Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/lAhgwraKEmtb9XTIm-QU0XyvBf4.roa
File: lAhgwraKEmtb9XTIm-QU0XyvBf4.roa (raw, json)
Hash identifier: wDZ5YrRn5Su6DUKYNHZTzbY7+AKYnzPULpjKBV0KCh0=
Subject key identifier: 94:08:60:C2:B6:8A:12:6B:5B:F5:74:C8:9B:E4:14:D1:7C:AF:05:FE
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01856D8B052068DF45B47544DEB41723DB52
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/lAhgwraKEmtb9XTIm-QU0XyvBf4.roa
Signing time: Sun 01 Jan 2023 13:35:05 +0000
ROA not before: Sun 01 Jan 2023 13:35:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41521
IP address blocks: 194.209.55.0/24 maxlen: 24
194.209.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:8b:05:20:68:df:45:b4:75:44:de:b4:17:23:db:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 13:35:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=940860c2b68a126b5bf574c89be414d17caf05fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:12:f4:3d:23:bd:7b:a2:e4:a3:cb:34:c1:58:
8d:2a:34:6a:3c:7b:d4:44:ab:f9:d5:d7:c9:1f:97:
2d:aa:fe:c3:5d:ad:b6:66:20:b2:ed:0d:ae:b7:b0:
6c:4d:4e:f0:ce:49:f0:61:18:19:2b:5b:3b:c4:2c:
71:a2:e5:ca:cd:a9:86:f8:23:17:f5:d0:07:db:53:
da:16:7c:e7:5e:d8:72:0b:3f:c4:ab:0c:08:9f:a8:
ac:95:29:45:59:56:4f:e1:6a:46:f1:bb:9a:dc:85:
55:7e:45:66:fd:6b:db:35:da:24:44:66:06:fc:6f:
4e:4a:19:7f:56:2a:c5:2a:1d:6f:ad:6b:f6:8d:2b:
fa:df:52:13:4d:58:d4:1e:ef:6c:0d:9a:6d:7f:c0:
d2:f0:fd:08:c3:86:d9:50:13:c9:2c:af:8d:ae:88:
86:4f:e1:9d:aa:ba:27:89:6c:48:b0:10:9e:19:9f:
1b:de:bd:04:b4:59:d8:43:82:70:6e:d0:6d:43:25:
3e:28:e8:c2:8b:27:70:14:4a:83:8e:fb:a2:f9:0f:
f6:23:8e:bb:42:9a:db:40:71:78:f3:0f:91:a9:89:
03:c4:b7:13:1c:a3:c1:e6:74:b5:2c:ce:49:9d:f7:
05:f3:ca:7b:6b:9f:f9:c6:3f:b7:50:55:30:fc:4d:
88:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:08:60:C2:B6:8A:12:6B:5B:F5:74:C8:9B:E4:14:D1:7C:AF:05:FE
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/lAhgwraKEmtb9XTIm-QU0XyvBf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.209.55.0/24
194.209.69.0/24
Signature Algorithm: sha256WithRSAEncryption
12:c7:8d:3b:ad:db:54:94:8c:93:17:b0:a9:38:b4:f6:e1:4b:
37:92:f1:2d:4a:b2:47:7f:db:d4:8b:41:88:bc:5a:ef:43:f0:
f1:d1:35:c8:fc:9b:07:c7:ce:50:6d:6a:e3:61:34:9d:c8:ba:
2b:69:3c:d7:16:70:f3:1b:9d:1d:fb:cd:bd:3d:d3:24:b3:2e:
71:1a:86:6b:df:74:d5:e7:1b:4a:dc:1a:37:a5:e7:e0:49:b9:
75:6c:8f:9f:92:5a:98:55:e4:eb:6b:1c:23:85:fe:93:85:b5:
61:bd:68:15:9a:05:47:69:ec:3d:93:c3:56:39:ff:f7:47:17:
19:d4:2a:b0:1f:d6:f0:44:b5:a8:9e:e5:18:fe:e9:2e:b4:da:
f0:a8:7e:62:8a:69:6e:32:ec:01:34:96:0a:e1:eb:db:f9:d7:
9e:d3:4c:20:29:de:d5:0f:73:95:51:89:f5:c2:da:01:0b:a1:
de:24:a2:a3:0f:10:03:52:0f:f4:cc:0b:96:3f:3a:db:85:31:
df:da:f6:78:ca:de:74:ea:ab:51:97:73:59:2d:89:00:2a:01:
84:45:e2:8b:38:e5:97:99:62:14:80:3d:5c:ce:b8:e7:78:46:
77:9b:9b:bc:07:2b:3f:1d:09:09:b7:84:8c:e3:fc:aa:a9:39:
05:6e:80:05
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtiwUgaN9FtHVE3rQXI9tSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjMwMTAxMTMzNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA4NjBjMmI2OGExMjZiNWJmNTc0Yzg5YmU0MTRkMTdjYWYwNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhL0PSO9e6Lko8s0wViNKjRqPHvU
RKv51dfJH5ctqv7DXa22ZiCy7Q2ut7BsTU7wzknwYRgZK1s7xCxxouXKzamG+CMX
9dAH21PaFnznXthyCz/EqwwIn6islSlFWVZP4WpG8bua3IVVfkVm/WvbNdokRGYG
/G9OShl/VirFKh1vrWv2jSv631ITTVjUHu9sDZptf8DS8P0Iw4bZUBPJLK+NroiG
T+GdqroniWxIsBCeGZ8b3r0EtFnYQ4JwbtBtQyU+KOjCiydwFEqDjvui+Q/2I467
QprbQHF48w+RqYkDxLcTHKPB5nS1LM5JnfcF88p7a5/5xj+3UFUw/E2IqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJQIYMK2ihJrW/V0yJvkFNF8rwX+MB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvbEFoZ3dyYUtFbXRiOVhUSW0tUVUwWHl2QmY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwtE3AwQA
wtFFMA0GCSqGSIb3DQEBCwUAA4IBAQASx407rdtUlIyTF7CpOLT24Us3kvEtSrJH
f9vUi0GIvFrvQ/Dx0TXI/JsHx85QbWrjYTSdyLoraTzXFnDzG50d+829PdMksy5x
GoZr33TV5xtK3Bo3pefgSbl1bI+fklqYVeTraxwjhf6ThbVhvWgVmgVHaew9k8NW
Of/3RxcZ1CqwH9bwRLWonuUY/ukutNrwqH5iimluMuwBNJYK4evb+dee00wgKd7V
D3OVUYn1wtoBC6HeJKKjDxADUg/0zAuWPzrbhTHf2vZ4yt506qtRl3NZLYkAKgGE
ReKLOOWXmWIUgD1czrjneEZ3m5u8Bys/HQkJt4SM4/yqqTkFboAF
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:35:33 2025 by rpki-client