Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/05e994-318d-4a54-b629-173f0096bd85/1/lxylBrFyVk8Ex_gnSk1USG4zjYU.roa
File: lxylBrFyVk8Ex_gnSk1USG4zjYU.roa (raw, json)
Hash identifier: NaLpgTzDO+Q0dZhjWBLcUWkBLHzGgu+9DIZzZVdm3ng=
Subject key identifier: 97:1C:A5:06:B1:72:56:4F:04:C7:F8:27:4A:4D:54:48:6E:33:8D:85
Certificate issuer: /CN=55d06afd26d25223427a7a0d5f9e3159063fbca3
Certificate serial: 0154BF95
Authority key identifier: 55:D0:6A:FD:26:D2:52:23:42:7A:7A:0D:5F:9E:31:59:06:3F:BC:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VdBq_SbSUiNCenoNX54xWQY_vKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/05e994-318d-4a54-b629-173f0096bd85/1/lxylBrFyVk8Ex_gnSk1USG4zjYU.roa
Signing time: Sat 01 Jan 2022 06:02:24 +0000
ROA not before: Sat 01 Jan 2022 06:02:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204311
IP address blocks: 31.217.255.0/24 maxlen: 24
92.255.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 22331285 (0x154bf95)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=55d06afd26d25223427a7a0d5f9e3159063fbca3
Validity
Not Before: Jan 1 06:02:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=971ca506b172564f04c7f8274a4d54486e338d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:51:f6:19:a4:86:13:27:c5:1a:b9:1a:04:57:
20:fd:25:1d:48:3c:6b:d5:3c:fa:b8:07:ca:3d:a1:
7c:0d:98:8d:ba:50:65:10:91:81:be:e6:6a:fa:78:
75:17:f3:8b:46:07:8f:f0:de:17:62:87:19:ab:d4:
92:e4:f5:73:a6:ad:fc:d5:36:4b:b0:b9:76:2c:4f:
71:f2:a2:22:1b:68:55:a3:fb:46:13:71:e0:58:b1:
a4:17:2b:17:cb:61:2e:23:40:b6:26:c4:6e:0e:76:
1f:35:fd:88:79:ac:c1:83:fb:10:a2:b9:06:a0:fe:
3d:8f:a8:60:42:93:99:2b:e0:29:bd:2c:2a:91:a2:
9f:72:da:61:39:c6:dd:46:c6:ea:83:fb:a5:cd:83:
85:97:72:84:14:04:bb:d6:49:ba:c1:e7:c3:8e:5e:
a0:bb:c7:98:1c:a7:40:3f:bd:c4:4f:a7:36:8d:24:
3f:7b:54:19:08:2c:59:67:91:26:be:75:9a:1c:73:
43:fb:55:57:ac:6b:9b:93:a7:46:0d:e4:37:20:f1:
c7:7d:07:6a:5a:06:6d:3e:be:e4:c9:2a:20:ba:b5:
7c:ef:da:ac:09:5f:29:8a:09:2f:35:8c:c4:0e:27:
9f:e5:94:e1:8d:8e:c7:2e:00:53:3d:64:56:29:37:
b8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:1C:A5:06:B1:72:56:4F:04:C7:F8:27:4A:4D:54:48:6E:33:8D:85
X509v3 Authority Key Identifier:
keyid:55:D0:6A:FD:26:D2:52:23:42:7A:7A:0D:5F:9E:31:59:06:3F:BC:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VdBq_SbSUiNCenoNX54xWQY_vKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/05e994-318d-4a54-b629-173f0096bd85/1/lxylBrFyVk8Ex_gnSk1USG4zjYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/05e994-318d-4a54-b629-173f0096bd85/1/VdBq_SbSUiNCenoNX54xWQY_vKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.217.255.0/24
