Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/LO9RUp2fp1hYcmmdW_dvtnlWG6E.roa
File: LO9RUp2fp1hYcmmdW_dvtnlWG6E.roa (raw, json)
Hash identifier: JPMYceLSDqKS/zx/uqg1BsxUY0Y13VDFLTsXTx3D30E=
Subject key identifier: 2C:EF:51:52:9D:9F:A7:58:58:72:69:9D:5B:F7:6F:B6:79:56:1B:A1
Certificate issuer: /CN=dfb8d9140502c9e035305189bf658234db14f54c
Certificate serial: 018842C8F0208093BBF090E68CBEDD43B943
Authority key identifier: DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/LO9RUp2fp1hYcmmdW_dvtnlWG6E.roa
Signing time: Mon 22 May 2023 09:27:24 +0000
ROA not before: Mon 22 May 2023 09:27:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212175
IP address blocks: 194.110.239.0/24 maxlen: 24
185.225.9.0/24 maxlen: 24
2a12:df40::/29 maxlen: 64
2a10:9e80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:42:c8:f0:20:80:93:bb:f0:90:e6:8c:be:dd:43:b9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dfb8d9140502c9e035305189bf658234db14f54c
Validity
Not Before: May 22 09:27:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cef51529d9fa7585872699d5bf76fb679561ba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f0:b3:22:3a:b0:9e:73:a3:ea:c1:6b:49:02:
27:f2:1a:e8:35:06:86:94:8b:7a:7d:57:d1:67:a8:
b0:9f:c8:9b:8a:18:88:05:04:68:fc:dd:fe:8b:c9:
a4:40:24:19:5e:27:31:24:8b:39:62:b2:28:72:39:
6a:97:52:5a:db:48:fb:c0:07:ec:f9:1f:d3:63:7b:
38:5d:45:64:a0:db:fd:3a:36:47:7a:4c:aa:06:81:
3e:39:06:e6:f6:b8:59:0d:e1:52:31:66:64:81:51:
73:3b:2d:a9:05:75:a5:d9:0f:8e:31:56:bf:ed:6f:
02:94:9d:49:8d:0f:36:a4:f6:d9:a4:83:2d:89:85:
bc:79:f9:dd:34:d4:37:2a:01:0b:a7:59:77:22:1e:
c1:a0:60:ac:c1:7f:8b:b6:e4:a3:3e:61:f4:91:63:
1a:b9:db:90:61:1d:a5:9f:c1:c3:8a:d5:46:7e:63:
34:83:10:e1:2a:bd:11:88:c8:72:34:83:9c:48:b5:
a7:ff:2a:37:f6:3d:55:86:bb:1f:e0:a1:55:98:1b:
b9:9d:b4:bf:c4:f3:70:a2:a9:1c:cf:95:63:d4:e5:
8c:c8:52:5b:3c:83:70:5c:08:f6:10:6e:bc:11:ea:
b5:0a:b1:0d:f1:03:d1:87:2b:7b:18:07:b7:1c:a4:
46:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:EF:51:52:9D:9F:A7:58:58:72:69:9D:5B:F7:6F:B6:79:56:1B:A1
X509v3 Authority Key Identifier:
keyid:DF:B8:D9:14:05:02:C9:E0:35:30:51:89:BF:65:82:34:DB:14:F5:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/37jZFAUCyeA1MFGJv2WCNNsU9Uw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/LO9RUp2fp1hYcmmdW_dvtnlWG6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/62a947-cfb8-4d3d-b308-41e73c1ebae1/1/37jZFAUCyeA1MFGJv2WCNNsU9Uw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.9.0/24
194.110.239.0/24
