Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/lavVP1vs6NiqDdkh6TgYxskwifY.roa
File: lavVP1vs6NiqDdkh6TgYxskwifY.roa (raw, json)
Hash identifier: J6KJRfxVevD+towF3GNg3J7O15GxRhbQZD3Y5ksZAM8=
Subject key identifier: 95:AB:D5:3F:5B:EC:E8:D8:AA:0D:D9:21:E9:38:18:C6:C9:30:89:F6
Certificate issuer: /CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Certificate serial: 018441F9A3844CCFD280E54376B96F5AF358
Authority key identifier: 96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/lavVP1vs6NiqDdkh6TgYxskwifY.roa
Signing time: Fri 04 Nov 2022 09:29:50 +0000
ROA not before: Fri 04 Nov 2022 09:29:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 213222
IP address blocks: 91.220.113.0/24 maxlen: 24
176.126.120.0/24 maxlen: 24
2a06:ef00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:f9:a3:84:4c:cf:d2:80:e5:43:76:b9:6f:5a:f3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96271b62d18e4ac77c6109690eaae4cc34d0e9b6
Validity
Not Before: Nov 4 09:29:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95abd53f5bece8d8aa0dd921e93818c6c93089f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9c:d8:5e:7d:21:7f:57:9a:56:1f:f7:95:13:
72:d9:60:c1:a1:b6:89:09:96:33:53:1e:ba:bf:f5:
4f:ba:2e:1a:31:e4:92:d5:6b:26:9c:1d:a3:28:78:
75:6a:8d:2e:4a:68:5b:6d:20:3c:87:c0:bc:42:2d:
9f:d1:b1:1e:01:b3:92:8b:de:b3:23:b8:1c:2e:64:
b3:03:65:b4:b4:84:5d:9b:5d:cd:b6:9e:80:f2:f2:
6d:6e:0b:bc:2f:cd:1d:22:31:a4:9c:94:fa:f0:67:
15:16:6b:0e:78:54:51:cd:77:ce:e1:a6:19:3b:7e:
30:fa:5b:34:16:63:8e:8a:90:d7:eb:00:c8:7f:7e:
17:f7:de:5f:1c:d8:23:56:ed:5a:09:f4:72:28:b8:
3c:2f:a1:0f:a8:20:1e:7a:95:4c:16:38:d6:61:b0:
e0:a8:1b:d5:b8:10:14:1a:18:d5:ac:01:f7:f6:f0:
62:53:0f:fe:34:4f:48:31:0f:4b:1f:bd:dc:ef:bb:
6c:d8:93:76:b1:8a:47:68:b0:5c:93:0d:7c:59:67:
c2:ba:dd:2e:dc:13:cf:80:86:4f:fa:05:1a:61:8a:
ca:24:0d:bd:64:38:63:11:06:37:56:9f:33:df:00:
62:02:d3:10:8c:c3:65:4c:b7:77:13:4b:63:0a:f9:
1a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:AB:D5:3F:5B:EC:E8:D8:AA:0D:D9:21:E9:38:18:C6:C9:30:89:F6
X509v3 Authority Key Identifier:
keyid:96:27:1B:62:D1:8E:4A:C7:7C:61:09:69:0E:AA:E4:CC:34:D0:E9:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/licbYtGOSsd8YQlpDqrkzDTQ6bY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/lavVP1vs6NiqDdkh6TgYxskwifY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f6b60b-5808-48a2-8203-1ca3fbbfba3f/1/licbYtGOSsd8YQlpDqrkzDTQ6bY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.113.0/24
176.126.120.0/24
