Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/LaC9vcAj9_tjaqBME6UgB1khJtE.roa
File: LaC9vcAj9_tjaqBME6UgB1khJtE.roa (raw, json)
Hash identifier: AmL4pF0geEEbE2pU3ZzTG+2SJj9XwxBrcyjmFrvskVU=
Subject key identifier: 2D:A0:BD:BD:C0:23:F7:FB:63:6A:A0:4C:13:A5:20:07:59:21:26:D1
Certificate issuer: /CN=3ad65216812ed24fd1c719871a59a971dec30a26
Certificate serial: 01856FCBBEFDFF85644C1D26459D2230D2DF
Authority key identifier: 3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/LaC9vcAj9_tjaqBME6UgB1khJtE.roa
Signing time: Mon 02 Jan 2023 00:05:01 +0000
ROA not before: Mon 02 Jan 2023 00:05:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29633
IP address blocks: 217.75.176.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:cb:be:fd:ff:85:64:4c:1d:26:45:9d:22:30:d2:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ad65216812ed24fd1c719871a59a971dec30a26
Validity
Not Before: Jan 2 00:05:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2da0bdbdc023f7fb636aa04c13a52007592126d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:19:59:67:ad:1f:d4:e8:63:d9:1e:70:f6:01:
de:e3:ce:96:6f:6f:c6:2e:65:31:ac:82:a5:00:a0:
78:df:35:f6:b0:5b:72:69:11:1e:8a:d3:a6:5c:c0:
3f:07:f0:b9:57:3b:bd:80:de:9c:94:81:b0:00:36:
d9:e0:ef:43:95:46:76:65:1b:61:7e:61:c7:89:24:
06:4e:17:f9:17:e2:d2:b4:16:1e:ab:fa:c3:ce:e9:
fa:64:0f:27:b4:2e:34:14:79:f5:98:e7:21:c5:56:
00:95:cd:a5:be:b7:5d:19:18:61:34:cf:de:6c:0e:
20:fd:e1:cc:70:f4:7d:ca:3e:c1:d6:9c:19:ce:f2:
13:c5:96:15:31:a9:50:ec:cf:fb:5b:89:70:72:89:
79:76:35:c4:2c:10:f9:43:da:57:b6:f9:d1:b7:24:
1c:63:d5:92:96:ee:8e:6f:19:62:2b:5a:5b:84:bd:
92:ea:06:ae:ab:ca:08:96:88:9b:91:88:43:32:b2:
23:23:f5:70:ef:db:b5:fb:d9:fe:5a:b5:7a:24:fa:
f8:10:ae:04:1f:41:ea:d6:81:cf:13:a7:8f:d5:f6:
b3:7a:8f:9e:e3:3c:61:60:70:3d:4f:09:31:78:ac:
a9:10:e4:99:7e:51:94:d2:5b:03:61:a2:28:82:09:
6f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:A0:BD:BD:C0:23:F7:FB:63:6A:A0:4C:13:A5:20:07:59:21:26:D1
X509v3 Authority Key Identifier:
keyid:3A:D6:52:16:81:2E:D2:4F:D1:C7:19:87:1A:59:A9:71:DE:C3:0A:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OtZSFoEu0k_RxxmHGlmpcd7DCiY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/LaC9vcAj9_tjaqBME6UgB1khJtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/b8cae4-b5af-4380-9817-46538ca5383c/1/OtZSFoEu0k_RxxmHGlmpcd7DCiY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.75.176.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:d5:dc:fd:8d:7d:11:06:8b:fc:d0:4d:d7:b4:0a:c2:40:dc:
