Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LMfH1jPqIEATqayCxkP-QhBRzDc.roa
File: LMfH1jPqIEATqayCxkP-QhBRzDc.roa (raw, json)
Hash identifier: oU6IdMYTTdC5EqxFAR9XmqXSCu6pqRX0jNu851Hz27c=
Subject key identifier: 2C:C7:C7:D6:33:EA:20:40:13:A9:AC:82:C6:43:FE:42:10:51:CC:37
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 27FD635E
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LMfH1jPqIEATqayCxkP-QhBRzDc.roa
Signing time: Sat 01 Jan 2022 16:09:18 +0000
ROA not before: Sat 01 Jan 2022 16:09:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61249
IP address blocks: 93.171.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 670917470 (0x27fd635e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 1 16:09:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2cc7c7d633ea204013a9ac82c643fe421051cc37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:49:ff:76:57:25:7a:e2:9a:9b:e7:c5:36:36:
f9:e2:66:75:ac:51:91:66:06:6f:36:03:2c:75:07:
56:70:bf:cd:e6:41:8d:a1:f2:33:3e:6c:d1:3b:41:
88:df:d0:3b:c8:c3:bc:79:ad:28:36:8c:4c:87:06:
18:45:04:fd:33:37:aa:09:fd:7e:69:38:2d:66:1a:
3e:c8:ed:b0:1d:d7:78:da:04:16:6f:48:91:db:42:
8c:b0:c7:79:5c:de:c7:b6:bc:57:7c:38:5c:f9:f5:
9a:7a:db:4e:cf:c8:a2:18:81:26:c2:62:16:c6:13:
6e:26:a5:7d:9a:04:44:90:88:9c:f4:2e:e0:93:e9:
3c:fd:10:82:3a:1b:a1:aa:1c:07:85:da:ed:af:86:
71:05:fb:91:cf:69:ea:9b:d2:b7:8a:17:af:da:60:
0c:c8:79:91:ea:51:87:72:d5:ec:de:53:0d:e8:ca:
9e:38:13:7e:4c:b3:aa:99:7b:5b:44:d6:37:1c:8e:
e5:0b:22:11:15:5f:6f:d4:d1:a1:8a:26:d0:77:0b:
78:da:7c:cc:22:cf:b1:11:bb:3f:56:e3:05:c5:37:
55:42:2e:2f:ff:8c:4a:ed:32:ac:76:7d:9a:3d:9f:
ce:87:e5:c8:13:04:c3:84:4e:3a:e2:4b:8e:5f:34:
25:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:C7:C7:D6:33:EA:20:40:13:A9:AC:82:C6:43:FE:42:10:51:CC:37
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/LMfH1jPqIEATqayCxkP-QhBRzDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.171.204.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:5b:fe:1f:63:04:da:5a:b5:90:84:c3:55:f7:ab:24:e5:bf:
d0:6e:33:78:69:33:b9:1b:a8:89:24:96:c6:16:42:ac:ae:a1:
b5:82:be:9b:11:43:d9:90:9d:df:fd:fc:57:72:73:c2:35:f5:
38:14:17:33:b5:19:5c:4c:07:0b:87:50:a1:49:41:44:0a:6f:
55:2d:35:c3:9b:cd:bd:b8:d5:b6:38:66:53:a5:b3:79:16:3d:
ef:20:37:f4:e5:ca:bd:f3:64:21:ce:4f:b0:89:25:87:55:d6:
be:90:78:9e:17:35:0f:b0:86:08:6a:33:bb:b5:94:89:ce:c8:
b0:f2:fc:33:7e:bc:08:c9:0d:d3:e5:3a:29:51:ab:c6:f0:b4:
16:9f:86:89:a5:10:0d:bc:f1:1a:2d:d8:c1:1c:06:58:5f:60:
04:2a:94:29:73:97:35:40:19:51:39:3a:5c:d9:2e:b2:14:a1:
17:24:b1:71:e7:ac:05:e3:23:62:60:85:a8:e2:60:2e:2c:25:
f7:86:01:ab:24:57:3c:dc:a7:b4:f2:d6:24:8f:04:47:2c:67:
83:48:26:b2:ea:e2:85:a6:a8:0e:35:8b:70:ea:91:0f:ed:c9:
44:54:bd:7f:02:ee:7c:16:5d:f1:f3:75:7b:68:2b:af:ff:aa:
9a:6a:f4:f9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEJ/1jXjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDkxMjJjMzU0MzhhNGViMjYyMzNmZGM2ZTRiYjFkZjJkYWFlZjQyMB4XDTIyMDEw
MTE2MDkxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNjN2M3ZDYzM2Vh
MjA0MDEzYTlhYzgyYzY0M2ZlNDIxMDUxY2MzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANVJ/3ZXJXrimpvnxTY2+eJmdaxRkWYGbzYDLHUHVnC/zeZB
jaHyMz5s0TtBiN/QO8jDvHmtKDaMTIcGGEUE/TM3qgn9fmk4LWYaPsjtsB3XeNoE
Fm9IkdtCjLDHeVzex7a8V3w4XPn1mnrbTs/IohiBJsJiFsYTbialfZoERJCInPQu
4JPpPP0QgjoboaocB4Xa7a+GcQX7kc9p6pvSt4oXr9pgDMh5kepRh3LV7N5TDejK
njgTfkyzqpl7W0TWNxyO5QsiERVfb9TRoYom0HcLeNp8zCLPsRG7P1bjBcU3VUIu
L/+MSu0yrHZ9mj2fzoflyBMEw4ROOuJLjl80JTUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQsx8fWM+ogQBOprILGQ/5CEFHMNzAfBgNVHSMEGDAWgBR0kSLDVDik6yYj
P9xuS7HfLarvQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RKRWl3MVE0cE9zbUl6X2Nia3V4M3kycTcwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTgvMThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8x
L0xNZkgxalBxSUVBVHFheUN4a1AtUWhCUnpEYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTgv
MThhOTFjLTBlNzctNDVjOS04Y2M0LTA2MmM2OTMzYWJlZC8xL2RKRWl3MVE0cE9z
bUl6X2Nia3V4M3kycTcwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAF2rzDANBgkqhkiG9w0BAQsFAAOC
AQEAb1v+H2ME2lq1kITDVferJOW/0G4zeGkzuRuoiSSWxhZCrK6htYK+mxFD2ZCd
3/38V3JzwjX1OBQXM7UZXEwHC4dQoUlBRApvVS01w5vNvbjVtjhmU6WzeRY97yA3
9OXKvfNkIc5PsIklh1XWvpB4nhc1D7CGCGozu7WUic7IsPL8M368CMkN0+U6KVGr
xvC0Fp+GiaUQDbzxGi3YwRwGWF9gBCqUKXOXNUAZUTk6XNkushShFySxceesBeMj
YmCFqOJgLiwl94YBqyRXPNyntPLWJI8ERyxng0gmsurihaaoDjWLcOqRD+3JRFS9
fwLufBZd8fN1e2grr/+qmmr0+Q==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:50 2025 by rpki-client