IPv6:
2a06:ef00::/29
Signature Algorithm: sha256WithRSAEncryption
1d:27:37:a0:7a:d4:1f:71:e9:06:46:14:9b:1d:47:ae:19:8d:
c1:5c:23:cd:0a:bf:3c:c7:82:9b:49:3e:4b:8b:b3:e0:2f:a3:
a5:9d:a0:6b:be:92:9f:21:e9:24:14:47:53:df:03:a7:17:dd:
57:e3:4d:95:ba:05:5e:32:fb:b1:11:d5:77:8d:3c:83:e1:aa:
aa:6c:ac:35:3f:94:c2:dd:18:6f:77:8e:06:e7:f4:6f:bf:5b:
23:d3:29:97:a9:34:8c:be:e1:b3:79:37:9d:f5:71:40:3d:f7:
fd:fb:f6:0d:2f:74:e0:cd:e5:c1:d3:a0:6d:59:c9:cc:9c:42:
de:36:5f:ee:76:1f:a5:d7:fc:6d:8a:bb:ee:62:e1:0e:48:c9:
a8:4b:82:e4:c4:96:9e:47:73:ce:a8:ec:b5:3a:f5:a6:31:b3:
b2:a3:e5:86:39:ab:2b:30:e4:92:ef:84:b2:c7:27:16:3a:39:
94:03:32:ab:e3:f5:24:96:e3:71:b8:6a:f7:ca:d3:d6:da:3f:
d5:65:7e:b2:bb:53:c6:4b:f4:90:bd:a7:3c:4e:6a:29:27:72:
33:79:37:1f:16:61:4f:5a:18:20:00:ec:7a:25:0a:ba:9a:40:
f3:df:75:ed:ef:b7:6b:c3:f5:02:37:9e:9e:79:f9:29:c2:d9:
97:14:81:d9
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYRB+aOETM/SgOVDdrlvWvNYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MjcxYjYyZDE4ZTRhYzc3YzYxMDk2OTBlYWFlNGNjMzRk
MGU5YjYwHhcNMjIxMTA0MDkyOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWFiZDUzZjViZWNlOGQ4YWEwZGQ5MjFlOTM4MThjNmM5MzA4OWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpzYXn0hf1eaVh/3lRNy2WDBobaJ
CZYzUx66v/VPui4aMeSS1WsmnB2jKHh1ao0uSmhbbSA8h8C8Qi2f0bEeAbOSi96z
I7gcLmSzA2W0tIRdm13Ntp6A8vJtbgu8L80dIjGknJT68GcVFmsOeFRRzXfO4aYZ
O34w+ls0FmOOipDX6wDIf34X995fHNgjVu1aCfRyKLg8L6EPqCAeepVMFjjWYbDg
qBvVuBAUGhjVrAH39vBiUw/+NE9IMQ9LH73c77ts2JN2sYpHaLBckw18WWfCut0u
3BPPgIZP+gUaYYrKJA29ZDhjEQY3Vp8z3wBiAtMQjMNlTLd3E0tjCvkaJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJWr1T9b7OjYqg3ZIek4GMbJMIn2MB8GA1UdIwQY
MBaAFJYnG2LRjkrHfGEJaQ6q5Mw00Om2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMt
MWNhM2ZiYmZiYTNmLzEvbGF2VlAxdnM2TmlxRGRraDZUZ1l4c2t3aWZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mNmI2MGItNTgwOC00OGEyLTgyMDMtMWNhM2ZiYmZiYTNm
LzEvbGljYll0R09Tc2Q4WVFscERxcmt6RFRRNmJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9xxAwQA
sH54MA0EAgACMAcDBQMqBu8AMA0GCSqGSIb3DQEBCwUAA4IBAQAdJzegetQfcekG
RhSbHUeuGY3BXCPNCr88x4KbST5Li7PgL6OlnaBrvpKfIekkFEdT3wOnF91X402V
ugVeMvuxEdV3jTyD4aqqbKw1P5TC3Rhvd44G5/Rvv1sj0ymXqTSMvuGzeTed9XFA
Pff9+/YNL3TgzeXB06BtWcnMnELeNl/udh+l1/xtirvuYuEOSMmoS4LkxJaeR3PO
qOy1OvWmMbOyo+WGOasrMOSS74SyxycWOjmUAzKr4/UkluNxuGr3ytPW2j/VZX6y
u1PGS/SQvac8TmopJ3IzeTcfFmFPWhggAOx6JQq6mkDz33Xt77drw/UCN56eefkp
wtmXFIHZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:32:38 2025 by rpki-client