Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/LqDSrEx2Z2NTyVHfoVLzT305ZCE.roa
File: LqDSrEx2Z2NTyVHfoVLzT305ZCE.roa (raw, json)
Hash identifier: LZ9jU595P2qOvAkQtTILCfIAFXj6KVOkJ8NH8peIhpA=
Subject key identifier: 2E:A0:D2:AC:4C:76:67:63:53:C9:51:DF:A1:52:F3:4F:7D:39:64:21
Certificate issuer: /CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Certificate serial: 0186B632FE68E57EFF3A44F1F9448742B1B2
Authority key identifier: 1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/LqDSrEx2Z2NTyVHfoVLzT305ZCE.roa
Signing time: Mon 06 Mar 2023 09:14:00 +0000
ROA not before: Mon 06 Mar 2023 09:14:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29031
IP address blocks: 195.69.200.0/22 maxlen: 22
193.239.24.0/24 maxlen: 24
193.239.27.0/24 maxlen: 24
193.239.26.0/24 maxlen: 24
195.3.132.0/23 maxlen: 23
91.201.108.0/22 maxlen: 22
195.3.134.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:b6:32:fe:68:e5:7e:ff:3a:44:f1:f9:44:87:42:b1:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e47e2bf3974721eafbfb8c31fc5273039d505f3
Validity
Not Before: Mar 6 09:14:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ea0d2ac4c76676353c951dfa152f34f7d396421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a2:c0:41:5c:48:59:ee:23:e2:5b:f0:42:fa:
84:32:a2:6a:9f:80:e5:51:81:b0:b4:4d:91:a6:d8:
13:99:55:3c:1d:f6:38:c6:d7:1c:8f:8d:9e:be:f9:
81:54:26:41:5a:ea:6a:80:1e:71:a8:19:51:72:8a:
91:a9:a7:12:40:12:cb:42:7b:e0:94:e4:d9:de:51:
4f:ec:70:81:db:34:12:c1:cf:60:84:50:ab:dd:fb:
52:cd:dd:f3:82:85:0a:00:9b:00:89:b7:99:52:c6:
41:97:64:65:c9:95:43:45:72:6b:ff:d8:44:4e:f8:
e1:6c:a9:49:5a:b2:2d:29:2a:aa:d6:c7:78:4a:41:
7d:72:7e:35:a2:aa:00:86:b5:74:71:46:cb:b5:db:
44:f9:cb:c5:a3:26:7e:98:17:90:dc:4c:6b:28:12:
ba:2c:2d:3d:cf:19:be:2e:62:11:d4:13:20:81:6a:
89:91:82:12:12:0e:da:59:e3:bf:f4:ef:b8:c3:22:
2b:1c:47:de:2e:84:9f:99:32:a3:01:f9:85:b7:3e:
7b:3d:c4:12:bd:25:3b:bc:ad:8e:a3:3d:c8:88:15:
8a:28:50:2b:19:61:e0:de:30:07:19:43:81:cb:1e:
61:1a:ed:b0:ee:f6:3a:47:35:37:80:f7:b9:1d:9b:
3e:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A0:D2:AC:4C:76:67:63:53:C9:51:DF:A1:52:F3:4F:7D:39:64:21
X509v3 Authority Key Identifier:
keyid:1E:47:E2:BF:39:74:72:1E:AF:BF:B8:C3:1F:C5:27:30:39:D5:05:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hkfivzl0ch6vv7jDH8UnMDnVBfM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/LqDSrEx2Z2NTyVHfoVLzT305ZCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/afa106-6af8-4310-b4d4-e369d6602e6f/1/Hkfivzl0ch6vv7jDH8UnMDnVBfM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.108.0/22