92.255.48.0/24
Signature Algorithm: sha256WithRSAEncryption
94:0d:15:0b:48:11:93:8c:04:db:8e:30:c7:c9:5d:e2:e2:75:
27:a0:c3:3e:b9:61:b5:f8:38:1d:61:a9:cc:e7:dd:e7:e5:e8:
bc:49:ad:52:b6:7e:7e:9d:4f:8b:1f:d8:54:89:dd:65:0b:71:
ce:11:ad:c2:27:10:d3:e9:b3:7d:4a:e4:c6:20:e9:84:c8:64:
74:74:4f:e7:78:73:98:c8:f9:73:79:ba:32:2d:99:32:89:22:
e0:d5:44:e0:73:ca:ab:d4:30:9f:c4:36:83:04:f6:66:a5:bb:
fb:ba:29:de:25:7a:f8:f8:d2:09:56:00:02:36:01:45:f9:02:
be:c1:18:20:45:53:80:bc:19:92:b2:4d:2c:bc:c1:45:4d:3c:
72:0c:25:45:dc:d1:d9:4a:9d:7a:0d:ca:9e:5f:3a:41:81:d8:
68:d5:6e:00:c5:84:97:1a:be:db:bf:9d:82:43:12:92:8f:37:
b9:45:3f:8c:16:36:9c:19:e6:5f:a1:f6:40:25:09:ae:e0:69:
cd:7d:92:a9:a2:0a:1d:bb:da:9a:00:7a:98:a9:22:95:27:4f:
9a:ca:e8:5b:32:e6:00:ba:ab:c7:bb:b1:c8:bf:5a:2b:6e:6a:
ab:e4:86:43:a5:60:e3:ea:02:41:cc:f4:9e:49:87:97:d5:d8:
db:f3:7b:6d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAVS/lTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NWQwNmFmZDI2ZDI1MjIzNDI3YTdhMGQ1ZjllMzE1OTA2M2ZiY2EzMB4XDTIyMDEw
MTA2MDIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTcxY2E1MDZiMTcy
NTY0ZjA0YzdmODI3NGE0ZDU0NDg2ZTMzOGQ4NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJZR9hmkhhMnxRq5GgRXIP0lHUg8a9U8+rgHyj2hfA2YjbpQ
ZRCRgb7mavp4dRfzi0YHj/DeF2KHGavUkuT1c6at/NU2S7C5dixPcfKiIhtoVaP7
RhNx4FixpBcrF8thLiNAtibEbg52HzX9iHmswYP7EKK5BqD+PY+oYEKTmSvgKb0s
KpGin3LaYTnG3UbG6oP7pc2DhZdyhBQEu9ZJusHnw45eoLvHmBynQD+9xE+nNo0k
P3tUGQgsWWeRJr51mhxzQ/tVV6xrm5OnRg3kNyDxx30HaloGbT6+5MkqILq1fO/a
rAlfKYoJLzWMxA4nn+WU4Y2Oxy4AUz1kVik3uE8CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSXHKUGsXJWTwTH+CdKTVRIbjONhTAfBgNVHSMEGDAWgBRV0Gr9JtJSI0J6
eg1fnjFZBj+8ozAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZkQnFfU2JTVWlOQ2Vub05YNTR4V1FZX3ZLTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMDVlOTk0LTMxOGQtNGE1NC1iNjI5LTE3M2YwMDk2YmQ4NS8x
L2x4eWxCckZ5Vms4RXhfZ25TazFVU0c0empZVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
MDVlOTk0LTMxOGQtNGE1NC1iNjI5LTE3M2YwMDk2YmQ4NS8xL1ZkQnFfU2JTVWlO
Q2Vub05YNTR4V1FZX3ZLTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAB/Z/wMEAFz/MDANBgkqhkiG9w0B
AQsFAAOCAQEAlA0VC0gRk4wE244wx8ld4uJ1J6DDPrlhtfg4HWGpzOfd5+XovEmt
UrZ+fp1Pix/YVIndZQtxzhGtwicQ0+mzfUrkxiDphMhkdHRP53hzmMj5c3m6Mi2Z
Moki4NVE4HPKq9Qwn8Q2gwT2ZqW7+7op3iV6+PjSCVYAAjYBRfkCvsEYIEVTgLwZ
krJNLLzBRU08cgwlRdzR2Uqdeg3Knl86QYHYaNVuAMWElxq+27+dgkMSko83uUU/
jBY2nBnmX6H2QCUJruBpzX2SqaIKHbvamgB6mKkilSdPmsroWzLmALqrx7uxyL9a
K25qq+SGQ6Vg4+oCQcz0nkmHl9XY2/N7bQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:17 2025 by rpki-client