Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/LAu9lT93UGOBeTT6FnzVnuPsgBA.roa
File: LAu9lT93UGOBeTT6FnzVnuPsgBA.roa (raw, json)
Hash identifier: w/TqLG/S8IqGuc9RLIOWBNXLssgEdDv2he6BW+OcWJg=
Subject key identifier: 2C:0B:BD:95:3F:77:50:63:81:79:34:FA:16:7C:D5:9E:E3:EC:80:10
Certificate issuer: /CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Certificate serial: 0187E74DDB41F766546419724C099130A2AA
Authority key identifier: 9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/LAu9lT93UGOBeTT6FnzVnuPsgBA.roa
Signing time: Thu 04 May 2023 15:07:31 +0000
ROA not before: Thu 04 May 2023 15:07:31 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51207
IP address blocks: 78.240.0.0/13 maxlen: 13
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e7:4d:db:41:f7:66:54:64:19:72:4c:09:91:30:a2:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e4b3281b08e6b5ec1fdeb0d0440528ed934dc3f
Validity
Not Before: May 4 15:07:31 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c0bbd953f775063817934fa167cd59ee3ec8010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:14:c3:2a:f3:5b:f7:0e:2f:6e:2e:1c:69:fd:
d9:f6:07:24:64:05:5c:63:d0:29:ff:82:d2:fe:e4:
75:3f:3d:dd:ed:67:bf:dd:52:91:83:91:fe:4a:67:
31:82:fd:00:d0:8f:d0:36:42:ba:3f:61:67:5e:b1:
1c:14:a6:e1:06:81:ad:4c:2c:01:4c:b2:63:ad:4a:
eb:c0:d1:4b:cf:80:80:eb:00:87:97:e7:06:66:91:
e5:57:56:09:b9:45:71:0a:fb:80:6e:43:be:ec:90:
76:69:d4:07:c5:ac:90:f5:7c:1e:56:6b:ab:ef:ba:
0f:bf:b8:70:de:72:84:11:03:0c:1a:5d:56:61:30:
a5:bf:e3:17:49:e3:6b:da:29:fb:51:fc:b9:8c:d5:
c2:9a:56:94:43:d5:c4:e0:7d:ba:bf:19:4f:5d:6a:
57:db:91:5a:7a:6f:0a:f0:18:9b:4b:d4:ad:9b:bb:
d2:a9:10:9d:70:38:e6:69:da:b0:3a:db:e4:16:aa:
fd:c4:db:5e:4c:86:19:db:15:02:f1:0e:52:40:cf:
40:6b:ab:f3:9d:26:ee:67:48:03:10:72:ba:5a:10:
bd:44:c4:51:e9:7e:35:0d:d3:78:37:c0:9b:7c:cc:
74:4a:cb:3e:64:12:4d:cf:ce:af:73:3f:02:33:ce:
d4:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:0B:BD:95:3F:77:50:63:81:79:34:FA:16:7C:D5:9E:E3:EC:80:10
X509v3 Authority Key Identifier:
keyid:9E:4B:32:81:B0:8E:6B:5E:C1:FD:EB:0D:04:40:52:8E:D9:34:DC:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nksygbCOa17B_esNBEBSjtk03D8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/LAu9lT93UGOBeTT6FnzVnuPsgBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ff7d33-e4f7-43c0-924b-6b2d46924c6f/1/nksygbCOa17B_esNBEBSjtk03D8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.240.0.0/13
