Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/LywfEpGuYRv3XIVTiijvdMgfaMw.roa
File: LywfEpGuYRv3XIVTiijvdMgfaMw.roa (raw, json)
Hash identifier: +22H4QhFNT468HN8QMWdKLs/0+ro8QSVLqoJvGzLJ94=
Subject key identifier: 2F:2C:1F:12:91:AE:61:1B:F7:5C:85:53:8A:28:EF:74:C8:1F:68:CC
Certificate issuer: /CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Certificate serial: 0189E3A091E55E87048084C9F9C98C24F56A
Authority key identifier: A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/LywfEpGuYRv3XIVTiijvdMgfaMw.roa
Signing time: Fri 11 Aug 2023 08:04:58 +0000
ROA not before: Fri 11 Aug 2023 08:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56899
IP address blocks: 185.126.252.0/24 maxlen: 24
185.126.255.0/24 maxlen: 24
194.4.69.0/24 maxlen: 24
194.4.70.0/23 maxlen: 23
194.4.70.0/24 maxlen: 24
194.4.68.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e3:a0:91:e5:5e:87:04:80:84:c9:f9:c9:8c:24:f5:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a865bae25778beed8880c08df2d3f37fc37abc1e
Validity
Not Before: Aug 11 08:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f2c1f1291ae611bf75c85538a28ef74c81f68cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:ea:45:ca:38:af:b0:fe:2c:44:18:9d:d3:a3:
c7:e5:89:69:5d:3c:33:a8:23:0a:80:ed:dd:30:3d:
fb:69:f6:6f:4d:70:7e:03:5f:a6:05:04:bc:7f:45:
b4:7e:12:f6:e8:ef:27:83:77:dd:28:9e:4a:56:93:
59:49:5d:4c:44:91:02:30:f2:9e:79:7a:41:4c:9c:
a7:28:2f:21:c8:46:cf:af:71:df:60:ba:67:44:da:
1b:14:c0:f1:23:09:04:47:e0:57:e4:67:e9:ed:78:
f7:91:a5:e1:8e:10:50:00:e0:26:a9:27:59:cc:fd:
0b:26:92:98:40:ec:c1:8c:81:fd:49:ba:b4:8a:01:
12:da:35:32:55:05:95:48:59:32:07:e4:c8:6e:c6:
e5:3e:e7:46:ad:39:d1:c2:1f:28:91:ed:2e:17:4a:
16:a7:48:5d:56:d8:4c:a7:de:e6:25:ef:4d:8f:02:
44:80:bd:06:58:16:60:88:7b:ad:f1:ac:c6:61:6f:
ef:c9:86:5c:5c:f9:49:24:3c:a0:89:de:a1:36:9d:
94:5b:81:3f:2b:ed:9f:90:6f:81:fa:19:bd:b5:a8:
83:98:1b:ab:d5:29:0b:3e:e7:b9:48:8f:d8:22:e2:
b9:0b:f6:81:d4:0d:15:bd:e5:05:4a:9a:4a:dd:2a:
ca:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:2C:1F:12:91:AE:61:1B:F7:5C:85:53:8A:28:EF:74:C8:1F:68:CC
X509v3 Authority Key Identifier:
keyid:A8:65:BA:E2:57:78:BE:ED:88:80:C0:8D:F2:D3:F3:7F:C3:7A:BC:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGW64ld4vu2IgMCN8tPzf8N6vB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/LywfEpGuYRv3XIVTiijvdMgfaMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/6444d1-5f00-4e50-8019-1b6f750cf9a2/1/qGW64ld4vu2IgMCN8tPzf8N6vB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.252.0/24
