Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/LMNYl9ddzrmfF9S3IUsbL5vYox4.roa
File: LMNYl9ddzrmfF9S3IUsbL5vYox4.roa (raw, json)
Hash identifier: k+1EW3A8e9fCX/4IW2zqlci7pYxlt1BLjGk2j6ELDEA=
Subject key identifier: 2C:C3:58:97:D7:5D:CE:B9:9F:17:D4:B7:21:4B:1B:2F:9B:D8:A3:1E
Certificate issuer: /CN=6a17de1887fcfa9244b931d96da82678c0147663
Certificate serial: 01856D78A456B5D8BEC00B1E903D5AC57AC8
Authority key identifier: 6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/LMNYl9ddzrmfF9S3IUsbL5vYox4.roa
Signing time: Sun 01 Jan 2023 13:15:00 +0000
ROA not before: Sun 01 Jan 2023 13:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56821
IP address blocks: 89.239.24.0/21 maxlen: 21
2a02:4007::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:78:a4:56:b5:d8:be:c0:0b:1e:90:3d:5a:c5:7a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a17de1887fcfa9244b931d96da82678c0147663
Validity
Not Before: Jan 1 13:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cc35897d75dceb99f17d4b7214b1b2f9bd8a31e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f7:b9:da:60:69:78:77:5d:dd:1a:58:27:96:
ab:54:bd:88:93:32:aa:b8:51:5b:0f:e9:3a:85:cd:
30:33:ca:aa:0f:d0:20:e2:38:19:a5:06:f6:a3:52:
f1:52:1b:56:15:ad:4f:b4:48:c1:5e:a2:b0:2f:7e:
3a:3d:2a:61:a8:00:62:f7:92:c4:4c:fc:bd:c4:0d:
fd:5c:01:5f:60:e3:51:76:31:8c:f1:07:dd:92:d4:
46:af:1b:5e:c0:1b:de:bb:03:6f:46:16:a7:cd:19:
0f:4f:17:89:c1:af:1b:ad:5a:24:4b:f8:57:6f:18:
8c:83:93:94:71:d3:2f:04:a4:33:8a:b0:55:d2:61:
6d:c9:fc:78:5d:44:5f:f7:0a:28:96:a5:b9:87:d2:
6c:ee:b1:29:83:f4:57:1c:89:cd:ba:61:28:0f:ff:
49:bc:12:ff:20:cf:41:95:77:9e:75:8c:5d:fb:04:
2c:8f:b6:79:1e:4c:c2:71:25:e5:0d:a0:13:54:f1:
84:8a:54:cb:50:64:7d:aa:01:a8:7c:a2:33:07:91:
01:d9:59:2c:e6:39:15:d5:f5:95:8d:96:db:c0:3c:
77:31:aa:80:34:83:3e:cc:78:7f:c4:66:e5:f6:c1:
b8:a6:01:9f:c5:fa:e5:7a:8c:ca:b0:d2:99:6d:af:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C3:58:97:D7:5D:CE:B9:9F:17:D4:B7:21:4B:1B:2F:9B:D8:A3:1E
X509v3 Authority Key Identifier:
keyid:6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/LMNYl9ddzrmfF9S3IUsbL5vYox4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.239.24.0/21
IPv6:
2a02:4007::/32
Signature Algorithm: sha256WithRSAEncryption
09:75:4f:94:75:f5:12:5f:16:e5:3c:ba:ff:a9:61:ed:00:65:
25:75:f1:fd:f0:46:45:01:df:13:d3:a8:fb:2c:41:23:cd:d3:
0a:ba:b8:d6:fc:60:9c:26:4e:8a:aa:b1:e6:3c:dc:ff:1c:55:
d6:71:db:e7:a7:81:c0:10:29:d6:90:8a:b7:89:49:bb:c0:dc:
2d:3d:35:6b:c9:e8:56:9f:91:80:03:56:0a:d5:17:21:3c:d1:
57:b1:fd:e0:71:21:19:2c:fb:bc:f6:4e:96:8b:eb:21:c9:c5:
f0:23:34:fe:9b:e2:db:78:9f:55:66:d6:d7:b3:ae:5f:00:b5:
20:99:3c:1e:1c:c0:90:70:66:2c:d8:47:b6:ee:9c:df:4f:f1:
8a:2e:d4:af:24:03:91:9d:a8:75:4a:61:42:fa:1a:20:da:63:
18:31:13:dd:ad:e9:2f:0a:c8:bc:87:ab:4d:68:27:3b:87:59:
f1:ca:b7:92:8e:fe:cd:0b:5c:9d:ac:d7:b1:3e:20:10:7d:50:
82:34:38:3c:33:40:ae:5c:cf:10:4c:74:7a:86:5d:14:df:45:
e0:b2:d7:e7:6f:c9:5d:78:dc:1b:8e:b1:78:45:9f:c9:e9:8a:
d9:06:75:f3:ac:7d:f2:cd:7b:0a:86:d9:6d:44:ac:b6:9f:41:
3d:05:84:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVteKRWtdi+wAsekD1axXrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTdkZTE4ODdmY2ZhOTI0NGI5MzFkOTZkYTgyNjc4YzAx
NDc2NjMwHhcNMjMwMTAxMTMxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2MzNTg5N2Q3NWRjZWI5OWYxN2Q0YjcyMTRiMWIyZjliZDhhMzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfe52mBpeHdd3RpYJ5arVL2IkzKq
uFFbD+k6hc0wM8qqD9Ag4jgZpQb2o1LxUhtWFa1PtEjBXqKwL346PSphqABi95LE
TPy9xA39XAFfYONRdjGM8QfdktRGrxtewBveuwNvRhanzRkPTxeJwa8brVokS/hX
bxiMg5OUcdMvBKQzirBV0mFtyfx4XURf9woolqW5h9Js7rEpg/RXHInNumEoD/9J
vBL/IM9BlXeedYxd+wQsj7Z5HkzCcSXlDaATVPGEilTLUGR9qgGofKIzB5EB2Vks
5jkV1fWVjZbbwDx3MaqANIM+zHh/xGbl9sG4pgGfxfrleozKsNKZba/n/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCzDWJfXXc65nxfUtyFLGy+b2KMeMB8GA1UdIwQY
MBaAFGoX3hiH/PqSRLkx2W2oJnjAFHZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzIt
MDc5OWE1MmE2Mzg3LzEvTE1OWWw5ZGR6cm1mRjlTM0lVc2JMNXZZb3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzItMDc5OWE1MmE2Mzg3
LzEvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWe8YMA0E
AgACMAcDBQAqAkAHMA0GCSqGSIb3DQEBCwUAA4IBAQAJdU+UdfUSXxblPLr/qWHt
AGUldfH98EZFAd8T06j7LEEjzdMKurjW/GCcJk6KqrHmPNz/HFXWcdvnp4HAECnW
kIq3iUm7wNwtPTVryehWn5GAA1YK1RchPNFXsf3gcSEZLPu89k6Wi+shycXwIzT+
m+LbeJ9VZtbXs65fALUgmTweHMCQcGYs2Ee27pzfT/GKLtSvJAORnah1SmFC+hog
2mMYMRPdrekvCsi8h6tNaCc7h1nxyreSjv7NC1ydrNexPiAQfVCCNDg8M0CuXM8Q
THR6hl0U30Xgstfnb8ldeNwbjrF4RZ/J6YrZBnXzrH3yzXsKhtltRKy2n0E9BYRC
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:55:02 2025 by rpki-client