Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/lYqkdfXr9DX58a-uBh5dckTsKj0.roa
File: lYqkdfXr9DX58a-uBh5dckTsKj0.roa (raw, json)
Hash identifier: Vspq3jDYkcXmOCGA2AOrvhpEqyOlAeRZzjzflGzbM5E=
Subject key identifier: 95:8A:A4:75:F5:EB:F4:35:F9:F1:AF:AE:06:1E:5D:72:44:EC:2A:3D
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018649558E4C2CE83B82B00DF5AD2F08725C
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/lYqkdfXr9DX58a-uBh5dckTsKj0.roa
Signing time: Mon 13 Feb 2023 05:53:09 +0000
ROA not before: Mon 13 Feb 2023 05:53:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212527
IP address blocks: 94.188.245.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:55:8e:4c:2c:e8:3b:82:b0:0d:f5:ad:2f:08:72:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:53:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=958aa475f5ebf435f9f1afae061e5d7244ec2a3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:3e:90:83:20:4e:eb:b5:0b:1e:1c:28:87:7a:
a1:dc:75:d1:98:4d:f5:4d:c7:09:55:4e:78:83:60:
62:2e:c6:9c:e8:34:1b:dc:b0:94:e5:15:4f:0f:0a:
04:00:0e:f7:88:1d:43:cb:c8:5e:e3:97:58:38:84:
39:85:08:7b:59:3b:c9:c2:96:2b:4a:77:df:e2:a5:
51:46:0f:6f:07:ee:3f:ff:bc:37:7a:ab:c2:32:8b:
21:2a:c7:f2:dc:03:bc:cc:3a:d5:a1:35:4d:49:49:
81:e7:12:1e:40:71:be:ef:62:94:d8:2b:68:7d:25:
06:75:e1:41:49:7a:27:1e:11:c8:b0:73:fd:1d:48:
e5:d4:5c:b9:5b:ab:15:b5:84:42:96:34:fb:a1:f6:
21:bb:45:2a:ff:b2:30:b3:30:73:8b:47:fa:d4:1f:
f5:b5:27:96:e5:e6:94:33:fc:4e:2f:60:88:d7:ad:
e3:3a:e1:6f:ae:b3:20:2c:6d:78:6c:ac:89:f5:b6:
16:b4:78:c7:61:34:68:ee:a4:55:4e:64:a5:7a:7f:
4c:5e:40:55:2a:b3:37:8b:53:15:e3:c7:c3:3e:03:
ee:59:46:8f:9e:e6:e1:07:b2:1a:f4:c2:bd:77:ff:
25:d6:10:73:71:25:dc:67:90:85:7b:49:cb:04:a1:
a8:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:8A:A4:75:F5:EB:F4:35:F9:F1:AF:AE:06:1E:5D:72:44:EC:2A:3D
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/lYqkdfXr9DX58a-uBh5dckTsKj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.188.245.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ba:01:54:86:e9:cd:de:9e:63:3f:c6:bf:b5:81:b0:29:e0:
8f:9c:46:25:48:57:93:99:c9:69:52:54:0e:77:3e:63:12:3f:
f8:8d:6f:81:d7:2f:21:b0:e8:a1:17:e1:db:fd:9c:d2:3c:52:
d7:4c:ad:0b:bf:2e:a1:70:63:a4:11:b6:eb:56:48:b8:1a:e2:
87:93:a5:69:4c:e6:8f:e3:18:86:ad:b2:a9:92:03:94:de:d2:
bb:6d:d3:39:1e:11:bc:dd:d6:55:ef:4d:9c:f9:21:a0:c2:78:
12:9f:7b:33:09:09:50:8d:8f:36:97:9f:dc:b6:f2:18:59:80:
1d:20:59:cf:20:8d:85:e9:3c:cf:7b:97:32:cb:fb:ad:1a:2e:
6c:fb:35:3d:96:df:fb:54:c9:73:5d:e5:93:73:f4:59:d8:46:
ff:d5:8c:17:fe:62:cc:77:28:80:7d:a2:56:56:cf:b3:e8:97:
74:47:99:0e:21:d3:91:c3:71:c8:d5:97:59:4d:96:e8:36:aa:
7d:69:73:ae:ca:d9:aa:1b:94:f1:ed:23:f7:19:1f:ef:3a:a5:
2b:9b:22:f5:4b:9a:ef:dc:94:60:e3:21:49:a5:f9:7a:37:55:
38:bc:3f:83:c5:e8:da:76:db:e2:2f:98:7c:28:50:92:2c:39:
93:6d:89:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZJVY5MLOg7grAN9a0vCHJcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU1MzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NThhYTQ3NWY1ZWJmNDM1ZjlmMWFmYWUwNjFlNWQ3MjQ0ZWMyYTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+T6QgyBO67ULHhwoh3qh3HXRmE31
TccJVU54g2BiLsac6DQb3LCU5RVPDwoEAA73iB1Dy8he45dYOIQ5hQh7WTvJwpYr
Snff4qVRRg9vB+4//7w3eqvCMoshKsfy3AO8zDrVoTVNSUmB5xIeQHG+72KU2Cto
fSUGdeFBSXonHhHIsHP9HUjl1Fy5W6sVtYRCljT7ofYhu0Uq/7IwszBzi0f61B/1
tSeW5eaUM/xOL2CI163jOuFvrrMgLG14bKyJ9bYWtHjHYTRo7qRVTmSlen9MXkBV
KrM3i1MV48fDPgPuWUaPnubhB7Ia9MK9d/8l1hBzcSXcZ5CFe0nLBKGoPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWKpHX16/Q1+fGvrgYeXXJE7Co9MB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvbFlxa2RmWHI5RFg1OGEtdUJoNWRja1RzS2owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrz1MA0G
CSqGSIb3DQEBCwUAA4IBAQBPugFUhunN3p5jP8a/tYGwKeCPnEYlSFeTmclpUlQO
dz5jEj/4jW+B1y8hsOihF+Hb/ZzSPFLXTK0Lvy6hcGOkEbbrVki4GuKHk6VpTOaP
4xiGrbKpkgOU3tK7bdM5HhG83dZV702c+SGgwngSn3szCQlQjY82l5/ctvIYWYAd
IFnPII2F6TzPe5cyy/utGi5s+zU9lt/7VMlzXeWTc/RZ2Eb/1YwX/mLMdyiAfaJW
Vs+z6Jd0R5kOIdORw3HI1ZdZTZboNqp9aXOuytmqG5Tx7SP3GR/vOqUrmyL1S5rv
3JRg4yFJpfl6N1U4vD+DxejadtviL5h8KFCSLDmTbYlp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:24:42 2025 by rpki-client