193.239.24.0/24
193.239.26.0/23
195.3.132.0/22
195.69.200.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:37:a7:d7:be:03:44:40:6e:3a:82:70:46:76:8b:c0:13:3b:
71:58:f1:4c:1a:b4:83:cb:40:2f:ed:88:60:b8:18:9a:75:81:
01:ca:7f:ec:99:46:fc:78:62:3c:eb:8b:6d:aa:a8:36:82:1f:
40:28:c1:85:19:b4:66:ef:24:05:01:d0:85:07:3d:a0:5c:42:
0b:18:28:1d:45:d0:4d:4d:87:71:8a:c6:8b:5b:78:10:76:e4:
b0:87:43:97:b9:4f:e4:c1:76:32:ba:25:0e:68:32:d4:63:4c:
44:8d:cf:0c:c7:37:5a:a7:9f:b6:02:f8:ba:63:7b:1a:95:31:
88:57:af:5c:4c:1b:57:98:d7:bb:b1:d3:e3:78:ca:73:9e:68:
90:48:8d:9a:2a:98:84:4a:5a:2e:90:2a:4c:6b:64:5b:f3:81:
d5:fc:e9:2f:38:1f:dd:51:b9:0c:e9:63:15:03:01:d5:7d:a6:
2b:ea:e2:a4:31:ee:c1:a4:2f:99:3e:0e:0b:e7:6c:52:0d:81:
2a:9d:18:fd:80:1b:5b:74:d7:43:e2:fe:28:ca:e1:3e:76:ab:
61:7a:53:b5:ec:bd:e2:81:5e:eb:95:ad:5e:1d:0a:28:8d:97:
50:37:02:54:c6:8d:8c:5c:11:21:08:83:d3:ff:bf:49:3a:8c:
91:e0:3d:de
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYa2Mv5o5X7/OkTx+USHQrGyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNDdlMmJmMzk3NDcyMWVhZmJmYjhjMzFmYzUyNzMwMzlk
NTA1ZjMwHhcNMjMwMzA2MDkxNDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWEwZDJhYzRjNzY2NzYzNTNjOTUxZGZhMTUyZjM0ZjdkMzk2NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqLAQVxIWe4j4lvwQvqEMqJqn4Dl
UYGwtE2RptgTmVU8HfY4xtccj42evvmBVCZBWupqgB5xqBlRcoqRqacSQBLLQnvg
lOTZ3lFP7HCB2zQSwc9ghFCr3ftSzd3zgoUKAJsAibeZUsZBl2RlyZVDRXJr/9hE
TvjhbKlJWrItKSqq1sd4SkF9cn41oqoAhrV0cUbLtdtE+cvFoyZ+mBeQ3ExrKBK6
LC09zxm+LmIR1BMggWqJkYISEg7aWeO/9O+4wyIrHEfeLoSfmTKjAfmFtz57PcQS
vSU7vK2Ooz3IiBWKKFArGWHg3jAHGUOByx5hGu2w7vY6RzU3gPe5HZs+YQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC6g0qxMdmdjU8lR36FS8099OWQhMB8GA1UdIwQY
MBaAFB5H4r85dHIer7+4wx/FJzA51QXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQt
ZTM2OWQ2NjAyZTZmLzEvTHFEU3JFeDJaMk5UeVZIZm9WTHpUMzA1WkNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9hZmExMDYtNmFmOC00MzEwLWI0ZDQtZTM2OWQ2NjAyZTZm
LzEvSGtmaXZ6bDBjaDZ2djdqREg4VW5NRG5WQmZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW8lsAwQA
we8YAwQBwe8aAwQCwwOEAwQCw0XIMA0GCSqGSIb3DQEBCwUAA4IBAQB+N6fXvgNE
QG46gnBGdovAEztxWPFMGrSDy0Av7YhguBiadYEByn/smUb8eGI864ttqqg2gh9A
KMGFGbRm7yQFAdCFBz2gXEILGCgdRdBNTYdxisaLW3gQduSwh0OXuU/kwXYyuiUO
aDLUY0xEjc8Mxzdap5+2Avi6Y3salTGIV69cTBtXmNe7sdPjeMpznmiQSI2aKpiE
SloukCpMa2Rb84HV/OkvOB/dUbkM6WMVAwHVfaYr6uKkMe7BpC+ZPg4L52xSDYEq
nRj9gBtbdNdD4v4oyuE+dqthelO17L3igV7rla1eHQoojZdQNwJUxo2MXBEhCIPT
/79JOoyR4D3e
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:21:37 2025 by rpki-client