Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/lT7RN8ide7RPWA5g5CzfmKejWAc.roa
File: lT7RN8ide7RPWA5g5CzfmKejWAc.roa (raw, json)
Hash identifier: lTHvkyBXjhCCIS++5IMhE5RGVj5tgwl0lfp0gIKoRMs=
Subject key identifier: 95:3E:D1:37:C8:9D:7B:B4:4F:58:0E:60:E4:2C:DF:98:A7:A3:58:07
Certificate issuer: /CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262
Certificate serial: 018AB7DD222994213E6F862FC0F707F48B11
Authority key identifier: 0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/lT7RN8ide7RPWA5g5CzfmKejWAc.roa
Signing time: Thu 21 Sep 2023 13:10:37 +0000
ROA not before: Thu 21 Sep 2023 13:10:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199927
IP address blocks: 193.247.199.0/24 maxlen: 24
2a05:b2c4::/31 maxlen: 31
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b7:dd:22:29:94:21:3e:6f:86:2f:c0:f7:07:f4:8b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5caf262fdbfcc5ff30e28a5104646e27a89262
Validity
Not Before: Sep 21 13:10:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=953ed137c89d7bb44f580e60e42cdf98a7a35807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:93:26:86:33:de:a4:bb:b9:48:ec:b5:6b:
4a:f1:06:08:b9:38:2b:e4:ae:c4:26:14:0e:6f:07:
7f:df:96:17:97:90:65:1c:36:90:70:a8:33:0b:81:
c7:97:42:61:48:cf:fe:ea:b2:36:14:8b:f8:bd:1b:
d0:0a:df:d1:f9:f2:f4:c6:31:1b:3b:80:cc:b9:79:
40:92:1f:11:17:87:52:4c:f2:07:ce:e0:67:90:99:
b6:45:8e:54:6e:08:10:52:72:98:74:cb:39:dd:07:
22:df:3a:08:92:d9:0e:73:6a:f6:0c:b6:91:8a:40:
28:28:a7:1a:bb:79:ee:c3:96:0f:2b:0c:31:6a:38:
56:32:71:a4:05:d5:83:42:35:72:b2:41:f1:fa:15:
f5:23:c1:40:47:20:e5:38:64:7b:66:b5:78:da:d3:
ff:91:da:24:ce:b3:24:be:bb:60:8b:9b:78:e6:1d:
ae:78:dd:18:96:0a:f1:dc:d1:64:4a:90:a7:8f:b1:
b7:b0:a9:99:ac:7b:77:f3:af:05:5d:97:67:25:3e:
d1:b0:13:76:9a:07:d6:8f:ec:19:a7:64:ff:a2:65:
f4:58:4b:9c:81:ca:1f:8a:54:3b:9f:c2:cb:8e:83:
af:0a:88:60:6d:44:ed:71:6b:0f:b4:17:16:47:9a:
45:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:3E:D1:37:C8:9D:7B:B4:4F:58:0E:60:E4:2C:DF:98:A7:A3:58:07
X509v3 Authority Key Identifier:
keyid:0B:5C:AF:26:2F:DB:FC:C5:FF:30:E2:8A:51:04:64:6E:27:A8:92:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1yvJi_b_MX_MOKKUQRkbieokmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/lT7RN8ide7RPWA5g5CzfmKejWAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/f4b8e9-686d-41be-9891-df1e95d7edd9/1/C1yvJi_b_MX_MOKKUQRkbieokmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.247.199.0/24
IPv6:
2a05:b2c4::/31
Signature Algorithm: sha256WithRSAEncryption
24:d6:01:f6:fc:68:a0:b9:e8:1b:95:68:42:6e:c7:a8:e0:ca:
0f:dd:b3:ff:ae:27:1f:d1:85:b6:ff:2c:08:49:52:bc:86:c9:
b8:90:f2:85:a1:09:75:fe:03:2e:96:7b:08:5f:a1:30:33:80:
0d:2d:bf:5b:29:7d:f4:3a:a3:e4:2f:2c:19:ae:91:d2:27:cf:
0f:62:e2:54:13:18:e0:81:e1:23:1e:70:20:16:0a:90:ee:51:
1e:7b:42:59:19:1f:9b:d9:e0:27:0f:8f:e9:a6:be:6f:88:e2:
ee:a3:c7:51:05:e7:02:a3:23:19:f4:0f:0f:3c:c4:af:b3:07:
af:ab:b2:b8:e2:56:89:85:5a:4e:0b:ab:ff:36:cd:58:3d:b1:
07:cb:a1:0f:67:50:db:ae:e5:9e:a3:d3:0a:11:59:e9:3b:18:
39:fa:68:fe:47:69:ab:d3:48:f1:c1:c1:b3:88:bc:3a:08:a5:
f1:bc:e7:c3:b5:7b:cc:cc:78:0e:ad:49:d5:24:47:68:ad:4a:
8b:76:d1:3f:04:a8:a4:af:a8:4e:e2:7b:08:2f:8b:cf:af:a8:
11:cf:cf:1a:0f:ae:03:f8:cf:da:06:31:f1:7b:8f:07:26:f4:
6b:7b:8c:03:af:a1:61:ec:0f:2a:16:be:e8:ba:f6:92:3d:16:
70:51:d5:96
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYq33SIplCE+b4YvwPcH9IsRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWNhZjI2MmZkYmZjYzVmZjMwZTI4YTUxMDQ2NDZlMjdh
ODkyNjIwHhcNMjMwOTIxMTMxMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTNlZDEzN2M4OWQ3YmI0NGY1ODBlNjBlNDJjZGY5OGE3YTM1ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNiTJoYz3qS7uUjstWtK8QYIuTgr
5K7EJhQObwd/35YXl5BlHDaQcKgzC4HHl0JhSM/+6rI2FIv4vRvQCt/R+fL0xjEb
O4DMuXlAkh8RF4dSTPIHzuBnkJm2RY5UbggQUnKYdMs53Qci3zoIktkOc2r2DLaR
ikAoKKcau3nuw5YPKwwxajhWMnGkBdWDQjVyskHx+hX1I8FARyDlOGR7ZrV42tP/
kdokzrMkvrtgi5t45h2ueN0Ylgrx3NFkSpCnj7G3sKmZrHt3868FXZdnJT7RsBN2
mgfWj+wZp2T/omX0WEucgcofilQ7n8LLjoOvCohgbUTtcWsPtBcWR5pFnQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJU+0TfInXu0T1gOYOQs35ino1gHMB8GA1UdIwQY
MBaAFAtcryYv2/zF/zDiilEEZG4nqJJiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEt
ZGYxZTk1ZDdlZGQ5LzEvbFQ3Uk44aWRlN1JQV0E1ZzVDemZtS2VqV0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mNGI4ZTktNjg2ZC00MWJlLTk4OTEtZGYxZTk1ZDdlZGQ5
LzEvQzF5dkppX2JfTVhfTU9LS1VRUmtiaWVva21JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwffHMA0E
AgACMAcDBQEqBbLEMA0GCSqGSIb3DQEBCwUAA4IBAQAk1gH2/GiguegblWhCbseo
4MoP3bP/ricf0YW2/ywISVK8hsm4kPKFoQl1/gMulnsIX6EwM4ANLb9bKX30OqPk
LywZrpHSJ88PYuJUExjggeEjHnAgFgqQ7lEee0JZGR+b2eAnD4/ppr5viOLuo8dR
BecCoyMZ9A8PPMSvswevq7K44laJhVpOC6v/Ns1YPbEHy6EPZ1DbruWeo9MKEVnp
Oxg5+mj+R2mr00jxwcGziLw6CKXxvOfDtXvMzHgOrUnVJEdorUqLdtE/BKikr6hO
4nsIL4vPr6gRz88aD64D+M/aBjHxe48HJvRre4wDr6Fh7A8qFr7ouvaSPRZwUdWW
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:42:19 2025 by rpki-client