Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/753208-a5a4-4b71-8e74-a7eb38d48c78/1/LkfxL04sNLX0XiFhvkoqLASRKDI.roa
File: LkfxL04sNLX0XiFhvkoqLASRKDI.roa (raw, json)
Hash identifier: ihheQWhQXumPwAkoVuU8+bJQP2UjN2M+jdLkMfTYs4Q=
Subject key identifier: 2E:47:F1:2F:4E:2C:34:B5:F4:5E:21:61:BE:4A:2A:2C:04:91:28:32
Certificate issuer: /CN=ed28f57746a005ae75a8f5f9e92f7d22d61c8d34
Certificate serial: 018A5F28CF83137A5EF60086B4B51EF94DCE
Authority key identifier: ED:28:F5:77:46:A0:05:AE:75:A8:F5:F9:E9:2F:7D:22:D6:1C:8D:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Sj1d0agBa51qPX56S99ItYcjTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/753208-a5a4-4b71-8e74-a7eb38d48c78/1/LkfxL04sNLX0XiFhvkoqLASRKDI.roa
Signing time: Mon 04 Sep 2023 07:47:04 +0000
ROA not before: Mon 04 Sep 2023 07:47:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202395
IP address blocks: 195.226.220.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:28:cf:83:13:7a:5e:f6:00:86:b4:b5:1e:f9:4d:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed28f57746a005ae75a8f5f9e92f7d22d61c8d34
Validity
Not Before: Sep 4 07:47:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e47f12f4e2c34b5f45e2161be4a2a2c04912832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5c:bc:54:ff:da:a5:d6:18:db:4d:f5:08:bf:
7b:23:3b:ca:f6:e7:27:2b:2a:f9:a1:d3:8d:b7:b1:
fd:fc:ec:32:24:e5:7e:90:d3:82:6c:6d:7d:55:1d:
f5:12:79:9f:30:cc:47:bb:fc:5f:e4:03:f3:68:68:
c0:e8:2a:11:f9:f9:6d:d3:68:fa:2b:5f:f7:23:df:
5b:1d:e8:a3:96:a1:67:a5:64:d5:81:53:fa:ad:9f:
85:cb:33:bf:2c:e3:f3:49:65:74:d4:28:83:6a:96:
d4:88:c5:88:0f:f4:78:f7:26:9c:b6:d8:2a:3a:77:
78:30:2f:b6:fe:b0:7d:f5:56:fe:3f:d7:9b:20:b3:
1a:07:00:91:fa:e4:92:a7:9b:fb:32:e9:a3:4c:b4:
0c:5e:ce:8b:04:6e:ec:db:05:f7:e8:f4:f2:ee:4f:
0f:3c:31:89:21:67:50:c5:6e:e6:bd:fa:39:09:78:
30:da:d4:58:04:3d:ce:14:e5:10:13:22:6b:2f:cb:
75:3d:bb:9e:78:4c:93:48:79:b5:9a:8c:e9:e6:50:
6f:4d:9f:91:a1:b9:3f:87:7a:c3:e1:05:0d:86:f2:
c9:b4:76:6d:4f:b5:8f:19:1d:00:bf:97:8c:a8:04:
e7:c7:d5:c8:db:67:8b:2c:1f:93:0f:a7:6a:ed:1b:
d2:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:47:F1:2F:4E:2C:34:B5:F4:5E:21:61:BE:4A:2A:2C:04:91:28:32
X509v3 Authority Key Identifier:
keyid:ED:28:F5:77:46:A0:05:AE:75:A8:F5:F9:E9:2F:7D:22:D6:1C:8D:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Sj1d0agBa51qPX56S99ItYcjTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/753208-a5a4-4b71-8e74-a7eb38d48c78/1/LkfxL04sNLX0XiFhvkoqLASRKDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/753208-a5a4-4b71-8e74-a7eb38d48c78/1/7Sj1d0agBa51qPX56S99ItYcjTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.220.0/24
