Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/LzK1ndMNKfMpiL3HAzq5CIE3oVk.roa
File: LzK1ndMNKfMpiL3HAzq5CIE3oVk.roa (raw, json)
Hash identifier: X8aMGethv6cZmO6i0obHyeck/5t4beJ90gq+newDyH0=
Subject key identifier: 2F:32:B5:9D:D3:0D:29:F3:29:88:BD:C7:03:3A:B9:08:81:37:A1:59
Certificate issuer: /CN=aa31c98e3cab821c84ddeff2069e02259bd6e61c
Certificate serial: 0182F573817C42941B8661372E2F3DDE87D4
Authority key identifier: AA:31:C9:8E:3C:AB:82:1C:84:DD:EF:F2:06:9E:02:25:9B:D6:E6:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qjHJjjyrghyE3e_yBp4CJZvW5hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/LzK1ndMNKfMpiL3HAzq5CIE3oVk.roa
Signing time: Wed 31 Aug 2022 19:49:23 +0000
ROA not before: Wed 31 Aug 2022 19:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50673
IP address blocks: 91.195.80.0/24 maxlen: 24
91.195.81.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f5:73:81:7c:42:94:1b:86:61:37:2e:2f:3d:de:87:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa31c98e3cab821c84ddeff2069e02259bd6e61c
Validity
Not Before: Aug 31 19:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f32b59dd30d29f32988bdc7033ab9088137a159
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7b:80:fc:70:05:9b:eb:b2:f6:3e:a7:d6:2a:
cd:ca:6a:a9:0c:cc:ce:d8:93:9b:dc:15:19:ba:92:
6a:75:88:49:45:47:61:7d:73:19:44:42:e6:e0:ef:
b4:54:b7:ba:22:15:99:2f:e5:cb:39:dc:b0:b2:4a:
6f:ff:a6:94:e5:f6:08:ef:e9:be:82:4d:a0:c7:f0:
6c:a4:fc:e6:c7:87:40:1b:7a:0c:00:0a:46:70:f0:
8c:0a:d0:9d:e7:67:18:0e:0f:fc:d2:37:0f:91:e7:
98:5a:0e:5b:9e:a8:fb:b5:ed:3f:7f:8d:67:ca:ce:
b4:21:02:ab:9b:aa:42:d1:67:d3:0d:d0:46:a2:fe:
06:74:cb:ed:e4:bc:fd:38:a7:e1:fc:3d:0c:e8:e4:
73:9f:f8:11:d1:ef:9b:bf:d5:e2:8e:e1:12:19:16:
81:ee:76:6d:c7:50:b4:3e:e5:25:19:fa:27:b4:09:
e8:11:c0:4c:06:aa:61:bc:00:c6:01:9a:73:80:96:
8c:cb:a9:b3:1c:0e:9c:37:e2:8c:50:ec:de:3f:67:
97:2a:a1:ee:7c:e7:9a:5c:89:61:5e:37:f7:8b:83:
57:ea:f5:65:ac:e3:9c:70:a5:e9:d7:0a:12:51:a9:
d4:7f:5d:2c:ef:7b:d8:4f:ce:52:e4:c0:53:01:63:
6f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:32:B5:9D:D3:0D:29:F3:29:88:BD:C7:03:3A:B9:08:81:37:A1:59
X509v3 Authority Key Identifier:
keyid:AA:31:C9:8E:3C:AB:82:1C:84:DD:EF:F2:06:9E:02:25:9B:D6:E6:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qjHJjjyrghyE3e_yBp4CJZvW5hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/LzK1ndMNKfMpiL3HAzq5CIE3oVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/4b1d56-d25f-4f64-8a0c-05bff31c53fe/1/qjHJjjyrghyE3e_yBp4CJZvW5hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.195.80.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:b0:91:48:81:a8:c7:24:d4:a6:6b:89:73:e2:8e:4a:72:ab:
f5:17:ff:69:5b:1a:28:ba:ec:59:e5:e2:90:a2:9b:06:b7:06:
17:4a:38:cd:9d:67:ef:bc:5f:37:67:db:19:d8:72:32:5b:18:
f5:00:be:e3:04:8c:a8:8e:f9:72:0b:98:71:3b:67:5c:9f:f0:
44:ab:01:ff:a9:01:39:87:55:af:19:9d:68:95:32:82:b6:54:
86:dd:5d:95:0f:38:a3:2c:d2:74:41:f8:f8:cc:03:f5:39:39:
64:99:a7:8e:e4:97:99:b5:46:61:c4:cd:c3:6f:1b:06:03:64:
61:28:7f:69:85:01:70:e4:52:e4:c3:88:82:e6:58:e4:f9:00:
ad:10:97:2f:ea:d5:86:c9:cb:31:78:fa:81:20:ba:d0:0b:9c:
89:bf:fb:11:dc:af:ae:82:47:3d:2b:37:32:5b:0f:18:f8:d8:
9d:e6:0a:3c:54:6c:e2:d7:f5:2e:34:7a:75:f9:9e:8c:64:b8:
7f:1b:74:a6:a3:2e:02:a6:06:ee:2c:37:60:a9:29:e4:37:64:
3b:ef:e8:8b:31:19:ac:52:26:41:0e:82:dd:9b:3e:04:74:09:
56:15:c3:69:a3:ec:b0:56:f2:80:87:bc:fe:ed:d7:45:4f:fc:
42:1c:6d:98
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYL1c4F8QpQbhmE3Li893ofUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMzFjOThlM2NhYjgyMWM4NGRkZWZmMjA2OWUwMjI1OWJk
NmU2MWMwHhcNMjIwODMxMTk0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMyYjU5ZGQzMGQyOWYzMjk4OGJkYzcwMzNhYjkwODgxMzdhMTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3uA/HAFm+uy9j6n1irNymqpDMzO
2JOb3BUZupJqdYhJRUdhfXMZRELm4O+0VLe6IhWZL+XLOdywskpv/6aU5fYI7+m+
gk2gx/BspPzmx4dAG3oMAApGcPCMCtCd52cYDg/80jcPkeeYWg5bnqj7te0/f41n
ys60IQKrm6pC0WfTDdBGov4GdMvt5Lz9OKfh/D0M6ORzn/gR0e+bv9XijuESGRaB
7nZtx1C0PuUlGfontAnoEcBMBqphvADGAZpzgJaMy6mzHA6cN+KMUOzeP2eXKqHu
fOeaXIlhXjf3i4NX6vVlrOOccKXp1woSUanUf10s73vYT85S5MBTAWNvDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC8ytZ3TDSnzKYi9xwM6uQiBN6FZMB8GA1UdIwQY
MBaAFKoxyY48q4IchN3v8gaeAiWb1uYcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWpISmpqeXJnaHlFM2VfeUJwNENKWnZXNWh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny80YjFkNTYtZDI1Zi00ZjY0LThhMGMt
MDViZmYzMWM1M2ZlLzEvTHpLMW5kTU5LZk1waUwzSEF6cTVDSUUzb1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny80YjFkNTYtZDI1Zi00ZjY0LThhMGMtMDViZmYzMWM1M2Zl
LzEvcWpISmpqeXJnaHlFM2VfeUJwNENKWnZXNWh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW8NQMA0G
CSqGSIb3DQEBCwUAA4IBAQBrsJFIgajHJNSma4lz4o5Kcqv1F/9pWxoouuxZ5eKQ
opsGtwYXSjjNnWfvvF83Z9sZ2HIyWxj1AL7jBIyojvlyC5hxO2dcn/BEqwH/qQE5
h1WvGZ1olTKCtlSG3V2VDzijLNJ0Qfj4zAP1OTlkmaeO5JeZtUZhxM3DbxsGA2Rh
KH9phQFw5FLkw4iC5ljk+QCtEJcv6tWGycsxePqBILrQC5yJv/sR3K+ugkc9Kzcy
Ww8Y+Nid5go8VGzi1/UuNHp1+Z6MZLh/G3Smoy4CpgbuLDdgqSnkN2Q77+iLMRms
UiZBDoLdmz4EdAlWFcNpo+ywVvKAh7z+7ddFT/xCHG2Y
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:08:19 2025 by rpki-client