Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/LkIplDRf4TETbvTEazXLdUsrE1c.roa
File: LkIplDRf4TETbvTEazXLdUsrE1c.roa (raw, json)
Hash identifier: iU0Ce//lvhYanej++LGuPMihwQkGKMqR9IRVrowGXGw=
Subject key identifier: 2E:42:29:94:34:5F:E1:31:13:6E:F4:C4:6B:35:CB:75:4B:2B:13:57
Certificate issuer: /CN=a92db9b80dfb9c95678b07ef2c953d63107f5f62
Certificate serial: 018C6417BC0D97C72B39E8DD5ABCDFB8C12D
Authority key identifier: A9:2D:B9:B8:0D:FB:9C:95:67:8B:07:EF:2C:95:3D:63:10:7F:5F:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS25uA37nJVniwfvLJU9YxB_X2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/LkIplDRf4TETbvTEazXLdUsrE1c.roa
Signing time: Wed 13 Dec 2023 16:52:06 +0000
ROA not before: Wed 13 Dec 2023 16:52:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398465
IP address blocks: 130.180.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:64:17:bc:0d:97:c7:2b:39:e8:dd:5a:bc:df:b8:c1:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92db9b80dfb9c95678b07ef2c953d63107f5f62
Validity
Not Before: Dec 13 16:52:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e422994345fe131136ef4c46b35cb754b2b1357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:cd:4b:c1:d0:ab:df:e8:b4:92:df:15:09:
80:19:52:30:5a:15:43:a5:cd:86:bd:ac:c7:4d:5b:
cd:03:44:2e:3e:b1:95:d5:db:58:34:5f:d8:43:e9:
c3:59:ed:29:41:d2:89:9f:fe:af:78:82:62:a3:b7:
0a:d1:2b:15:42:18:d0:f0:ee:af:a1:6a:b1:22:6f:
ee:37:c1:21:66:63:3a:90:40:63:82:ed:0b:6a:93:
59:c1:d1:96:28:d2:80:57:c9:72:46:8d:fa:af:2e:
0f:51:57:64:0c:6e:22:fe:68:63:81:cf:f9:93:67:
6a:84:b6:4d:7b:1a:61:2c:85:0c:44:56:f4:bf:68:
b9:09:88:ae:2e:ae:2c:7c:e5:0a:45:f7:9a:25:3b:
5b:e4:a9:b0:9b:62:74:51:f0:06:30:67:8a:a0:9e:
c5:9c:9e:76:3f:69:57:3a:02:a6:91:1c:f4:63:30:
5b:fc:a7:75:6c:68:1b:d2:f9:2b:d8:0b:49:2d:e3:
8f:a8:c1:e2:a8:3e:6c:b9:4d:b1:63:8b:2b:5b:4e:
3e:f1:8e:d8:81:50:09:78:88:25:19:8d:74:34:c1:
28:32:2f:bf:3c:cc:b4:6b:24:34:fe:eb:3c:f7:0f:
ce:f0:b7:c8:34:0c:14:07:67:1f:80:0d:66:71:26:
36:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:42:29:94:34:5F:E1:31:13:6E:F4:C4:6B:35:CB:75:4B:2B:13:57
X509v3 Authority Key Identifier:
keyid:A9:2D:B9:B8:0D:FB:9C:95:67:8B:07:EF:2C:95:3D:63:10:7F:5F:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS25uA37nJVniwfvLJU9YxB_X2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/LkIplDRf4TETbvTEazXLdUsrE1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/42b3bb-1935-478b-a302-cb7a5fd1ac47/1/qS25uA37nJVniwfvLJU9YxB_X2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.180.224.0/24
