Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/LVmmxSpqpLpcWcbO0nyNZ6zgcyo.roa
File: LVmmxSpqpLpcWcbO0nyNZ6zgcyo.roa (raw, json)
Hash identifier: gzFHlIdCmgw21Z7ESQyGU+6TiIXShgJ8w0dYRXNP514=
Subject key identifier: 2D:59:A6:C5:2A:6A:A4:BA:5C:59:C6:CE:D2:7C:8D:67:AC:E0:73:2A
Certificate issuer: /CN=335d831afcc9d74ccf3ee40a0eb68f99085b98dd
Certificate serial: 018B4CD42FD6BD02FACD99DF613307BDF7CC
Authority key identifier: 33:5D:83:1A:FC:C9:D7:4C:CF:3E:E4:0A:0E:B6:8F:99:08:5B:98:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M12DGvzJ10zPPuQKDraPmQhbmN0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/LVmmxSpqpLpcWcbO0nyNZ6zgcyo.roa
Signing time: Fri 20 Oct 2023 11:24:16 +0000
ROA not before: Fri 20 Oct 2023 11:24:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212665
IP address blocks: 91.196.6.0/24 maxlen: 24
2a12:64c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4c:d4:2f:d6:bd:02:fa:cd:99:df:61:33:07:bd:f7:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335d831afcc9d74ccf3ee40a0eb68f99085b98dd
Validity
Not Before: Oct 20 11:24:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d59a6c52a6aa4ba5c59c6ced27c8d67ace0732a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:af:34:cd:25:d7:36:af:a4:d5:7f:45:b9:d4:
9d:22:a8:71:b8:de:eb:05:41:01:3e:4d:2e:ab:2f:
0b:c6:8c:f2:bb:74:78:da:13:15:a0:5e:dd:99:e9:
65:d4:11:27:f0:e5:22:fa:62:72:aa:de:ed:89:1d:
df:cc:d5:44:d6:22:08:49:ab:05:34:cf:0d:31:5b:
ca:7a:8a:af:75:f7:c3:1b:86:ba:6e:e5:30:9a:83:
1f:31:a8:4d:ef:18:17:b7:f0:7a:11:e7:1e:11:a1:
0a:6e:8c:7c:81:ad:27:5b:8f:8f:58:31:cf:b2:54:
91:ef:5c:ae:85:4c:53:a6:c9:4a:5f:5f:0f:77:49:
95:95:df:29:78:15:ca:de:b0:04:09:b3:51:50:97:
11:1c:b7:2a:37:f9:84:1a:d1:bd:ec:b9:6c:e1:d0:
11:2c:e5:b2:4e:01:d5:8e:b8:83:b5:7c:c6:c0:f9:
7f:9f:b5:ce:5f:a5:c2:6e:87:4e:b8:11:b6:a5:a6:
99:41:11:15:e9:a2:e4:55:12:87:7a:14:c9:52:f4:
24:2d:18:79:32:e0:a4:16:f1:94:2b:c4:f2:62:95:
1c:e1:f4:ca:c5:a0:bf:4d:e3:a7:cb:ce:e6:47:b1:
96:74:39:37:4e:a9:2d:6b:62:54:c5:be:ca:b2:6e:
91:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:59:A6:C5:2A:6A:A4:BA:5C:59:C6:CE:D2:7C:8D:67:AC:E0:73:2A
X509v3 Authority Key Identifier:
keyid:33:5D:83:1A:FC:C9:D7:4C:CF:3E:E4:0A:0E:B6:8F:99:08:5B:98:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M12DGvzJ10zPPuQKDraPmQhbmN0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/LVmmxSpqpLpcWcbO0nyNZ6zgcyo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/59d987-fa5d-406f-9c6a-1d6076e0e290/1/M12DGvzJ10zPPuQKDraPmQhbmN0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.6.0/24
IPv6:
