Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/aa7922-c2c0-47ae-9108-6030a9da3b89/1/lvKY2_D5EP_K1lZQj-9nqs2B3FM.roa
File: lvKY2_D5EP_K1lZQj-9nqs2B3FM.roa (raw, json)
Hash identifier: aGlt1avDZ0mdqY9yQovBLHmZSnhD7BxbeUodhlGQuWw=
Subject key identifier: 96:F2:98:DB:F0:F9:10:FF:CA:D6:56:50:8F:EF:67:AA:CD:81:DC:53
Certificate issuer: /CN=e1d7e9ff1278a14dc26ef33f9ff531d86eff5d03
Certificate serial: 01856FD510B8D71E5ACFC1CB805651EA7BDA
Authority key identifier: E1:D7:E9:FF:12:78:A1:4D:C2:6E:F3:3F:9F:F5:31:D8:6E:FF:5D:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4dfp_xJ4oU3CbvM_n_Ux2G7_XQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/aa7922-c2c0-47ae-9108-6030a9da3b89/1/lvKY2_D5EP_K1lZQj-9nqs2B3FM.roa
Signing time: Mon 02 Jan 2023 00:15:12 +0000
ROA not before: Mon 02 Jan 2023 00:15:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43521
IP address blocks: 185.52.58.0/23 maxlen: 23
78.41.176.0/21 maxlen: 21
185.52.56.0/23 maxlen: 23
185.52.56.0/22 maxlen: 22
87.117.152.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:10:b8:d7:1e:5a:cf:c1:cb:80:56:51:ea:7b:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1d7e9ff1278a14dc26ef33f9ff531d86eff5d03
Validity
Not Before: Jan 2 00:15:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96f298dbf0f910ffcad656508fef67aacd81dc53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:4d:e2:be:a3:e2:96:2a:c5:9e:49:00:3b:fc:
2d:ae:d6:e0:07:01:f5:08:91:9f:28:43:21:b4:8e:
bd:d3:b6:6f:ca:46:48:09:2d:87:68:c9:4b:a4:76:
44:8a:6e:56:f7:25:46:6c:a7:01:ff:6a:fa:82:83:
cc:cc:e4:c7:68:17:9b:f2:5e:ef:b2:ed:69:58:83:
01:9f:d2:9a:fb:c0:de:41:58:b2:dc:a2:c9:43:ed:
55:54:ab:1a:da:2c:5d:3d:68:1f:33:62:be:17:4a:
e4:be:87:52:a0:e3:73:5e:dc:43:bc:64:06:e8:92:
0f:c8:09:6c:e5:0c:fd:09:63:4a:a8:6f:aa:58:ba:
45:0a:e4:aa:98:6d:07:aa:d1:7a:fe:1e:5e:7a:87:
fe:d5:53:3f:0b:7f:5b:a0:25:c6:ea:9c:4c:38:f2:
fa:9b:01:61:2b:43:65:31:0e:ec:cb:d5:d1:bc:43:
21:83:43:9a:8e:0d:0a:d6:6f:41:60:b9:88:ae:de:
46:16:a7:e7:62:60:e5:85:c9:df:5e:1c:ca:cc:eb:
43:fc:31:76:a2:44:bf:c8:1e:9e:c2:5d:d0:7b:41:
5c:57:47:92:b8:11:1a:e7:2b:59:50:f5:a3:cd:d0:
98:6a:a4:bd:e7:d8:6e:b7:4f:b9:3d:22:19:e9:ba:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F2:98:DB:F0:F9:10:FF:CA:D6:56:50:8F:EF:67:AA:CD:81:DC:53
X509v3 Authority Key Identifier:
keyid:E1:D7:E9:FF:12:78:A1:4D:C2:6E:F3:3F:9F:F5:31:D8:6E:FF:5D:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4dfp_xJ4oU3CbvM_n_Ux2G7_XQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/aa7922-c2c0-47ae-9108-6030a9da3b89/1/lvKY2_D5EP_K1lZQj-9nqs2B3FM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/aa7922-c2c0-47ae-9108-6030a9da3b89/1/4dfp_xJ4oU3CbvM_n_Ux2G7_XQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.41.176.0/21
