Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/Lpk0msRux8B7Us-QPFyFWTW7Mw0.roa
File: Lpk0msRux8B7Us-QPFyFWTW7Mw0.roa (raw, json)
Hash identifier: xmQb5XV+vgStuj8DQBXp+yNj4meEHkHWZXOvh1lGzF4=
Subject key identifier: 2E:99:34:9A:C4:6E:C7:C0:7B:52:CF:90:3C:5C:85:59:35:BB:33:0D
Certificate issuer: /CN=74ae941a681c1586379e07247dcc19f3f41035d8
Certificate serial: 01856DD40E1C4FA70CE54F0753FB2090B1B6
Authority key identifier: 74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/Lpk0msRux8B7Us-QPFyFWTW7Mw0.roa
Signing time: Sun 01 Jan 2023 14:54:51 +0000
ROA not before: Sun 01 Jan 2023 14:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49552
IP address blocks: 91.213.36.0/24 maxlen: 24
2001:67c:24::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:0e:1c:4f:a7:0c:e5:4f:07:53:fb:20:90:b1:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74ae941a681c1586379e07247dcc19f3f41035d8
Validity
Not Before: Jan 1 14:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e99349ac46ec7c07b52cf903c5c855935bb330d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:91:7d:d0:3d:95:26:56:09:f1:c7:e3:03:9b:
74:96:98:52:b3:f8:00:73:79:c3:48:cd:5b:c6:f0:
21:33:8d:2e:9f:be:0a:c3:93:d7:04:59:84:36:f8:
27:c5:61:92:c8:f9:27:34:81:19:c5:da:1d:78:3e:
6a:de:09:c9:f4:38:be:f2:59:ee:f3:92:67:b7:0b:
aa:b6:18:59:54:99:7c:94:28:bf:2f:2b:bd:0d:c9:
78:0a:44:b3:75:7c:d0:56:fa:cf:96:d8:fc:4d:c8:
43:9b:b2:40:e0:82:a9:ef:90:2e:58:35:7b:0a:74:
43:99:10:0a:7f:50:fc:bb:41:8b:2c:01:74:27:b9:
e1:77:1b:6d:3e:55:74:21:5e:4d:4e:50:a0:2c:d5:
c1:d3:a7:c7:9d:23:96:ea:c3:c5:f4:a3:71:ab:56:
b1:a2:83:3c:29:00:60:37:52:e9:5f:d9:f1:8b:b1:
6f:34:03:7a:1b:a3:26:49:42:a0:9e:32:b8:ea:cb:
07:ba:0e:be:57:4d:e6:da:62:c0:4a:02:de:86:74:
d7:58:ee:9a:64:af:74:34:13:fd:0e:59:6e:80:55:
02:ce:14:c6:96:c4:92:45:c4:79:44:16:89:c5:a9:
09:79:4b:25:4a:33:f0:60:a0:62:09:ab:e6:50:40:
76:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:99:34:9A:C4:6E:C7:C0:7B:52:CF:90:3C:5C:85:59:35:BB:33:0D
X509v3 Authority Key Identifier:
keyid:74:AE:94:1A:68:1C:15:86:37:9E:07:24:7D:CC:19:F3:F4:10:35:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dK6UGmgcFYY3ngckfcwZ8_QQNdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/Lpk0msRux8B7Us-QPFyFWTW7Mw0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/14e4c2-8a98-456e-9612-9429da87bd50/1/dK6UGmgcFYY3ngckfcwZ8_QQNdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.36.0/24
IPv6:
2001:67c:24::/48