2a12:64c0::/29
Signature Algorithm: sha256WithRSAEncryption
cb:41:b3:a6:4f:cb:41:d8:4b:91:27:c9:c2:d9:42:d9:47:03:
a3:c8:5e:23:16:60:87:cd:57:b6:cd:71:23:d7:23:e8:b8:16:
15:ad:7d:cc:f5:28:eb:99:82:ff:b0:e4:dc:db:06:89:78:30:
74:d8:51:f0:0a:d0:2d:04:2a:bc:8e:7a:19:b2:31:4e:77:37:
ec:14:3e:4e:9b:59:00:a4:7e:81:5d:4f:ec:5a:c3:5a:42:10:
23:e9:7c:f0:45:be:e1:d1:d5:33:7f:72:68:99:99:29:50:e8:
e0:36:99:1e:82:05:55:b6:9c:a9:d5:bb:ac:3b:c1:f9:ce:df:
04:ce:e3:4f:86:de:e3:90:62:08:20:b0:dd:e3:67:03:14:7f:
4f:4d:5e:b7:7e:8f:48:bf:22:ef:9d:97:b6:23:42:a0:8f:b1:
71:ec:1d:86:54:4f:a8:aa:20:0e:0d:25:dc:9f:30:5b:a9:4c:
36:27:69:57:4f:8b:c3:7a:a9:bf:9f:d6:66:f9:6d:ea:9e:3f:
54:81:5c:cc:d1:79:62:76:78:01:02:79:bd:3d:e2:c2:d8:72:
f3:fd:cb:29:7c:5c:d1:0c:60:81:80:bf:0a:22:73:0d:8e:85:
1c:99:7b:5b:42:b2:01:bd:6d:3c:94:a4:66:3e:a8:42:3a:a3:
af:da:24:dc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYtM1C/WvQL6zZnfYTMHvffMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWQ4MzFhZmNjOWQ3NGNjZjNlZTQwYTBlYjY4Zjk5MDg1
Yjk4ZGQwHhcNMjMxMDIwMTEyNDE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDU5YTZjNTJhNmFhNGJhNWM1OWM2Y2VkMjdjOGQ2N2FjZTA3MzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAja80zSXXNq+k1X9FudSdIqhxuN7r
BUEBPk0uqy8Lxozyu3R42hMVoF7dmell1BEn8OUi+mJyqt7tiR3fzNVE1iIISasF
NM8NMVvKeoqvdffDG4a6buUwmoMfMahN7xgXt/B6EeceEaEKbox8ga0nW4+PWDHP
slSR71yuhUxTpslKX18Pd0mVld8peBXK3rAECbNRUJcRHLcqN/mEGtG97Lls4dAR
LOWyTgHVjriDtXzGwPl/n7XOX6XCbodOuBG2paaZQREV6aLkVRKHehTJUvQkLRh5
MuCkFvGUK8TyYpUc4fTKxaC/TeOny87mR7GWdDk3Tqkta2JUxb7Ksm6RGwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC1ZpsUqaqS6XFnGztJ8jWes4HMqMB8GA1UdIwQY
MBaAFDNdgxr8yddMzz7kCg62j5kIW5jdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTEyREd2ekoxMHpQUHVRS0RyYVBtUWhibU4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC81OWQ5ODctZmE1ZC00MDZmLTljNmEt
MWQ2MDc2ZTBlMjkwLzEvTFZtbXhTcHFwTHBjV2NiTzBueU5aNnpnY3lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC81OWQ5ODctZmE1ZC00MDZmLTljNmEtMWQ2MDc2ZTBlMjkw
LzEvTTEyREd2ekoxMHpQUHVRS0RyYVBtUWhibU4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8QGMA0E
AgACMAcDBQMqEmTAMA0GCSqGSIb3DQEBCwUAA4IBAQDLQbOmT8tB2EuRJ8nC2ULZ
RwOjyF4jFmCHzVe2zXEj1yPouBYVrX3M9SjrmYL/sOTc2waJeDB02FHwCtAtBCq8
jnoZsjFOdzfsFD5Om1kApH6BXU/sWsNaQhAj6XzwRb7h0dUzf3JomZkpUOjgNpke
ggVVtpyp1busO8H5zt8EzuNPht7jkGIIILDd42cDFH9PTV63fo9IvyLvnZe2I0Kg
j7Fx7B2GVE+oqiAODSXcnzBbqUw2J2lXT4vDeqm/n9Zm+W3qnj9UgVzM0XlidngB
Anm9PeLC2HLz/cspfFzRDGCBgL8KInMNjoUcmXtbQrIBvW08lKRmPqhCOqOv2iTc
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:18 2025 by rpki-client