7a:18:ee:36:d1:4e:3d:1a:66:30:c6:52:8b:20:c1:cf:5b:dc:
3b:42:9a:03:ae:3d:e2:06:e4:3f:41:05:f2:87:a4:0b:0f:b3:
2c:ea:b3:69:78:59:ba:b3:27:e7:62:cc:c7:89:e8:43:4f:b1:
7f:a6:cc:1e:50:31:4c:4d:c3:53:64:46:97:0e:50:3c:48:8e:
cd:02:c1:13:99:d4:1d:a4:b0:71:5e:ab:3f:8d:76:7c:cd:b8:
f0:2c:d5:30:29:94:24:70:39:09:a6:8b:c4:22:cb:f9:c9:4c:
6e:e6:de:9c:f0:3f:38:8d:e2:5b:0e:f4:4c:84:bb:d3:b4:c0:
6f:8b:44:6a:64:96:62:f1:29:a5:e1:9d:9b:5a:7d:6e:e2:0b:
84:07:ac:c4:22:fc:dd:78:73:ca:65:1b:92:ea:c2:8b:af:fa:
6f:48:0c:da:18:cb:71:6f:57:56:95:d9:b7:08:dc:7f:cd:6c:
e6:f0:c7:5d:6b:38:1d:73:7c:0f:fd:ed:db:de:35:8d:63:03:
25:56:dc:bd:04:6c:44:ac:25:87:f8:cd:e4:59:18:29:cc:42:
59:9d:b8:94:a3:11:5d:ff:9a:73:f0:d4:55:27:8b:e3:d0:cb:
5c:bb:5c:2a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvy779/4VkTB0mRZ0iMNLfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZDY1MjE2ODEyZWQyNGZkMWM3MTk4NzFhNTlhOTcxZGVj
MzBhMjYwHhcNMjMwMTAyMDAwNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGEwYmRiZGMwMjNmN2ZiNjM2YWEwNGMxM2E1MjAwNzU5MjEyNmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBlZZ60f1Ohj2R5w9gHe486Wb2/G
LmUxrIKlAKB43zX2sFtyaREeitOmXMA/B/C5Vzu9gN6clIGwADbZ4O9DlUZ2ZRth
fmHHiSQGThf5F+LStBYeq/rDzun6ZA8ntC40FHn1mOchxVYAlc2lvrddGRhhNM/e
bA4g/eHMcPR9yj7B1pwZzvITxZYVMalQ7M/7W4lwcol5djXELBD5Q9pXtvnRtyQc
Y9WSlu6ObxliK1pbhL2S6gauq8oIloibkYhDMrIjI/Vw79u1+9n+WrV6JPr4EK4E
H0Hq1oHPE6eP1fazeo+e4zxhYHA9TwkxeKypEOSZflGU0lsDYaIogglvbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC2gvb3AI/f7Y2qgTBOlIAdZISbRMB8GA1UdIwQY
MBaAFDrWUhaBLtJP0ccZhxpZqXHewwomMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTct
NDY1MzhjYTUzODNjLzEvTGFDOXZjQWo5X3RqYXFCTUU2VWdCMWtoSnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS9iOGNhZTQtYjVhZi00MzgwLTk4MTctNDY1MzhjYTUzODNj
LzEvT3RaU0ZvRXUwa19SeHhtSEdsbXBjZDdEQ2lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UuwMA0G
CSqGSIb3DQEBCwUAA4IBAQAa1dz9jX0RBov80E3XtArCQNx6GO420U49GmYwxlKL
IMHPW9w7QpoDrj3iBuQ/QQXyh6QLD7Ms6rNpeFm6syfnYszHiehDT7F/psweUDFM
TcNTZEaXDlA8SI7NAsETmdQdpLBxXqs/jXZ8zbjwLNUwKZQkcDkJpovEIsv5yUxu
5t6c8D84jeJbDvRMhLvTtMBvi0RqZJZi8Sml4Z2bWn1u4guEB6zEIvzdeHPKZRuS
6sKLr/pvSAzaGMtxb1dWldm3CNx/zWzm8Mddazgdc3wP/e3b3jWNYwMlVty9BGxE
rCWH+M3kWRgpzEJZnbiUoxFd/5pz8NRVJ4vj0Mtcu1wq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:55 2025 by rpki-client