IPv6:
2a10:9e80::/29
2a12:df40::/29
Signature Algorithm: sha256WithRSAEncryption
23:84:7e:1e:e2:fa:13:a7:99:51:a5:21:7c:02:88:46:7a:ab:
c1:45:cc:e6:7a:cd:37:93:77:bc:d8:90:dd:11:18:14:01:63:
7b:ad:22:80:dc:18:fc:12:aa:55:4e:15:dc:0e:30:ad:74:e1:
09:86:57:ff:9b:a8:7a:66:86:bd:57:d5:95:e9:06:e1:52:bb:
8c:21:63:36:65:7c:90:9b:b1:91:f3:28:6e:68:36:a6:12:cb:
82:1e:19:16:5a:cf:70:e6:1d:8f:88:9f:49:8d:b3:62:86:7a:
47:bc:65:c2:cd:4c:52:ea:e0:c2:45:bd:b3:3c:03:c0:de:9f:
58:b3:02:0f:b1:1d:b0:97:28:d1:55:4a:f0:91:b7:30:f0:f8:
c6:c8:19:bc:5e:82:e4:00:21:1b:3d:b7:d7:a9:c1:c2:10:e8:
09:be:09:44:a5:9e:ae:5d:25:31:23:c5:4a:5e:8a:67:d3:2e:
8b:b0:3d:1e:8d:00:51:a4:ad:15:9c:b2:00:0b:c2:96:56:1b:
f5:db:77:7b:89:45:51:70:f2:94:12:c7:fa:09:43:78:79:d0:
96:b1:60:58:ac:d0:48:8f:74:f9:49:33:89:5b:00:29:ee:b3:
b3:fa:ba:20:d9:09:ef:a8:90:1d:0a:68:e2:a9:a0:7e:c4:6d:
42:c5:2b:cd
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYhCyPAggJO78JDmjL7dQ7lDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmYjhkOTE0MDUwMmM5ZTAzNTMwNTE4OWJmNjU4MjM0ZGIx
NGY1NGMwHhcNMjMwNTIyMDkyNzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2VmNTE1MjlkOWZhNzU4NTg3MjY5OWQ1YmY3NmZiNjc5NTYxYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPCzIjqwnnOj6sFrSQIn8hroNQaG
lIt6fVfRZ6iwn8ibihiIBQRo/N3+i8mkQCQZXicxJIs5YrIocjlql1Ja20j7wAfs
+R/TY3s4XUVkoNv9OjZHekyqBoE+OQbm9rhZDeFSMWZkgVFzOy2pBXWl2Q+OMVa/
7W8ClJ1JjQ82pPbZpIMtiYW8efndNNQ3KgELp1l3Ih7BoGCswX+LtuSjPmH0kWMa
uduQYR2ln8HDitVGfmM0gxDhKr0RiMhyNIOcSLWn/yo39j1Vhrsf4KFVmBu5nbS/
xPNwoqkcz5Vj1OWMyFJbPINwXAj2EG68Eeq1CrEN8QPRhyt7GAe3HKRG5wIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCzvUVKdn6dYWHJpnVv3b7Z5VhuhMB8GA1UdIwQY
MBaAFN+42RQFAsngNTBRib9lgjTbFPVMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgt
NDFlNzNjMWViYWUxLzEvTE85UlVwMmZwMWhZY21tZFdfZHZ0bmxXRzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC82MmE5NDctY2ZiOC00ZDNkLWIzMDgtNDFlNzNjMWViYWUx
LzEvMzdqWkZBVUN5ZUExTUZHSnYyV0NOTnNVOVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAueEJAwQA
wm7vMBQEAgACMA4DBQMqEJ6AAwUDKhLfQDANBgkqhkiG9w0BAQsFAAOCAQEAI4R+
HuL6E6eZUaUhfAKIRnqrwUXM5nrNN5N3vNiQ3REYFAFje60igNwY/BKqVU4V3A4w
rXThCYZX/5uoemaGvVfVlekG4VK7jCFjNmV8kJuxkfMobmg2phLLgh4ZFlrPcOYd
j4ifSY2zYoZ6R7xlws1MUurgwkW9szwDwN6fWLMCD7EdsJco0VVK8JG3MPD4xsgZ
vF6C5AAhGz2316nBwhDoCb4JRKWerl0lMSPFSl6KZ9Mui7A9Ho0AUaStFZyyAAvC
llYb9dt3e4lFUXDylBLH+glDeHnQlrFgWKzQSI90+UkziVsAKe6zs/q6INkJ76iQ
HQpo4qmgfsRtQsUrzQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:39 2025 by rpki-client