::/64 maxlen: 64
2a00:f38::/32 maxlen: 48
2a00:f38:0:111f::/64 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e2:c4:aa:c6:33:18:d5:56:f7:7e:27:79:8e:a7:6e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Validity
Not Before: Jan 24 07:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d6eda6e5257b49813a32069712d08f4a820c978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:33:9f:68:1a:35:9a:b7:e8:27:24:70:4f:
e2:81:a6:30:44:c1:37:8f:ba:79:25:e2:1c:ce:b0:
84:8a:aa:10:c3:d6:0c:af:ce:f9:7f:16:a0:9c:8a:
96:3a:5c:ab:6a:80:90:20:0a:12:a8:25:06:81:a9:
38:d6:df:63:9e:72:99:35:b3:23:c4:d0:0d:d7:ef:
4c:25:31:32:a0:60:16:cd:b7:21:fa:17:1c:31:48:
c2:1d:59:c8:29:e0:13:6e:68:a3:8b:05:03:07:f7:
88:9d:76:59:8a:8d:0e:bf:92:9e:eb:a5:bf:c7:4a:
11:52:a2:0d:ca:3c:97:a0:92:a3:62:be:6e:a5:0e:
4d:ca:34:62:f8:8f:e1:40:c3:3b:29:d2:5a:ae:53:
48:8f:c1:50:5e:b0:60:a5:fc:ef:23:fb:b1:7b:71:
4a:98:6b:34:db:36:ca:45:94:84:6e:ca:fb:8c:d8:
5c:6f:11:8e:f2:bc:5c:d2:ac:24:89:73:00:27:09:
0e:bc:30:84:c1:0e:9b:3e:b7:70:5e:e6:95:79:47:
a8:2e:3d:f2:94:50:e5:bf:c8:58:dc:61:91:e5:d0:
58:52:6f:b4:7b:3b:7d:32:7a:31:af:c9:06:6f:d5:
eb:22:fe:57:24:27:21:a2:7b:33:8a:aa:23:2e:20:
0f:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:6E:DA:6E:52:57:B4:98:13:A3:20:69:71:2D:08:F4:A8:20:C9:78
X509v3 Authority Key Identifier:
keyid:9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/LW7ablJXtJgToyBpcS0I9KggyXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/m_8VJ49T93YcLz0z3ZvneopPvZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.70.0.0/15
87.241.128.0/18
178.160.192.0/18
212.73.64.0/19
IPv6:
2a00:f38::/29
Signature Algorithm: sha256WithRSAEncryption
5e:4e:fc:fb:dc:d1:cd:f8:3b:19:64:e5:08:09:56:c5:fa:51:
6a:02:f5:b1:f3:d5:0b:b1:60:51:2b:b5:b0:fa:b3:7d:41:75:
d3:88:13:57:51:e2:f9:47:ae:64:f9:37:85:e1:50:52:36:11:
21:c6:b2:df:9f:a4:cc:b3:1f:44:3c:cc:c2:52:6f:d1:4f:40:
2f:41:8c:b6:c4:61:30:9c:9b:3e:5f:e3:8b:29:c0:5c:60:6a:
8f:cd:4d:5f:ab:9e:81:82:81:f9:28:ab:37:38:58:81:07:b4:
b0:77:b2:57:fd:64:86:67:27:d6:14:74:d9:ef:b3:ce:48:04:
97:ce:db:c2:ea:b9:22:0d:48:fd:0f:0e:1f:fe:6e:77:dd:87:
fd:2e:25:65:c0:cc:6f:3c:4f:f8:75:70:f2:52:a0:29:27:f0:
fc:35:a7:f9:4d:6e:a9:18:c9:4f:01:a2:0f:84:59:22:c8:b9:
72:f4:ad:69:a4:18:4f:15:8f:5a:14:d5:4f:a1:bf:29:48:d8:
51:78:b4:a3:24:e9:7e:82:66:99:46:ba:bb:08:9e:0f:0e:31:
4e:39:64:53:46:68:13:35:af:18:e8:c1:a5:ff:9a:fc:67:04:
fb:08:e3:c5:59:28:aa:9c:31:f1:aa:b8:72:be:6a:8e:27:32:
a6:87:72:ac
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXixKrGMxjVVvd+J3mOp25PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZmYxNTI3OGY1M2Y3NzYxYzJmM2QzM2RkOWJlNzdhOGE0
ZmJkOTQwHhcNMjMwMTI0MDc1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDZlZGE2ZTUyNTdiNDk4MTNhMzIwNjk3MTJkMDhmNGE4MjBjOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlIzn2gaNZq36CckcE/igaYwRME3
j7p5JeIczrCEiqoQw9YMr875fxagnIqWOlyraoCQIAoSqCUGgak41t9jnnKZNbMj
xNAN1+9MJTEyoGAWzbch+hccMUjCHVnIKeATbmijiwUDB/eInXZZio0Ov5Ke66W/
x0oRUqINyjyXoJKjYr5upQ5NyjRi+I/hQMM7KdJarlNIj8FQXrBgpfzvI/uxe3FK
mGs02zbKRZSEbsr7jNhcbxGO8rxc0qwkiXMAJwkOvDCEwQ6bPrdwXuaVeUeoLj3y
lFDlv8hY3GGR5dBYUm+0ezt9Mnoxr8kGb9XrIv5XJCchonsziqojLiAPHQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFC1u2m5SV7SYE6MgaXEtCPSoIMl4MB8GA1UdIwQY
MBaAFJv/FSePU/d2HC89M92b53qKT72UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDIt
NTY5NzI0OWY1MTI0LzEvTFc3YWJsSlh0SmdUb3lCcGNTMEk5S2dneVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDItNTY5NzI0OWY1MTI0
LzEvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBLkYDBAZX
8YADBAayoMADBAXUSUAwDQQCAAIwBwMFAyoADzgwDQYJKoZIhvcNAQELBQADggEB
AF5O/Pvc0c34Oxlk5QgJVsX6UWoC9bHz1QuxYFErtbD6s31BddOIE1dR4vlHrmT5
N4XhUFI2ESHGst+fpMyzH0Q8zMJSb9FPQC9BjLbEYTCcmz5f44spwFxgao/NTV+r
noGCgfkoqzc4WIEHtLB3slf9ZIZnJ9YUdNnvs85IBJfO28LquSINSP0PDh/+bnfd
h/0uJWXAzG88T/h1cPJSoCkn8Pw1p/lNbqkYyU8Bog+EWSLIuXL0rWmkGE8Vj1oU
1U+hvylI2FF4tKMk6X6CZplGursIng8OMU45ZFNGaBM1rxjowaX/mvxnBPsI48VZ
KKqcMfGquHK+ao4nMqaHcqw=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:31 2025 by rpki-client