Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/LySskLyLI7I_Jpq5dmSp3cVtU0s.roa
File: LySskLyLI7I_Jpq5dmSp3cVtU0s.roa (raw, json)
Hash identifier: lCj6+HyQ0ZvUAYYfr7bvh9yiwD4EwTgofqEDFip2gAI=
Subject key identifier: 2F:24:AC:90:BC:8B:23:B2:3F:26:9A:B9:76:64:A9:DD:C5:6D:53:4B
Certificate issuer: /CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Certificate serial: 18A331AB
Authority key identifier: CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/LySskLyLI7I_Jpq5dmSp3cVtU0s.roa
Signing time: Sat 01 Jan 2022 07:59:00 +0000
ROA not before: Sat 01 Jan 2022 07:59:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 91.102.189.0/24 maxlen: 24
91.102.191.0/24 maxlen: 24
91.102.190.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 413348267 (0x18a331ab)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cec3b347a216bc437b0bd4cf0bc8cda65e8c2d3b
Validity
Not Before: Jan 1 07:59:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f24ac90bc8b23b23f269ab97664a9ddc56d534b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:99:ec:1a:d4:0e:8a:7c:57:94:7f:53:f2:24:
3d:25:bb:e4:ef:a8:8d:2f:28:91:bf:e9:db:41:3a:
89:07:c7:01:da:47:7b:d9:9c:5d:bc:39:73:57:2d:
eb:f4:2d:a3:84:0f:2b:21:6f:eb:1e:fd:5a:ae:03:
4d:5a:97:53:d7:0e:f1:c2:b5:62:1b:d2:21:97:b0:
ed:76:98:83:0d:67:02:e4:29:ef:0b:b2:f8:90:a7:
17:cb:03:8f:e0:d7:db:88:6a:95:e9:3b:65:13:c1:
6c:5f:5c:48:13:01:ed:ca:ee:5b:aa:c6:90:47:ba:
b9:33:e5:17:a5:e3:e0:ff:ab:eb:6e:22:80:50:66:
5b:d6:6f:9d:2d:d1:01:f4:cc:f4:74:de:f6:86:39:
1c:d3:7c:86:2e:1b:e3:c2:09:df:49:87:f9:09:5b:
ed:6d:66:80:e1:77:74:52:82:bd:16:35:03:4d:20:
95:69:50:9b:da:45:f3:92:91:cf:a0:b1:62:20:49:
5d:01:42:a5:ed:8c:b0:42:37:1e:cd:bc:c9:c8:c6:
28:33:f0:5b:3c:22:68:fe:fe:fd:e9:56:95:cf:43:
51:c0:32:ab:be:44:c3:b1:30:b1:63:70:c7:a2:f5:
79:5e:e7:2e:ef:bf:cd:c9:fd:36:92:3b:63:28:fe:
b2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:24:AC:90:BC:8B:23:B2:3F:26:9A:B9:76:64:A9:DD:C5:6D:53:4B
X509v3 Authority Key Identifier:
keyid:CE:C3:B3:47:A2:16:BC:43:7B:0B:D4:CF:0B:C8:CD:A6:5E:8C:2D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zsOzR6IWvEN7C9TPC8jNpl6MLTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/LySskLyLI7I_Jpq5dmSp3cVtU0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/7a683b-fa78-4112-b6b6-155fb3fe287e/1/zsOzR6IWvEN7C9TPC8jNpl6MLTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.102.189.0-91.102.191.255
Signature Algorithm: sha256WithRSAEncryption
18:c9:41:21:aa:ca:67:2a:44:2c:f8:ea:cd:91:48:71:d0:b3:
0b:9d:3d:3e:ae:de:b9:31:8d:86:7c:db:01:05:d1:6f:86:d0:
28:d7:41:1f:81:f3:49:25:a1:8d:04:6c:50:2e:3e:ce:e3:31:
23:ed:49:2d:48:e4:7d:db:dd:28:b5:1b:fe:d9:68:76:31:bb:
57:4a:5a:0b:6a:03:bf:86:e5:b6:f7:7f:df:01:75:0c:95:65:
4e:2d:64:ea:e3:ca:00:a0:8b:70:96:b6:0c:1f:eb:ec:26:42:
33:a1:a0:a5:6b:9a:d3:cb:a5:9b:ba:08:b1:5c:57:ef:3a:65:
75:b5:fc:10:5a:7a:65:4b:85:1c:e0:e7:b0:ea:66:b3:56:72:
2f:8a:4c:28:19:d4:62:cd:47:05:a0:b8:3f:50:f8:7f:60:69:
50:9a:96:5b:31:fc:4b:83:cb:f1:a3:ac:eb:33:05:89:9f:bb:
36:b4:6a:fa:46:61:0a:31:ff:33:a5:96:37:88:1f:c0:ed:cb:
15:b7:b3:6f:95:93:2e:7e:28:3b:0f:66:80:60:99:eb:d9:12:
a0:17:c4:4a:08:3a:a2:c4:64:bd:17:f5:61:20:21:c7:cd:0d:
b2:74:7c:89:40:a3:b8:8b:80:51:42:c8:04:4d:5e:91:50:fc:
ce:67:15:28
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEGKMxqzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWMzYjM0N2EyMTZiYzQzN2IwYmQ0Y2YwYmM4Y2RhNjVlOGMyZDNiMB4XDTIyMDEw
MTA3NTkwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYyNGFjOTBiYzhi
MjNiMjNmMjY5YWI5NzY2NGE5ZGRjNTZkNTM0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM2Z7BrUDop8V5R/U/IkPSW75O+ojS8okb/p20E6iQfHAdpH
e9mcXbw5c1ct6/Qto4QPKyFv6x79Wq4DTVqXU9cO8cK1YhvSIZew7XaYgw1nAuQp
7wuy+JCnF8sDj+DX24hqlek7ZRPBbF9cSBMB7cruW6rGkEe6uTPlF6Xj4P+r624i
gFBmW9ZvnS3RAfTM9HTe9oY5HNN8hi4b48IJ30mH+Qlb7W1mgOF3dFKCvRY1A00g
lWlQm9pF85KRz6CxYiBJXQFCpe2MsEI3Hs28ycjGKDPwWzwiaP7+/elWlc9DUcAy
q75Ew7EwsWNwx6L1eV7nLu+/zcn9NpI7Yyj+sjcCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBQvJKyQvIsjsj8mmrl2ZKndxW1TSzAfBgNVHSMEGDAWgBTOw7NHoha8Q3sL
1M8LyM2mXowtOzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pzT3pSNklXdkVON0M5VFBDOGpOcGw2TUxUcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTcvN2E2ODNiLWZhNzgtNDExMi1iNmI2LTE1NWZiM2ZlMjg3ZS8x
L0x5U3NrTHlMSTdJX0pwcTVkbVNwM2NWdFUwcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTcv
N2E2ODNiLWZhNzgtNDExMi1iNmI2LTE1NWZiM2ZlMjg3ZS8xL3pzT3pSNklXdkVO
N0M5VFBDOGpOcGw2TUxUcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAW2a9AwQGW2aAMA0GCSqGSIb3
DQEBCwUAA4IBAQAYyUEhqspnKkQs+OrNkUhx0LMLnT0+rt65MY2GfNsBBdFvhtAo
10EfgfNJJaGNBGxQLj7O4zEj7UktSOR9290otRv+2Wh2MbtXSloLagO/huW293/f
AXUMlWVOLWTq48oAoItwlrYMH+vsJkIzoaCla5rTy6WbugixXFfvOmV1tfwQWnpl
S4Uc4Oew6mazVnIvikwoGdRizUcFoLg/UPh/YGlQmpZbMfxLg8vxo6zrMwWJn7s2
tGr6RmEKMf8zpZY3iB/A7csVt7NvlZMufig7D2aAYJnr2RKgF8RKCDqixGS9F/Vh
ICHHzQ2ydHyJQKO4i4BRQsgETV6RUPzOZxUo
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:31:02 2025 by rpki-client