Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/lfhaaN6LLE2cshE5v1SMLaZHxtM.roa
File: lfhaaN6LLE2cshE5v1SMLaZHxtM.roa (raw, json)
Hash identifier: PavCyQ07hWNi2GxnUX308RESO6o5dQKxHl5QWM8blE0=
Subject key identifier: 95:F8:5A:68:DE:8B:2C:4D:9C:B2:11:39:BF:54:8C:2D:A6:47:C6:D3
Certificate issuer: /CN=133deed883c2a690ce54829b48f9d78cd7b25fd7
Certificate serial: 018570FBB8339B8910D5CBDEF2579A4FFFAC
Authority key identifier: 13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/lfhaaN6LLE2cshE5v1SMLaZHxtM.roa
Signing time: Mon 02 Jan 2023 05:37:02 +0000
ROA not before: Mon 02 Jan 2023 05:37:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204645
IP address blocks: 185.94.220.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:b8:33:9b:89:10:d5:cb:de:f2:57:9a:4f:ff:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=133deed883c2a690ce54829b48f9d78cd7b25fd7
Validity
Not Before: Jan 2 05:37:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f85a68de8b2c4d9cb21139bf548c2da647c6d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:cf:aa:7e:67:65:db:ad:b6:d5:3a:dc:03:e4:
47:9f:0d:98:67:48:79:92:24:f7:13:17:62:cb:c9:
74:b8:d7:21:e2:11:e5:36:05:2a:bb:51:f0:7e:b6:
83:53:63:86:c4:bf:4e:05:6b:cd:0a:ba:4f:f2:5e:
a5:2d:52:03:de:c5:eb:93:90:81:e0:2c:81:e5:c2:
dd:7c:a2:c5:b1:fa:f9:85:a4:90:ca:7c:9b:97:2f:
89:76:86:4c:66:8b:25:5c:fa:3e:4b:26:8c:ec:e1:
38:97:2b:ad:f3:ef:b5:b3:95:d8:36:15:a1:3c:9e:
78:c4:99:52:f4:b8:b5:45:0d:8c:eb:29:fd:bb:49:
23:33:6c:87:85:d5:b6:cf:93:6d:02:9a:53:b0:a8:
f8:ae:93:3f:67:78:e2:c2:32:88:4a:f0:05:a0:b3:
bf:8d:02:00:99:6b:0b:1c:2b:87:74:f2:64:c4:2a:
3e:bd:1b:00:78:14:41:e0:c8:59:2d:b9:b4:20:e4:
3c:b6:4b:74:4c:2d:82:52:b0:59:02:4e:7c:e9:12:
36:ee:6b:fe:25:78:c5:3b:96:48:dc:3f:2e:3b:4c:
01:84:f4:25:8a:39:11:86:69:6f:a1:c1:6c:5b:79:
6e:60:20:51:d7:fb:0c:f0:5a:05:17:eb:50:9a:4e:
c0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F8:5A:68:DE:8B:2C:4D:9C:B2:11:39:BF:54:8C:2D:A6:47:C6:D3
X509v3 Authority Key Identifier:
keyid:13:3D:EE:D8:83:C2:A6:90:CE:54:82:9B:48:F9:D7:8C:D7:B2:5F:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ez3u2IPCppDOVIKbSPnXjNeyX9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/lfhaaN6LLE2cshE5v1SMLaZHxtM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/c44409-a65d-4b8a-bfea-4bedd3bd6ea1/1/Ez3u2IPCppDOVIKbSPnXjNeyX9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.220.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:c5:7e:9f:15:05:a5:b2:5a:e4:57:89:b7:53:e1:3e:ee:f7:
