Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/LDivGJY6LY14BUG27x6ty_pd3q4.roa
File: LDivGJY6LY14BUG27x6ty_pd3q4.roa (raw, json)
Hash identifier: fdadj74Jp2lYpPWzVlXQCNlVZ1Sal1LdMJinFD3wzdQ=
Subject key identifier: 2C:38:AF:18:96:3A:2D:8D:78:05:41:B6:EF:1E:AD:CB:FA:5D:DE:AE
Certificate issuer: /CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Certificate serial: 01856F824AA8C0153849063F281EF77F98AB
Authority key identifier: FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/LDivGJY6LY14BUG27x6ty_pd3q4.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9215
IP address blocks: 185.57.64.0/24 maxlen: 24
185.57.66.0/24 maxlen: 24
185.57.65.0/24 maxlen: 24
185.57.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4a:a8:c0:15:38:49:06:3f:28:1e:f7:7f:98:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c38af18963a2d8d780541b6ef1eadcbfa5ddeae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:51:f7:d5:ea:e5:dc:4a:be:c8:08:b5:79:5b:
b8:b5:3b:3c:a8:28:39:1d:ee:a5:9b:63:24:e5:32:
54:d8:2e:c2:c4:84:ed:71:10:2a:76:60:53:84:95:
13:39:c2:47:03:6c:ac:6b:72:39:f2:0f:80:8e:14:
a0:7b:2e:40:78:92:ff:f7:64:c2:e7:7f:53:3e:04:
ba:91:2f:65:1b:c4:56:37:3a:d2:02:ed:d6:0b:d4:
b6:af:2e:51:9c:fe:7b:8c:58:55:e5:f2:c6:d4:d1:
eb:44:25:e8:73:b4:b6:41:12:67:0c:73:c9:b0:08:
57:1a:2e:79:ef:e3:cb:84:2f:7f:1a:10:a6:04:5d:
62:be:ad:08:17:69:85:1a:c6:45:f4:48:92:30:f8:
88:8f:79:62:3f:4d:06:86:71:f7:24:07:d5:dc:57:
a6:2b:ad:99:87:46:c2:57:98:77:4e:2a:d3:25:34:
9d:3d:23:52:2c:8e:7c:e9:79:4b:53:88:e6:37:ee:
76:a6:e3:8c:e8:7f:07:2c:2e:2e:88:e1:bf:0e:7e:
f2:a5:dd:2f:f8:e3:c1:4e:63:22:c8:ef:1a:00:49:
f5:69:ae:c3:c9:8a:84:f6:2d:fd:7c:a2:0f:79:ae:
60:36:9d:20:c4:a4:67:5d:79:50:e4:bd:1e:9e:e7:
a1:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:38:AF:18:96:3A:2D:8D:78:05:41:B6:EF:1E:AD:CB:FA:5D:DE:AE
X509v3 Authority Key Identifier:
keyid:FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/LDivGJY6LY14BUG27x6ty_pd3q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.57.64.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:d4:71:d1:b9:98:24:5b:72:9a:07:4a:cd:95:2a:32:b5:df:
21:b1:fb:54:74:ff:99:4c:bb:f7:3b:4b:39:3d:1a:5f:4c:6c:
59:2d:bf:7c:67:3f:20:dc:47:57:a7:30:e9:07:2c:91:b3:4a:
13:3c:40:d4:d5:5d:f7:82:e3:8b:63:69:e3:7f:e4:bc:a3:86:
6a:29:ef:4b:19:0a:eb:06:38:ea:d1:59:6c:5f:4f:1c:12:c4:
ba:f1:1e:51:85:30:95:bd:40:e0:1f:b1:50:09:5c:3d:16:c8:
d7:39:12:a5:52:cd:a0:ad:4c:85:ea:5f:4d:69:44:96:78:b4:
f3:37:53:6e:5f:48:1d:b5:49:65:f0:a3:51:fd:87:20:88:c1:
88:57:22:af:51:83:16:ba:01:31:53:24:f4:5a:2d:ad:2f:84:
83:93:27:2f:dd:e4:54:7c:9b:58:22:e4:2a:dd:ab:05:df:7c:
9b:87:e0:80:53:86:96:f4:ed:f1:c5:dc:e4:d2:9d:9b:7e:e6:
6b:c4:a3:14:3d:0f:0d:14:a1:42:79:90:b5:a3:5d:2f:1a:27:
d5:66:fd:70:0a:ff:91:bd:2c:b2:b2:bb:d0:ec:9f:ba:87:09:
c0:0a:e4:25:19:5f:8c:95:96:f3:10:ad:b3:b5:04:ee:86:55:
49:c5:25:a1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgkqowBU4SQY/KB73f5irMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmY2E5OTdkMzkwY2Q2ZTQ2ZTAxMjhlNTBkNzBiODRlN2Fi
Njc0MGYwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzM4YWYxODk2M2EyZDhkNzgwNTQxYjZlZjFlYWRjYmZhNWRkZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylH31erl3Eq+yAi1eVu4tTs8qCg5
He6lm2Mk5TJU2C7CxITtcRAqdmBThJUTOcJHA2ysa3I58g+AjhSgey5AeJL/92TC
539TPgS6kS9lG8RWNzrSAu3WC9S2ry5RnP57jFhV5fLG1NHrRCXoc7S2QRJnDHPJ
sAhXGi557+PLhC9/GhCmBF1ivq0IF2mFGsZF9EiSMPiIj3liP00GhnH3JAfV3Fem
K62Zh0bCV5h3TirTJTSdPSNSLI586XlLU4jmN+52puOM6H8HLC4uiOG/Dn7ypd0v
+OPBTmMiyO8aAEn1aa7DyYqE9i39fKIPea5gNp0gxKRnXXlQ5L0enuehAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCw4rxiWOi2NeAVBtu8ercv6Xd6uMB8GA1UdIwQY
MBaAFP/KmX05DNbkbgEo5Q1wuE56tnQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTkt
ODE5YjdhN2VjNDM0LzEvTERpdkdKWTZMWTE0QlVHMjd4NnR5X3BkM3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTktODE5YjdhN2VjNDM0
LzEvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTlAMA0G
CSqGSIb3DQEBCwUAA4IBAQCN1HHRuZgkW3KaB0rNlSoytd8hsftUdP+ZTLv3O0s5
PRpfTGxZLb98Zz8g3EdXpzDpByyRs0oTPEDU1V33guOLY2njf+S8o4ZqKe9LGQrr
Bjjq0VlsX08cEsS68R5RhTCVvUDgH7FQCVw9FsjXORKlUs2grUyF6l9NaUSWeLTz
N1NuX0gdtUll8KNR/YcgiMGIVyKvUYMWugExUyT0Wi2tL4SDkycv3eRUfJtYIuQq
3asF33ybh+CAU4aW9O3xxdzk0p2bfuZrxKMUPQ8NFKFCeZC1o10vGifVZv1wCv+R
vSyysrvQ7J+6hwnACuQlGV+MlZbzEK2ztQTuhlVJxSWh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:09:13 2025 by rpki-client