Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/lHEgxwF3-G09AKpggj5l6ocbaUg.roa
File: lHEgxwF3-G09AKpggj5l6ocbaUg.roa (raw, json)
Hash identifier: YvoMfRKxzThqx+gYP+tBAkmXNpE1k/jLOfUc2ADNYvs=
Subject key identifier: 94:71:20:C7:01:77:F8:6D:3D:00:AA:60:82:3E:65:EA:87:1B:69:48
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018ADFFDB1F8CD2288A49084E0E3E2FDD5B0
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/lHEgxwF3-G09AKpggj5l6ocbaUg.roa
Signing time: Fri 29 Sep 2023 08:10:59 +0000
ROA not before: Fri 29 Sep 2023 08:10:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 139853
IP address blocks: 91.222.134.0/24 maxlen: 24
149.20.127.0/24 maxlen: 24
149.20.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:fd:b1:f8:cd:22:88:a4:90:84:e0:e3:e2:fd:d5:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 29 08:10:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=947120c70177f86d3d00aa60823e65ea871b6948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9e:f0:87:fb:28:19:e6:90:e3:24:87:7f:26:
e0:91:bb:cf:e8:c4:76:a0:30:8d:60:22:03:7f:35:
e4:92:57:c7:2d:b0:04:9d:4e:a1:65:c7:8b:87:b0:
4d:93:8a:60:24:1b:f5:c9:c8:c8:2e:f9:13:9b:17:
d8:c1:a3:58:c8:43:c5:91:40:33:46:e6:33:ed:4a:
d6:34:a9:bf:e2:d8:fb:83:3b:b0:60:b5:79:3a:e3:
05:81:ae:64:5d:c6:14:db:84:8e:7d:53:37:aa:37:
db:3e:fb:6c:51:5d:93:8d:9b:38:5f:be:c0:d0:bb:
4e:b4:23:49:70:49:77:50:f3:11:3a:95:61:4f:1e:
1c:37:f5:4e:dd:f5:a4:b9:98:b4:f1:bf:85:32:47:
50:9f:9e:5f:a4:75:3c:d3:2a:aa:11:4c:be:cb:09:
cb:83:38:e8:bf:a0:70:e9:4c:0c:9b:66:15:60:35:
d7:88:f6:7d:e2:3f:4d:9c:8b:6b:70:d9:93:73:d8:
9b:b9:4b:dd:fb:d0:18:98:87:4b:26:15:41:25:06:
8a:a5:b8:58:5f:6f:ed:16:74:df:09:1b:a9:b2:6a:
59:4b:1d:f4:0c:ec:48:7b:3d:15:33:18:b9:31:92:
e8:98:cc:94:08:11:ce:62:90:6f:08:d8:d2:52:2a:
e5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:71:20:C7:01:77:F8:6D:3D:00:AA:60:82:3E:65:EA:87:1B:69:48
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/lHEgxwF3-G09AKpggj5l6ocbaUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.222.134.0/24
149.20.126.0/23
Signature Algorithm: sha256WithRSAEncryption
60:fe:71:2f:e3:31:e7:1b:8b:c1:cc:5d:95:d5:27:45:54:1a:
22:16:de:f5:db:f5:98:cd:9a:e2:58:38:96:b0:e6:ed:1f:d9:
d4:1a:89:aa:c4:7c:ca:e7:af:e9:4c:20:76:7b:2e:0b:ae:15:
18:19:2b:6f:28:aa:f9:d4:56:b5:7e:3d:8a:b4:bf:43:57:3d:
02:a7:2a:8a:0c:87:77:14:a6:62:e9:1f:38:28:93:e9:f9:4a:
8b:64:65:6d:51:ff:bf:49:bf:a6:b5:42:23:2c:a6:91:2a:d4:
53:db:a0:42:bc:2a:35:b3:a5:d3:cc:13:21:1b:f7:8f:de:e3:
4b:77:a6:44:97:0e:5a:fa:fe:bb:c7:07:52:3e:22:98:34:35:
fb:bf:6d:ff:c8:34:e0:99:5d:cb:be:c4:9e:78:20:5e:70:a5:
59:ca:53:c1:58:5e:1c:54:e0:7f:d9:c8:84:d3:58:14:52:3e:
45:9a:35:cf:df:42:28:a1:15:9a:41:e9:aa:ac:46:cb:7b:5b:
ea:98:57:c3:60:92:a3:13:59:7e:49:09:6e:b8:28:84:60:e8:
2a:31:d6:84:8e:90:b6:61:a7:ba:a6:1a:06:dc:ef:c5:a4:c4:
a4:20:f1:09:a1:f8:b2:b8:49:94:19:d0:e3:78:4a:28:4d:4d:
ae:a5:8e:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrf/bH4zSKIpJCE4OPi/dWwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTI5MDgxMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDcxMjBjNzAxNzdmODZkM2QwMGFhNjA4MjNlNjVlYTg3MWI2OTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZ7wh/soGeaQ4ySHfybgkbvP6MR2
oDCNYCIDfzXkklfHLbAEnU6hZceLh7BNk4pgJBv1ycjILvkTmxfYwaNYyEPFkUAz
RuYz7UrWNKm/4tj7gzuwYLV5OuMFga5kXcYU24SOfVM3qjfbPvtsUV2TjZs4X77A
0LtOtCNJcEl3UPMROpVhTx4cN/VO3fWkuZi08b+FMkdQn55fpHU80yqqEUy+ywnL
gzjov6Bw6UwMm2YVYDXXiPZ94j9NnItrcNmTc9ibuUvd+9AYmIdLJhVBJQaKpbhY
X2/tFnTfCRupsmpZSx30DOxIez0VMxi5MZLomMyUCBHOYpBvCNjSUirlQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJRxIMcBd/htPQCqYII+ZeqHG2lIMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvbEhFZ3h3RjMtRzA5QUtwZ2dqNWw2b2NiYVVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW96GAwQB
lRR+MA0GCSqGSIb3DQEBCwUAA4IBAQBg/nEv4zHnG4vBzF2V1SdFVBoiFt712/WY
zZriWDiWsObtH9nUGomqxHzK56/pTCB2ey4LrhUYGStvKKr51Fa1fj2KtL9DVz0C
pyqKDId3FKZi6R84KJPp+UqLZGVtUf+/Sb+mtUIjLKaRKtRT26BCvCo1s6XTzBMh
G/eP3uNLd6ZElw5a+v67xwdSPiKYNDX7v23/yDTgmV3LvsSeeCBecKVZylPBWF4c
VOB/2ciE01gUUj5FmjXP30IooRWaQemqrEbLe1vqmFfDYJKjE1l+SQluuCiEYOgq
MdaEjpC2Yae6phoG3O/FpMSkIPEJofiyuEmUGdDjeEooTU2upY5m
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:24:07 2025 by rpki-client