Signature Algorithm: sha256WithRSAEncryption
9e:59:3f:10:c5:00:1a:29:2a:95:29:2c:3f:f4:6d:77:87:69:
42:df:b9:2f:c0:0c:95:70:df:6c:24:85:94:28:f6:8f:cb:03:
ff:e0:c1:78:17:8b:ad:46:85:a0:17:44:fe:6f:fb:87:4d:66:
0b:13:62:84:0f:4f:3e:01:a2:bf:62:35:b5:c6:a4:01:1d:31:
c7:78:0e:da:f4:21:07:9a:f0:c1:f9:05:e3:0e:c0:8f:56:71:
4b:26:34:f5:be:e9:07:42:6d:c2:76:0a:fa:1a:3d:27:62:ad:
e5:6a:6e:df:20:63:b0:fe:93:d1:c4:62:2e:d8:87:37:d2:fb:
f7:a9:8b:eb:a3:f4:54:28:27:aa:3f:33:20:66:0d:1e:3f:ab:
ef:5b:f6:cf:9d:2c:20:87:c8:bc:9d:32:ce:6d:f9:7f:76:27:
34:ca:fb:70:80:79:10:02:50:b6:4b:c0:b5:8a:98:0c:4b:2f:
66:4e:6a:1d:b4:0e:57:8a:ff:5e:aa:51:3a:3b:f2:a0:8c:b5:
0e:f7:77:1e:39:11:a4:17:9e:f7:f3:bb:cd:0e:cb:d3:c9:ef:
be:61:3a:71:40:86:ca:d5:8a:d2:f5:71:f2:53:cc:7d:08:83:
ba:44:6d:54:35:4e:30:c8:f4:d6:ab:cf:47:9f:ec:12:97:0b:
24:c4:e9:48
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYfnTdtB92ZUZBlyTAmRMKKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNGIzMjgxYjA4ZTZiNWVjMWZkZWIwZDA0NDA1MjhlZDkz
NGRjM2YwHhcNMjMwNTA0MTUwNzMxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzBiYmQ5NTNmNzc1MDYzODE3OTM0ZmExNjdjZDU5ZWUzZWM4MDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRTDKvNb9w4vbi4caf3Z9gckZAVc
Y9Ap/4LS/uR1Pz3d7We/3VKRg5H+Smcxgv0A0I/QNkK6P2FnXrEcFKbhBoGtTCwB
TLJjrUrrwNFLz4CA6wCHl+cGZpHlV1YJuUVxCvuAbkO+7JB2adQHxayQ9XweVmur
77oPv7hw3nKEEQMMGl1WYTClv+MXSeNr2in7Ufy5jNXCmlaUQ9XE4H26vxlPXWpX
25Faem8K8BibS9Stm7vSqRCdcDjmadqwOtvkFqr9xNteTIYZ2xUC8Q5SQM9Aa6vz
nSbuZ0gDEHK6WhC9RMRR6X41DdN4N8CbfMx0Sss+ZBJNz86vcz8CM87UNwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFCwLvZU/d1BjgXk0+hZ81Z7j7IAQMB8GA1UdIwQY
MBaAFJ5LMoGwjmtewf3rDQRAUo7ZNNw/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGIt
NmIyZDQ2OTI0YzZmLzEvTEF1OWxUOTNVR09CZVRUNkZuelZudVBzZ0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9mZjdkMzMtZTRmNy00M2MwLTkyNGItNmIyZDQ2OTI0YzZm
LzEvbmtzeWdiQ09hMTdCX2VzTkJFQlNqdGswM0Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMDTvAwDQYJ
KoZIhvcNAQELBQADggEBAJ5ZPxDFABopKpUpLD/0bXeHaULfuS/ADJVw32wkhZQo
9o/LA//gwXgXi61GhaAXRP5v+4dNZgsTYoQPTz4Bor9iNbXGpAEdMcd4Dtr0IQea
8MH5BeMOwI9WcUsmNPW+6QdCbcJ2CvoaPSdireVqbt8gY7D+k9HEYi7YhzfS+/ep
i+uj9FQoJ6o/MyBmDR4/q+9b9s+dLCCHyLydMs5t+X92JzTK+3CAeRACULZLwLWK
mAxLL2ZOah20DleK/16qUTo78qCMtQ73dx45EaQXnvfzu80Oy9PJ775hOnFAhsrV
itL1cfJTzH0Ig7pEbVQ1TjDI9Narz0ef7BKXCyTE6Ug=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:17 2025 by rpki-client