Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/c0afd4-e27f-41ca-bbe4-db78a0525797/1/l-lpx-OA9nUHSJ-ZdMwF5e1Ht1c.roa
File: l-lpx-OA9nUHSJ-ZdMwF5e1Ht1c.roa (raw, json)
Hash identifier: H3+TXooMOyJnMzF8j/slvaKYScBybQkpAYNxsr94Aro=
Subject key identifier: 97:E9:69:C7:E3:80:F6:75:07:48:9F:99:74:CC:05:E5:ED:47:B7:57
Certificate issuer: /CN=f3409b83d114c809211116ca2c8db38dce1680f9
Certificate serial: 0188C337F513EA6858EE2FFD344264D95ACA
Authority key identifier: F3:40:9B:83:D1:14:C8:09:21:11:16:CA:2C:8D:B3:8D:CE:16:80:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/80Cbg9EUyAkhERbKLI2zjc4WgPk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/c0afd4-e27f-41ca-bbe4-db78a0525797/1/l-lpx-OA9nUHSJ-ZdMwF5e1Ht1c.roa
Signing time: Fri 16 Jun 2023 08:00:04 +0000
ROA not before: Fri 16 Jun 2023 08:00:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212292
IP address blocks: 195.246.232.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c3:37:f5:13:ea:68:58:ee:2f:fd:34:42:64:d9:5a:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3409b83d114c809211116ca2c8db38dce1680f9
Validity
Not Before: Jun 16 08:00:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97e969c7e380f67507489f9974cc05e5ed47b757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8d:fe:5a:ab:bb:25:e6:f1:9e:2b:a9:75:45:
07:f8:e6:bf:97:9f:6b:14:d0:e7:8e:c7:66:b4:ba:
39:bf:b7:a8:a2:8f:ac:78:10:06:73:66:e6:8e:4a:
b0:dd:0a:d9:cd:05:bc:9b:f0:70:fd:51:96:1e:7f:
a3:0e:d0:b7:be:d5:9f:09:3a:66:ce:cf:fe:34:8a:
b7:e2:a0:d2:fc:3b:cb:e6:95:62:1c:f1:9d:2b:9c:
51:f9:e1:da:d4:12:a4:90:fd:34:8d:9e:b5:fd:c7:
e5:66:ca:15:6e:40:20:76:fe:a2:ee:6c:85:bd:45:
b8:e1:a8:05:66:0c:5d:8f:d6:c9:c2:5f:63:2f:52:
5f:ed:14:7e:0a:d3:6d:cd:ea:3c:46:1e:63:aa:4a:
49:9e:67:2e:c2:29:06:af:c1:c2:30:15:1a:61:94:
f9:9d:40:89:a5:c0:9d:85:2d:a2:e9:72:7e:ca:59:
79:a3:23:1e:1d:d3:af:f5:ac:3f:69:59:2c:57:41:
56:da:83:bd:d8:cd:55:a7:e0:ab:49:0e:4d:d4:2b:
1d:79:b6:87:a2:72:36:c7:6b:3f:cc:b6:32:3e:4e:
d4:47:fd:8e:4f:f7:55:9e:1b:4e:09:12:c9:32:42:
35:6e:17:33:88:56:0f:64:15:9f:46:b4:cf:33:10:
3c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:E9:69:C7:E3:80:F6:75:07:48:9F:99:74:CC:05:E5:ED:47:B7:57
X509v3 Authority Key Identifier:
keyid:F3:40:9B:83:D1:14:C8:09:21:11:16:CA:2C:8D:B3:8D:CE:16:80:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/80Cbg9EUyAkhERbKLI2zjc4WgPk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c0afd4-e27f-41ca-bbe4-db78a0525797/1/l-lpx-OA9nUHSJ-ZdMwF5e1Ht1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/c0afd4-e27f-41ca-bbe4-db78a0525797/1/80Cbg9EUyAkhERbKLI2zjc4WgPk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.232.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:81:2c:af:0c:8c:20:46:e4:ef:30:cd:5f:b2:5b:25:3b:91:
ce:ff:a7:d2:01:10:3f:66:9b:da:c9:ef:d5:48:14:4b:bd:0a:
9f:3d:79:d4:a2:7b:0f:b3:a4:b4:73:3f:26:d7:93:1a:7b:bd:
07:41:9c:46:83:72:97:bb:3f:e3:46:83:e3:37:00:8d:34:ca:
5d:30:e0:28:79:d3:0f:55:ed:02:79:28:a3:cb:18:e0:32:8e:
e0:37:99:0e:b1:f3:55:aa:32:c6:06:39:e6:54:b4:97:4f:8b:
79:55:cf:86:3e:1d:01:a5:f2:79:79:51:1b:be:17:0c:d3:59:
c8:39:dc:2a:24:af:50:91:7e:7b:4c:8e:00:a5:27:b8:5f:74:
56:8b:04:8a:0d:19:b0:fb:bf:96:ce:11:56:92:ae:4c:dc:c9:
b6:bd:6d:b3:9a:97:32:69:c8:79:31:46:61:b8:60:e7:4c:94:
18:94:a7:ff:14:01:28:45:a2:49:18:da:fd:52:16:73:d6:a1:
be:bf:b6:26:42:0f:6c:8b:6f:c1:5e:83:6e:ed:f8:fe:60:9d:
5e:e8:49:0b:3e:4a:45:f6:b1:3a:80:ab:20:4b:03:45:8d:ea:
08:cb:54:0d:ee:ae:5d:49:5b:97:29:b3:ed:fb:09:56:11:2f:
f0:7c:e4:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYjDN/UT6mhY7i/9NEJk2VrKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzNDA5YjgzZDExNGM4MDkyMTExMTZjYTJjOGRiMzhkY2Ux
NjgwZjkwHhcNMjMwNjE2MDgwMDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2U5NjljN2UzODBmNjc1MDc0ODlmOTk3NGNjMDVlNWVkNDdiNzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu43+Wqu7JebxniupdUUH+Oa/l59r
FNDnjsdmtLo5v7eooo+seBAGc2bmjkqw3QrZzQW8m/Bw/VGWHn+jDtC3vtWfCTpm
zs/+NIq34qDS/DvL5pViHPGdK5xR+eHa1BKkkP00jZ61/cflZsoVbkAgdv6i7myF
vUW44agFZgxdj9bJwl9jL1Jf7RR+CtNtzeo8Rh5jqkpJnmcuwikGr8HCMBUaYZT5
nUCJpcCdhS2i6XJ+yll5oyMeHdOv9aw/aVksV0FW2oO92M1Vp+CrSQ5N1CsdebaH
onI2x2s/zLYyPk7UR/2OT/dVnhtOCRLJMkI1bhcziFYPZBWfRrTPMxA8QQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJfpacfjgPZ1B0ifmXTMBeXtR7dXMB8GA1UdIwQY
MBaAFPNAm4PRFMgJIREWyiyNs43OFoD5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODBDYmc5RVV5QWtoRVJiS0xJMnpqYzRXZ1BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9jMGFmZDQtZTI3Zi00MWNhLWJiZTQt
ZGI3OGEwNTI1Nzk3LzEvbC1scHgtT0E5blVIU0otWmRNd0Y1ZTFIdDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9jMGFmZDQtZTI3Zi00MWNhLWJiZTQtZGI3OGEwNTI1Nzk3
LzEvODBDYmc5RVV5QWtoRVJiS0xJMnpqYzRXZ1BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw/boMA0G
CSqGSIb3DQEBCwUAA4IBAQA/gSyvDIwgRuTvMM1fslslO5HO/6fSARA/Zpvaye/V
SBRLvQqfPXnUonsPs6S0cz8m15Mae70HQZxGg3KXuz/jRoPjNwCNNMpdMOAoedMP
Ve0CeSijyxjgMo7gN5kOsfNVqjLGBjnmVLSXT4t5Vc+GPh0BpfJ5eVEbvhcM01nI
OdwqJK9QkX57TI4ApSe4X3RWiwSKDRmw+7+WzhFWkq5M3Mm2vW2zmpcyach5MUZh
uGDnTJQYlKf/FAEoRaJJGNr9UhZz1qG+v7YmQg9si2/BXoNu7fj+YJ1e6EkLPkpF
9rE6gKsgSwNFjeoIy1QN7q5dSVuXKbPt+wlWES/wfOR5
-----END CERTIFICATE-----
Generated at Tue Apr 8 07:08:44 2025 by rpki-client