87.117.152.0/21
185.52.56.0/22
Signature Algorithm: sha256WithRSAEncryption
20:7f:82:76:d4:3f:dc:bf:c5:6e:32:7b:d0:05:b6:0b:b5:9b:
86:2c:d9:06:bf:58:76:88:c7:66:fc:ec:d5:fa:72:54:50:68:
93:87:6e:a7:53:5d:b2:f8:e9:0e:fe:fe:52:ea:2e:26:e9:11:
97:81:40:4f:30:8b:e8:45:30:8b:ba:d2:31:56:f6:3d:5f:d3:
62:bd:ba:9f:a6:ba:8c:55:39:4c:e0:9a:e7:5d:1a:9e:55:ca:
37:ad:c3:d0:32:fb:93:16:98:57:06:28:4f:04:92:13:03:98:
62:f9:16:e4:e0:04:f1:ed:f5:cf:05:2f:ad:03:ab:c5:c2:b3:
d0:c9:71:b3:17:68:ca:a4:27:5c:e6:e5:b6:58:fb:5e:86:44:
34:8c:24:e2:6a:b8:9e:53:d4:dc:f2:d6:d4:45:df:04:8e:7d:
10:fc:99:12:86:1a:ae:7c:98:c8:d2:d0:79:94:2a:61:08:3d:
fe:80:27:fd:5b:b5:97:32:f3:9d:27:f6:31:ea:c8:3d:db:80:
c5:a3:3f:4c:ff:1b:e9:41:3e:e2:a3:84:85:ba:c6:cf:f5:a8:
e8:6b:d9:08:6b:d9:a6:18:11:f8:c9:6b:cc:a7:df:b8:fc:3d:
76:6a:3d:1d:b6:8f:01:11:d4:d6:f1:7e:fb:09:ce:87:fc:2e:
f3:62:e1:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVv1RC41x5az8HLgFZR6nvaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxZDdlOWZmMTI3OGExNGRjMjZlZjMzZjlmZjUzMWQ4NmVm
ZjVkMDMwHhcNMjMwMTAyMDAxNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmYyOThkYmYwZjkxMGZmY2FkNjU2NTA4ZmVmNjdhYWNkODFkYzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuE3ivqPilirFnkkAO/wtrtbgBwH1
CJGfKEMhtI6907ZvykZICS2HaMlLpHZEim5W9yVGbKcB/2r6goPMzOTHaBeb8l7v
su1pWIMBn9Ka+8DeQViy3KLJQ+1VVKsa2ixdPWgfM2K+F0rkvodSoONzXtxDvGQG
6JIPyAls5Qz9CWNKqG+qWLpFCuSqmG0HqtF6/h5eeof+1VM/C39boCXG6pxMOPL6
mwFhK0NlMQ7sy9XRvEMhg0Oajg0K1m9BYLmIrt5GFqfnYmDlhcnfXhzKzOtD/DF2
okS/yB6ewl3Qe0FcV0eSuBEa5ytZUPWjzdCYaqS959hut0+5PSIZ6bo/aQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJbymNvw+RD/ytZWUI/vZ6rNgdxTMB8GA1UdIwQY
MBaAFOHX6f8SeKFNwm7zP5/1Mdhu/10DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGRmcF94SjRvVTNDYnZNX25fVXgyRzdfWFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC9hYTc5MjItYzJjMC00N2FlLTkxMDgt
NjAzMGE5ZGEzYjg5LzEvbHZLWTJfRDVFUF9LMWxaUWotOW5xczJCM0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC9hYTc5MjItYzJjMC00N2FlLTkxMDgtNjAzMGE5ZGEzYjg5
LzEvNGRmcF94SjRvVTNDYnZNX25fVXgyRzdfWFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDTimwAwQD
V3WYAwQCuTQ4MA0GCSqGSIb3DQEBCwUAA4IBAQAgf4J21D/cv8VuMnvQBbYLtZuG
LNkGv1h2iMdm/OzV+nJUUGiTh26nU12y+OkO/v5S6i4m6RGXgUBPMIvoRTCLutIx
VvY9X9NivbqfprqMVTlM4JrnXRqeVco3rcPQMvuTFphXBihPBJITA5hi+Rbk4ATx
7fXPBS+tA6vFwrPQyXGzF2jKpCdc5uW2WPtehkQ0jCTiarieU9Tc8tbURd8Ejn0Q
/JkShhqufJjI0tB5lCphCD3+gCf9W7WXMvOdJ/Yx6sg924DFoz9M/xvpQT7io4SF
usbP9ajoa9kIa9mmGBH4yWvMp9+4/D12aj0dto8BEdTW8X77Cc6H/C7zYuFD
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:59 2025 by rpki-client