Signature Algorithm: sha256WithRSAEncryption
54:56:59:14:82:a6:e6:cc:23:31:65:a2:75:25:d1:c4:e6:eb:
ed:47:be:e8:1c:96:cd:27:09:78:57:ad:33:23:5c:a0:73:14:
c1:4a:f1:2a:60:e7:96:aa:a3:c9:81:1a:90:69:7f:a2:0d:db:
f9:78:eb:f5:5c:2b:59:68:ed:2c:b6:64:4b:38:b1:36:5b:6a:
e2:72:68:86:21:4c:b4:d5:de:22:80:48:2e:d9:69:21:8b:bd:
48:ca:bb:0b:86:a4:f7:f2:59:eb:92:52:96:bd:57:a1:54:e4:
10:db:79:8a:88:3a:e9:43:a5:82:d9:f8:00:f8:87:84:46:05:
ad:64:bf:fb:d6:f2:5f:61:56:31:62:35:ea:6a:98:da:7c:40:
0e:1a:01:46:a5:98:25:4c:34:48:9a:a3:ac:a8:18:5c:dd:3b:
52:db:12:6e:06:52:04:80:78:27:df:d3:40:58:6f:ab:33:13:
ac:41:0b:e4:53:73:45:71:74:f0:4c:16:1b:6b:b5:88:3d:94:
9b:74:4f:25:cc:11:f3:40:da:13:c9:bc:82:68:7e:15:dd:ba:
e1:19:cb:8a:14:9d:65:cb:d0:d4:5b:d2:84:dd:62:52:31:55:
5e:c4:bd:95:a2:0d:8a:c2:09:c6:9a:8e:4b:57:c5:d5:99:3b:
83:f5:45:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxkF7wNl8crOejdWrzfuMEtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRiOWI4MGRmYjljOTU2NzhiMDdlZjJjOTUzZDYzMTA3
ZjVmNjIwHhcNMjMxMjEzMTY1MjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTQyMjk5NDM0NWZlMTMxMTM2ZWY0YzQ2YjM1Y2I3NTRiMmIxMzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLPNS8HQq9/otJLfFQmAGVIwWhVD
pc2GvazHTVvNA0QuPrGV1dtYNF/YQ+nDWe0pQdKJn/6veIJio7cK0SsVQhjQ8O6v
oWqxIm/uN8EhZmM6kEBjgu0LapNZwdGWKNKAV8lyRo36ry4PUVdkDG4i/mhjgc/5
k2dqhLZNexphLIUMRFb0v2i5CYiuLq4sfOUKRfeaJTtb5Kmwm2J0UfAGMGeKoJ7F
nJ52P2lXOgKmkRz0YzBb/Kd1bGgb0vkr2AtJLeOPqMHiqD5suU2xY4srW04+8Y7Y
gVAJeIglGY10NMEoMi+/PMy0ayQ0/us89w/O8LfINAwUB2cfgA1mcSY2XwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5CKZQ0X+ExE270xGs1y3VLKxNXMB8GA1UdIwQY
MBaAFKktubgN+5yVZ4sH7yyVPWMQf19iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMyNXVBMzduSlZuaXdmdkxKVTlZeEJfWDJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC80MmIzYmItMTkzNS00NzhiLWEzMDIt
Y2I3YTVmZDFhYzQ3LzEvTGtJcGxEUmY0VEVUYnZURWF6WExkVXNyRTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC80MmIzYmItMTkzNS00NzhiLWEzMDItY2I3YTVmZDFhYzQ3
LzEvcVMyNXVBMzduSlZuaXdmdkxKVTlZeEJfWDJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgrTgMA0G
CSqGSIb3DQEBCwUAA4IBAQBUVlkUgqbmzCMxZaJ1JdHE5uvtR77oHJbNJwl4V60z
I1ygcxTBSvEqYOeWqqPJgRqQaX+iDdv5eOv1XCtZaO0stmRLOLE2W2ricmiGIUy0
1d4igEgu2Wkhi71IyrsLhqT38lnrklKWvVehVOQQ23mKiDrpQ6WC2fgA+IeERgWt
ZL/71vJfYVYxYjXqapjafEAOGgFGpZglTDRImqOsqBhc3TtS2xJuBlIEgHgn39NA
WG+rMxOsQQvkU3NFcXTwTBYba7WIPZSbdE8lzBHzQNoTybyCaH4V3brhGcuKFJ1l
y9DUW9KE3WJSMVVexL2Vog2KwgnGmo5LV8XVmTuD9UWE
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:22 2025 by rpki-client