Signature Algorithm: sha256WithRSAEncryption
6e:63:4d:dd:3d:fb:53:87:3b:1c:b9:0c:4e:e1:ca:5d:fd:a7:
e0:70:d7:33:4b:d8:11:cf:b1:aa:37:33:14:59:fb:7b:ed:63:
56:1d:fd:14:c1:82:ba:41:38:d0:c4:c0:1f:ab:22:3b:16:37:
98:77:39:af:72:1d:45:8b:87:1e:4d:e5:6e:f8:8a:42:87:57:
f5:e9:bf:a0:45:82:05:c0:24:c7:09:d3:ae:ec:b0:9f:41:50:
2a:02:61:85:ee:c6:20:4f:7d:28:ae:fd:07:02:d1:17:5b:1c:
49:e3:8e:05:d3:2f:e5:44:c3:0e:ae:64:dc:30:9c:a8:62:58:
49:43:51:7b:dc:80:56:d9:34:34:70:11:0a:d6:81:29:0e:0d:
c3:29:df:93:a4:8b:cd:ad:63:41:ba:bb:01:b6:ef:7e:d3:53:
a0:6d:0e:b8:1e:9d:25:ad:e0:26:50:0d:11:27:d6:1b:74:ca:
0d:47:1e:c8:fb:d2:1e:ef:db:1b:88:7f:23:01:24:22:8a:f4:
62:ee:df:a7:14:81:19:ed:26:41:16:96:9a:99:89:10:d6:77:
8b:7d:ab:be:87:1e:7a:98:6e:a6:58:90:78:8f:24:01:a1:7c:
6a:bd:fb:66:a8:90:71:7f:5d:99:5a:68:4a:ba:57:fc:53:69:
19:bc:fc:5c
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVt1A4cT6cM5U8HU/sgkLG2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YWU5NDFhNjgxYzE1ODYzNzllMDcyNDdkY2MxOWYzZjQx
MDM1ZDgwHhcNMjMwMTAxMTQ1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTk5MzQ5YWM0NmVjN2MwN2I1MmNmOTAzYzVjODU1OTM1YmIzMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpF90D2VJlYJ8cfjA5t0lphSs/gA
c3nDSM1bxvAhM40un74Kw5PXBFmENvgnxWGSyPknNIEZxdodeD5q3gnJ9Di+8lnu
85JntwuqthhZVJl8lCi/Lyu9Dcl4CkSzdXzQVvrPltj8TchDm7JA4IKp75AuWDV7
CnRDmRAKf1D8u0GLLAF0J7nhdxttPlV0IV5NTlCgLNXB06fHnSOW6sPF9KNxq1ax
ooM8KQBgN1LpX9nxi7FvNAN6G6MmSUKgnjK46ssHug6+V03m2mLASgLehnTXWO6a
ZK90NBP9DllugFUCzhTGlsSSRcR5RBaJxakJeUslSjPwYKBiCavmUEB2gQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFC6ZNJrEbsfAe1LPkDxchVk1uzMNMB8GA1UdIwQY
MBaAFHSulBpoHBWGN54HJH3MGfP0EDXYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTIt
OTQyOWRhODdiZDUwLzEvTHBrMG1zUnV4OEI3VXMtUVBGeUZXVFc3TXcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8xNGU0YzItOGE5OC00NTZlLTk2MTItOTQyOWRhODdiZDUw
LzEvZEs2VUdtZ2NGWVkzbmdja2Zjd1o4X1FRTmRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAW9UkMA8E
AgACMAkDBwAgAQZ8ACQwDQYJKoZIhvcNAQELBQADggEBAG5jTd09+1OHOxy5DE7h
yl39p+Bw1zNL2BHPsao3MxRZ+3vtY1Yd/RTBgrpBONDEwB+rIjsWN5h3Oa9yHUWL
hx5N5W74ikKHV/Xpv6BFggXAJMcJ067ssJ9BUCoCYYXuxiBPfSiu/QcC0RdbHEnj
jgXTL+VEww6uZNwwnKhiWElDUXvcgFbZNDRwEQrWgSkODcMp35Oki82tY0G6uwG2
737TU6BtDrgenSWt4CZQDREn1ht0yg1HHsj70h7v2xuIfyMBJCKK9GLu36cUgRnt
JkEWlpqZiRDWd4t9q76HHnqYbqZYkHiPJAGhfGq9+2aokHF/XZlaaEq6V/xTaRm8
/Fw=
-----END CERTIFICATE-----
Generated at Tue Apr 15 17:32:15 2025 by rpki-client