Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/lpA4-LC1dsuoGgavdwRYg8gSvkA.roa
File: lpA4-LC1dsuoGgavdwRYg8gSvkA.roa (raw, json)
Hash identifier: GySbjeySFgVJPbzJF9koL7NBsunOQa1D2rYlKoD92ec=
Subject key identifier: 96:90:38:F8:B0:B5:76:CB:A8:1A:06:AF:77:04:58:83:C8:12:BE:40
Certificate issuer: /CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Certificate serial: 075D346E
Authority key identifier: 65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/lpA4-LC1dsuoGgavdwRYg8gSvkA.roa
Signing time: Sat 01 Jan 2022 15:02:18 +0000
ROA not before: Sat 01 Jan 2022 15:02:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62214
IP address blocks: 139.28.140.0/22 maxlen: 22
2a09:740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 123548782 (0x75d346e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596fb89a8a23cbe4f2adb165c89f26de8ab7876
Validity
Not Before: Jan 1 15:02:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=969038f8b0b576cba81a06af77045883c812be40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:98:e2:3d:83:87:b5:a7:71:24:f8:5c:cb:89:
2c:76:2b:3f:f4:72:a8:e2:7e:9d:40:b8:dc:40:bc:
56:9f:0b:3c:f7:32:e3:e0:b4:5d:ea:80:b9:e6:13:
7b:d6:58:10:f3:40:68:db:ce:e1:0f:91:3d:10:b6:
7c:c7:8c:d8:c3:33:d1:97:fb:72:8e:04:6d:71:d5:
8e:bd:f0:35:e3:8e:4f:c2:53:3f:8a:13:9f:16:e0:
43:8d:e4:61:1e:a2:06:bb:ab:92:7b:d1:13:3c:85:
2e:02:06:a2:90:55:d2:39:8e:0d:27:56:4b:c9:98:
db:d4:3b:90:e1:a9:0a:27:24:d6:ec:79:10:c2:d2:
7c:73:92:59:2a:b8:c4:4b:4d:6b:12:03:20:7f:bd:
3f:0c:84:2f:d7:b9:31:87:78:65:2f:4b:3d:1c:d5:
57:00:c3:63:f3:db:e6:f1:6e:35:19:45:70:35:0d:
85:65:53:f6:e8:39:81:3e:1e:aa:fb:26:35:3f:da:
a1:88:36:29:7e:a5:71:f4:43:df:32:96:be:55:0a:
09:07:e7:fb:61:64:ac:5a:b8:e7:23:0b:a4:9a:ef:
4f:96:a5:f1:25:01:f3:ab:b7:37:f7:dd:51:ab:90:
7d:a2:70:24:8e:d2:e3:8d:37:e4:2f:db:9f:95:d0:
d3:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:90:38:F8:B0:B5:76:CB:A8:1A:06:AF:77:04:58:83:C8:12:BE:40
X509v3 Authority Key Identifier:
keyid:65:96:FB:89:A8:A2:3C:BE:4F:2A:DB:16:5C:89:F2:6D:E8:AB:78:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZb7iaiiPL5PKtsWXInybeireHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/lpA4-LC1dsuoGgavdwRYg8gSvkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/d743df-5f6f-4f17-a225-202e19c088b1/1/ZZb7iaiiPL5PKtsWXInybeireHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.140.0/22
IPv6:
2a09:740::/32
Signature Algorithm: sha256WithRSAEncryption
10:e8:fa:bc:50:2e:b9:3c:f0:0c:83:ce:7a:01:31:ed:9c:16:
ab:4c:3a:b2:95:f0:fe:35:fd:19:a6:95:61:58:24:0c:20:f8:
fe:a0:80:16:37:00:1d:48:52:fc:8f:da:9c:ae:fb:36:08:80:
ee:3d:5a:16:20:47:ef:08:d1:30:f4:da:49:5c:50:00:69:62:
12:81:6e:3a:80:54:77:70:c3:a8:ee:a8:3f:7f:f2:29:91:25:
e8:30:af:36:45:09:9e:80:a2:32:5e:3d:2e:f5:c3:d1:60:cc:
07:0e:57:34:86:f2:d5:31:5f:ef:ea:1b:7e:f3:4d:32:a6:6c:
af:60:f6:8d:a4:45:c7:47:ae:96:54:42:df:76:ef:6c:6d:cd:
6a:68:70:91:6d:53:48:2a:83:70:35:bc:aa:f0:fb:a8:0c:7d:
06:bb:d0:19:c7:22:cb:f2:1b:53:79:20:82:0a:a1:e3:6f:98:
a0:09:09:bf:fe:1b:85:bd:3d:13:e4:c6:83:00:2b:ec:78:51:
8f:e0:bb:c0:38:51:6c:f6:a1:f9:44:50:6a:46:64:f2:2d:20:
8b:90:a9:d8:e3:53:fd:f1:86:c8:38:5e:39:7a:93:69:c0:77:
00:a8:bc:79:7a:06:d0:35:a8:7c:57:77:d4:41:7f:76:d8:75:
bb:50:75:6b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEB100bjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTk2ZmI4OWE4YTIzY2JlNGYyYWRiMTY1Yzg5ZjI2ZGU4YWI3ODc2MB4XDTIyMDEw
MTE1MDIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTY5MDM4ZjhiMGI1
NzZjYmE4MWEwNmFmNzcwNDU4ODNjODEyYmU0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI2Y4j2Dh7WncST4XMuJLHYrP/RyqOJ+nUC43EC8Vp8LPPcy
4+C0XeqAueYTe9ZYEPNAaNvO4Q+RPRC2fMeM2MMz0Zf7co4EbXHVjr3wNeOOT8JT
P4oTnxbgQ43kYR6iBrurknvREzyFLgIGopBV0jmODSdWS8mY29Q7kOGpCick1ux5
EMLSfHOSWSq4xEtNaxIDIH+9PwyEL9e5MYd4ZS9LPRzVVwDDY/Pb5vFuNRlFcDUN
hWVT9ug5gT4eqvsmNT/aoYg2KX6lcfRD3zKWvlUKCQfn+2FkrFq45yMLpJrvT5al
8SUB86u3N/fdUauQfaJwJI7S44035C/bn5XQ050CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSWkDj4sLV2y6gaBq93BFiDyBK+QDAfBgNVHSMEGDAWgBRllvuJqKI8vk8q
2xZcifJt6Kt4djAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1paYjdpYWlpUEw1UEt0c1dYSW55YmVpcmVIWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvZDc0M2RmLTVmNmYtNGYxNy1hMjI1LTIwMmUxOWMwODhiMS8x
L2xwQTQtTEMxZHN1b0dnYXZkd1JZZzhnU3ZrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
ZDc0M2RmLTVmNmYtNGYxNy1hMjI1LTIwMmUxOWMwODhiMS8xL1paYjdpYWlpUEw1
UEt0c1dYSW55YmVpcmVIWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAoscjDANBAIAAjAHAwUAKgkHQDAN
BgkqhkiG9w0BAQsFAAOCAQEAEOj6vFAuuTzwDIPOegEx7ZwWq0w6spXw/jX9GaaV
YVgkDCD4/qCAFjcAHUhS/I/anK77NgiA7j1aFiBH7wjRMPTaSVxQAGliEoFuOoBU
d3DDqO6oP3/yKZEl6DCvNkUJnoCiMl49LvXD0WDMBw5XNIby1TFf7+obfvNNMqZs
r2D2jaRFx0eullRC33bvbG3NamhwkW1TSCqDcDW8qvD7qAx9BrvQGcciy/IbU3kg
ggqh42+YoAkJv/4bhb09E+TGgwAr7HhRj+C7wDhRbPah+URQakZk8i0gi5Cp2ONT
/fGGyDheOXqTacB3AKi8eXoG0DWofFd31EF/dth1u1B1aw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:41:34 2025 by rpki-client