0b:ae:b5:ce:22:1e:3c:d2:f3:ff:88:db:24:74:d4:10:27:0b:
e6:78:c4:69:dc:86:d4:79:44:df:e9:68:6b:6d:90:45:df:23:
5f:7b:7d:b1:69:4f:60:fe:da:00:86:58:09:85:4b:6a:eb:30:
79:fa:8d:5f:6a:40:fd:26:83:0b:39:82:0f:4a:9a:12:f3:b6:
30:cf:b4:0f:73:97:a5:ce:a8:a7:56:c5:11:39:45:ed:3e:b9:
67:f5:62:d4:a3:9b:95:7a:e1:e7:fc:ad:2d:79:20:f6:77:5c:
b2:3d:6f:7f:28:ad:a0:66:92:6b:7c:d6:f4:68:66:13:2c:81:
ac:23:a9:83:f7:49:7c:50:47:bf:96:cd:68:3b:e3:f0:b8:77:
27:65:c3:eb:01:ef:6b:eb:f1:21:02:3c:65:0f:98:70:bc:41:
e0:50:11:ce:24:19:ac:e6:e2:60:09:7c:d8:e0:66:a3:67:8a:
21:92:25:a8:d5:50:5c:2e:51:41:3b:42:f0:65:34:15:df:33:
11:11:a7:a3:28:39:86:df:e4:77:49:d8:84:f2:b7:33:e0:c1:
0c:8e:92:e2:24:29:3b:09:97:90:fc:69:eb:0b:c4:16:fb:d1:
70:e3:f6:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVw+7gzm4kQ1cve8leaT/+sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzM2RlZWQ4ODNjMmE2OTBjZTU0ODI5YjQ4ZjlkNzhjZDdi
MjVmZDcwHhcNMjMwMTAyMDUzNzAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWY4NWE2OGRlOGIyYzRkOWNiMjExMzliZjU0OGMyZGE2NDdjNmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjs+qfmdl26221TrcA+RHnw2YZ0h5
kiT3Exdiy8l0uNch4hHlNgUqu1HwfraDU2OGxL9OBWvNCrpP8l6lLVID3sXrk5CB
4CyB5cLdfKLFsfr5haSQynybly+JdoZMZoslXPo+SyaM7OE4lyut8++1s5XYNhWh
PJ54xJlS9Li1RQ2M6yn9u0kjM2yHhdW2z5NtAppTsKj4rpM/Z3jiwjKISvAFoLO/
jQIAmWsLHCuHdPJkxCo+vRsAeBRB4MhZLbm0IOQ8tkt0TC2CUrBZAk586RI27mv+
JXjFO5ZI3D8uO0wBhPQlijkRhmlvocFsW3luYCBR1/sM8FoFF+tQmk7AwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJX4WmjeiyxNnLIROb9UjC2mR8bTMB8GA1UdIwQY
MBaAFBM97tiDwqaQzlSCm0j514zXsl/XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEt
NGJlZGQzYmQ2ZWExLzEvbGZoYWFONkxMRTJjc2hFNXYxU01MYVpIeHRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9jNDQ0MDktYTY1ZC00YjhhLWJmZWEtNGJlZGQzYmQ2ZWEx
LzEvRXozdTJJUENwcERPVklLYlNQblhqTmV5WDljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuV7cMA0G
CSqGSIb3DQEBCwUAA4IBAQA9xX6fFQWlslrkV4m3U+E+7vcLrrXOIh480vP/iNsk
dNQQJwvmeMRp3IbUeUTf6WhrbZBF3yNfe32xaU9g/toAhlgJhUtq6zB5+o1fakD9
JoMLOYIPSpoS87Ywz7QPc5elzqinVsUROUXtPrln9WLUo5uVeuHn/K0teSD2d1yy
PW9/KK2gZpJrfNb0aGYTLIGsI6mD90l8UEe/ls1oO+PwuHcnZcPrAe9r6/EhAjxl
D5hwvEHgUBHOJBms5uJgCXzY4GajZ4ohkiWo1VBcLlFBO0LwZTQV3zMREaejKDmG
3+R3SdiE8rcz4MEMjpLiJCk7CZeQ/GnrC8QW+9Fw4/aP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:53 2025 by rpki-client