Signature Algorithm: sha256WithRSAEncryption
57:a6:19:05:37:78:6b:81:85:dc:f9:78:1d:71:3e:d1:39:74:
e5:ab:e9:10:ad:e7:d9:ca:60:3b:02:81:3c:d3:bb:93:46:15:
97:9b:df:94:23:b0:68:d9:31:da:f1:3d:de:29:03:ec:99:0f:
e0:52:7a:1a:2c:f4:14:2a:4a:b5:f3:1e:61:f0:cb:1a:a6:47:
ae:b6:42:21:ba:d5:74:a4:f2:98:34:7a:bd:3a:75:d7:ef:3a:
cd:26:8e:c0:6d:26:75:c6:fa:01:38:bb:f7:eb:c1:d0:6d:07:
2d:0b:36:a2:05:2b:f6:0e:54:2f:15:28:fc:42:b3:de:2a:a4:
5a:c0:f7:1d:c1:c9:e8:de:fa:0a:8f:da:e4:e5:25:20:2e:07:
d7:ab:77:29:1b:43:37:fa:2f:92:41:04:84:30:8c:ba:a4:d4:
48:3f:c4:23:76:9a:2c:85:3d:90:65:28:28:0b:dc:cf:cd:11:
8a:7b:e2:c2:60:8a:a3:4b:19:e1:2c:09:e4:80:b9:d8:9c:d1:
eb:ca:5e:5e:ce:90:4c:d3:31:9d:e0:56:8d:b2:b1:8b:3f:48:
15:82:40:10:95:dd:c5:d8:0d:94:9d:ba:47:22:06:66:de:d8:
bc:9b:10:82:66:00:d8:35:0b:56:54:20:96:1f:0f:68:fb:26:
63:bd:62:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpfKM+DE3pe9gCGtLUe+U3OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkMjhmNTc3NDZhMDA1YWU3NWE4ZjVmOWU5MmY3ZDIyZDYx
YzhkMzQwHhcNMjMwOTA0MDc0NzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQ3ZjEyZjRlMmMzNGI1ZjQ1ZTIxNjFiZTRhMmEyYzA0OTEyODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhly8VP/apdYY2031CL97IzvK9ucn
Kyr5odONt7H9/OwyJOV+kNOCbG19VR31EnmfMMxHu/xf5APzaGjA6CoR+flt02j6
K1/3I99bHeijlqFnpWTVgVP6rZ+FyzO/LOPzSWV01CiDapbUiMWID/R49yacttgq
Ond4MC+2/rB99Vb+P9ebILMaBwCR+uSSp5v7MumjTLQMXs6LBG7s2wX36PTy7k8P
PDGJIWdQxW7mvfo5CXgw2tRYBD3OFOUQEyJrL8t1PbueeEyTSHm1mozp5lBvTZ+R
obk/h3rD4QUNhvLJtHZtT7WPGR0Av5eMqATnx9XI22eLLB+TD6dq7RvSgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5H8S9OLDS19F4hYb5KKiwEkSgyMB8GA1UdIwQY
MBaAFO0o9XdGoAWudaj1+ekvfSLWHI00MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1NqMWQwYWdCYTUxcVBYNTZTOTlJdFljalRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS83NTMyMDgtYTVhNC00YjcxLThlNzQt
YTdlYjM4ZDQ4Yzc4LzEvTGtmeEwwNHNOTFgwWGlGaHZrb3FMQVNSS0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS83NTMyMDgtYTVhNC00YjcxLThlNzQtYTdlYjM4ZDQ4Yzc4
LzEvN1NqMWQwYWdCYTUxcVBYNTZTOTlJdFljalRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+LcMA0G
CSqGSIb3DQEBCwUAA4IBAQBXphkFN3hrgYXc+XgdcT7ROXTlq+kQrefZymA7AoE8
07uTRhWXm9+UI7Bo2THa8T3eKQPsmQ/gUnoaLPQUKkq18x5h8MsapkeutkIhutV0
pPKYNHq9OnXX7zrNJo7AbSZ1xvoBOLv368HQbQctCzaiBSv2DlQvFSj8QrPeKqRa
wPcdwcno3voKj9rk5SUgLgfXq3cpG0M3+i+SQQSEMIy6pNRIP8QjdposhT2QZSgo
C9zPzRGKe+LCYIqjSxnhLAnkgLnYnNHryl5ezpBM0zGd4FaNsrGLP0gVgkAQld3F
2A2UnbpHIgZm3ti8mxCCZgDYNQtWVCCWHw9o+yZjvWIn
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:43 2025 by rpki-client