Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Lk8awco2RpnEBDY8wXLnkox6rrk.roa
File: Lk8awco2RpnEBDY8wXLnkox6rrk.roa (raw, json)
Hash identifier: eGD9DFxfgmGqQFHFVVh8ZKAo2qeF7Vs8nhrF2VTuVp8=
Subject key identifier: 2E:4F:1A:C1:CA:36:46:99:C4:04:36:3C:C1:72:E7:92:8C:7A:AE:B9
Certificate issuer: /CN=435e41960d590e99804e90b9af0365584c712c72
Certificate serial: 01856FA70E9219AE8673A414D929C10CA4AD
Authority key identifier: 43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Lk8awco2RpnEBDY8wXLnkox6rrk.roa
Signing time: Sun 01 Jan 2023 23:24:57 +0000
ROA not before: Sun 01 Jan 2023 23:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60887
IP address blocks: 185.196.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:a7:0e:92:19:ae:86:73:a4:14:d9:29:c1:0c:a4:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435e41960d590e99804e90b9af0365584c712c72
Validity
Not Before: Jan 1 23:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e4f1ac1ca364699c404363cc172e7928c7aaeb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:11:65:17:a9:4e:3f:24:97:b3:27:e2:79:e6:
9a:ef:d4:02:eb:86:3f:bb:03:99:1c:d4:bb:c4:f0:
54:7a:3c:6c:06:1e:fe:f6:56:de:79:40:16:3c:26:
b6:ba:01:48:1c:15:1b:d8:2a:42:43:0c:43:98:68:
3f:19:6c:30:9a:8d:25:0a:82:d3:6e:29:6d:e7:26:
20:d4:5a:59:0b:0c:41:c8:ab:53:45:f0:88:da:4f:
8b:5a:cb:1b:94:29:e7:b3:a4:e5:eb:5a:9e:ed:4b:
50:57:af:1e:11:18:c8:b3:c7:98:29:10:a9:f0:23:
28:3b:79:d8:3f:fe:1c:37:ee:7c:b6:bf:b4:9f:dd:
dd:54:a0:ea:53:44:61:49:88:1a:dd:f4:84:7f:7d:
63:d9:a2:10:a1:33:fc:7c:cf:b7:fb:b6:12:f8:1b:
59:31:a5:49:a7:e2:72:64:0b:9b:5f:fe:c3:9d:1b:
d1:7d:f6:ca:67:bc:45:06:29:47:66:76:12:71:34:
a9:34:a8:4a:d1:c0:d4:16:9d:41:31:82:65:de:be:
1f:9c:7c:c3:c4:e0:9c:ec:21:a5:30:93:ca:48:c8:
ef:a6:2b:bf:99:c7:1b:a3:92:01:32:57:55:27:c4:
ae:6e:73:98:44:00:68:f1:6d:fe:bf:30:8f:73:d2:
0d:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:4F:1A:C1:CA:36:46:99:C4:04:36:3C:C1:72:E7:92:8C:7A:AE:B9
X509v3 Authority Key Identifier:
keyid:43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Lk8awco2RpnEBDY8wXLnkox6rrk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.148.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:9a:07:d8:e7:70:9b:6b:fc:83:9b:6d:8d:63:71:93:6a:e5:
fe:64:49:7b:54:6b:91:1a:35:a2:d5:db:f9:e7:77:46:b7:61:
c1:94:e6:83:ea:74:12:e0:9a:85:7d:06:1c:fa:f8:ec:a2:bc:
23:f0:a9:32:f4:fc:d7:1c:a7:13:af:2a:2a:1c:18:09:6a:bd:
8e:a0:84:22:72:9b:fa:82:68:56:fe:1d:88:e0:e7:97:af:c4:
3c:ed:3d:b3:c3:bf:88:47:fe:08:68:32:d9:a4:62:a9:0b:db:
8b:34:b8:0d:4d:8c:60:d8:f9:f7:01:4e:29:89:ec:f0:0c:79:
5f:8d:5d:b7:ba:05:d1:5d:00:0f:b3:c6:bf:c3:6f:d0:7d:07:
9e:88:a4:23:03:91:bb:21:43:a6:36:01:90:4e:18:01:3e:51:
51:97:06:1e:2e:83:09:84:e8:70:61:74:8a:2f:eb:25:22:4e:
77:10:f8:5c:e9:38:70:d4:54:de:53:b1:9a:7c:f8:db:23:49:
bc:89:92:8c:1d:dc:11:e3:de:70:3f:14:ae:99:aa:90:b1:29:
8c:56:fb:e3:b7:b2:3d:4d:fb:41:0c:39:41:8b:1d:a0:11:df:
ed:9c:6a:51:4f:d0:ff:7d:43:2e:34:82:3d:48:fb:8f:e7:e0:
ae:c6:95:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvpw6SGa6Gc6QU2SnBDKStMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzNWU0MTk2MGQ1OTBlOTk4MDRlOTBiOWFmMDM2NTU4NGM3
MTJjNzIwHhcNMjMwMTAxMjMyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTRmMWFjMWNhMzY0Njk5YzQwNDM2M2NjMTcyZTc5MjhjN2FhZWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/RFlF6lOPySXsyfieeaa79QC64Y/
uwOZHNS7xPBUejxsBh7+9lbeeUAWPCa2ugFIHBUb2CpCQwxDmGg/GWwwmo0lCoLT
bilt5yYg1FpZCwxByKtTRfCI2k+LWssblCnns6Tl61qe7UtQV68eERjIs8eYKRCp
8CMoO3nYP/4cN+58tr+0n93dVKDqU0RhSYga3fSEf31j2aIQoTP8fM+3+7YS+BtZ
MaVJp+JyZAubX/7DnRvRffbKZ7xFBilHZnYScTSpNKhK0cDUFp1BMYJl3r4fnHzD
xOCc7CGlMJPKSMjvpiu/mccbo5IBMldVJ8SubnOYRABo8W3+vzCPc9INWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC5PGsHKNkaZxAQ2PMFy55KMeq65MB8GA1UdIwQY
MBaAFENeQZYNWQ6ZgE6Qua8DZVhMcSxyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAt
MDFiYjVmZDUzNGY1LzEvTGs4YXdjbzJScG5FQkRZOHdYTG5rb3g2cnJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC83ZTJmMjgtNWNhZS00ZTZmLWE1ZjAtMDFiYjVmZDUzNGY1
LzEvUTE1QmxnMVpEcG1BVHBDNXJ3TmxXRXh4TEhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucSUMA0G
CSqGSIb3DQEBCwUAA4IBAQA7mgfY53Cba/yDm22NY3GTauX+ZEl7VGuRGjWi1dv5
53dGt2HBlOaD6nQS4JqFfQYc+vjsorwj8Kky9PzXHKcTryoqHBgJar2OoIQicpv6
gmhW/h2I4OeXr8Q87T2zw7+IR/4IaDLZpGKpC9uLNLgNTYxg2Pn3AU4piezwDHlf
jV23ugXRXQAPs8a/w2/QfQeeiKQjA5G7IUOmNgGQThgBPlFRlwYeLoMJhOhwYXSK
L+slIk53EPhc6Thw1FTeU7GafPjbI0m8iZKMHdwR495wPxSumaqQsSmMVvvjt7I9
TftBDDlBix2gEd/tnGpRT9D/fUMuNII9SPuP5+CuxpWf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:22:17 2025 by rpki-client