185.126.255.0/24
194.4.68.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:38:15:b3:d9:d8:c8:52:85:9b:3f:c8:5f:d3:c3:b8:14:08:
34:64:5e:58:24:de:9e:56:ef:fd:f4:9f:8a:2a:d7:5d:2a:b8:
16:8d:e6:8b:55:6c:78:4a:d0:cc:13:fb:a1:0a:6c:d0:c1:5f:
6e:c3:37:b6:f0:46:d5:a9:35:d0:48:b4:c7:39:a7:f0:ab:a3:
e7:2f:00:f5:40:60:5f:26:1d:f1:40:32:84:78:1e:45:48:75:
17:ae:77:db:e5:c1:f8:d1:d6:d2:2e:db:2b:9f:bc:78:68:ab:
49:b4:b1:e0:e9:fb:fe:82:91:46:cb:ca:0b:ad:95:94:d5:92:
35:37:e9:5f:3b:c8:e4:b3:95:f7:c0:61:7e:b1:8e:78:7c:94:
d2:e8:8e:a8:07:c0:59:16:fb:01:7d:7b:13:81:07:82:01:0b:
5f:ae:31:cd:ce:50:48:08:6e:52:09:8d:a7:39:e8:88:fc:ac:
98:b9:17:a9:86:b8:45:e4:4c:fe:46:19:de:f9:d9:6f:c7:4b:
22:4b:0b:69:ba:08:5e:29:5f:e3:51:4e:cb:a3:ca:5a:5c:f3:
e3:70:2a:4b:ec:57:d1:e5:dc:3a:8c:3b:38:29:22:d5:94:75:
bc:32:62:b7:8e:d9:ac:8e:47:51:1a:84:2f:3b:07:d2:8a:e1:
d3:e8:42:23
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnjoJHlXocEgITJ+cmMJPVqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjViYWUyNTc3OGJlZWQ4ODgwYzA4ZGYyZDNmMzdmYzM3
YWJjMWUwHhcNMjMwODExMDgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjJjMWYxMjkxYWU2MTFiZjc1Yzg1NTM4YTI4ZWY3NGM4MWY2OGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhepFyjivsP4sRBid06PH5YlpXTwz
qCMKgO3dMD37afZvTXB+A1+mBQS8f0W0fhL26O8ng3fdKJ5KVpNZSV1MRJECMPKe
eXpBTJynKC8hyEbPr3HfYLpnRNobFMDxIwkER+BX5Gfp7Xj3kaXhjhBQAOAmqSdZ
zP0LJpKYQOzBjIH9Sbq0igES2jUyVQWVSFkyB+TIbsblPudGrTnRwh8oke0uF0oW
p0hdVthMp97mJe9NjwJEgL0GWBZgiHut8azGYW/vyYZcXPlJJDygid6hNp2UW4E/
K+2fkG+B+hm9taiDmBur1SkLPue5SI/YIuK5C/aB1A0VveUFSppK3SrKaQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC8sHxKRrmEb91yFU4oo73TIH2jMMB8GA1UdIwQY
MBaAFKhluuJXeL7tiIDAjfLT83/DerweMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTkt
MWI2Zjc1MGNmOWEyLzEvTHl3ZkVwR3VZUnYzWElWVGlpanZkTWdmYU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82NDQ0ZDEtNWYwMC00ZTUwLTgwMTktMWI2Zjc1MGNmOWEy
LzEvcUdXNjRsZDR2dTJJZ01DTjh0UHpmOE42dkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuX78AwQA
uX7/AwQCwgREMA0GCSqGSIb3DQEBCwUAA4IBAQBcOBWz2djIUoWbP8hf08O4FAg0
ZF5YJN6eVu/99J+KKtddKrgWjeaLVWx4StDME/uhCmzQwV9uwze28EbVqTXQSLTH
Oafwq6PnLwD1QGBfJh3xQDKEeB5FSHUXrnfb5cH40dbSLtsrn7x4aKtJtLHg6fv+
gpFGy8oLrZWU1ZI1N+lfO8jks5X3wGF+sY54fJTS6I6oB8BZFvsBfXsTgQeCAQtf
rjHNzlBICG5SCY2nOeiI/KyYuRephrhF5Ez+Rhne+dlvx0siSwtpugheKV/jUU7L
o8paXPPjcCpL7FfR5dw6jDs4KSLVlHW8MmK3jtmsjkdRGoQvOwfSiuHT6EIj
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:36 2025 by rpki-client