Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/lUubXrI7ZzafDc4279TL-w4LZfo.roa
File: lUubXrI7ZzafDc4279TL-w4LZfo.roa (raw, json)
Hash identifier: LmeEXnehS7kxqGhm0ds1+vihA4kVDzMpOjKtml9Ix/s=
Subject key identifier: 95:4B:9B:5E:B2:3B:67:36:9F:0D:CE:36:EF:D4:CB:FB:0E:0B:65:FA
Certificate issuer: /CN=f16ea3f0330b2132d0df752f51f0e0bfef3d1bae
Certificate serial: 01856B40E5C15EA2091DB79F33CA9853A6AC
Authority key identifier: F1:6E:A3:F0:33:0B:21:32:D0:DF:75:2F:51:F0:E0:BF:EF:3D:1B:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8W6j8DMLITLQ33UvUfDgv-89G64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/lUubXrI7ZzafDc4279TL-w4LZfo.roa
Signing time: Sun 01 Jan 2023 02:54:53 +0000
ROA not before: Sun 01 Jan 2023 02:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25352
IP address blocks: 91.212.48.0/24 maxlen: 24
195.190.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:40:e5:c1:5e:a2:09:1d:b7:9f:33:ca:98:53:a6:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f16ea3f0330b2132d0df752f51f0e0bfef3d1bae
Validity
Not Before: Jan 1 02:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954b9b5eb23b67369f0dce36efd4cbfb0e0b65fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:26:44:42:9a:d8:f9:43:ec:97:9b:3b:1c:9c:
b3:a4:9c:ab:90:51:1d:a4:a1:ea:7b:7d:f0:f1:c6:
1f:30:7c:43:ee:02:c2:e7:35:21:87:fb:9a:af:3a:
fa:3f:d6:7d:f3:5f:9e:36:fb:04:e3:fd:12:5d:79:
00:62:b6:64:26:37:54:4f:b6:91:a6:32:fa:45:8f:
62:24:23:b7:34:38:a7:3f:1b:bd:28:d3:3c:19:74:
d3:73:e4:87:de:67:33:c0:a4:cf:d5:3a:67:25:64:
a0:38:3a:76:7b:c2:48:ca:91:7d:c0:b2:66:57:77:
fd:f3:25:1b:20:c8:10:41:65:e5:30:5b:d0:8f:f3:
d6:85:f1:c9:cf:1f:41:3f:bd:66:1d:f6:a6:75:0b:
ba:ee:f7:f4:88:85:c9:87:11:cc:ed:af:cb:ad:7e:
f5:87:63:e3:b0:9f:a8:d5:93:f2:16:50:46:79:0e:
b7:8d:ec:28:96:45:4d:af:0b:98:cd:47:3f:f3:bb:
16:e8:1c:57:66:1f:a1:46:42:45:b7:5e:50:f4:68:
30:6b:94:a4:f9:aa:65:d9:5d:fd:a1:15:b7:00:78:
85:4e:78:12:cf:a8:a7:7e:ca:6b:d2:91:0e:f6:43:
01:5a:15:6b:8c:c2:4f:49:d9:b5:61:d6:ff:f6:d1:
d8:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4B:9B:5E:B2:3B:67:36:9F:0D:CE:36:EF:D4:CB:FB:0E:0B:65:FA
X509v3 Authority Key Identifier:
keyid:F1:6E:A3:F0:33:0B:21:32:D0:DF:75:2F:51:F0:E0:BF:EF:3D:1B:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8W6j8DMLITLQ33UvUfDgv-89G64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/lUubXrI7ZzafDc4279TL-w4LZfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/e8667a-b7fd-4ea8-bae9-6007bbad86d6/1/8W6j8DMLITLQ33UvUfDgv-89G64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.212.48.0/24
195.190.128.0/24
Signature Algorithm: sha256WithRSAEncryption
99:0b:0a:e5:a4:13:82:ff:e3:be:a5:fd:92:a9:90:12:13:d0:
e6:55:53:76:25:48:5a:cf:87:00:29:52:9a:dd:38:10:f8:83:
b9:05:df:39:9d:4f:65:90:31:02:9e:0d:f9:21:f1:a2:81:1e:
b1:d9:b7:29:b7:55:18:d7:33:9f:c5:51:98:bb:cd:11:2e:a5:
f6:69:75:6f:b1:5d:bf:84:a4:24:b9:d4:68:0e:f3:17:25:cb:
b1:1b:87:86:77:af:91:36:90:76:dc:f5:0b:75:3a:80:c8:f0:
84:8d:2b:38:7a:c3:5a:06:66:1d:ca:c0:12:e4:11:e8:4d:29:
64:b1:13:a0:2f:0a:f7:ad:86:7a:1f:92:d0:fe:f2:8a:c3:7a:
63:8f:73:92:7a:f2:e7:4f:ed:e1:e1:80:b7:de:6b:46:7b:a8:
78:97:68:cf:26:66:07:6a:8a:39:3d:7a:04:8c:2e:b9:62:88:
a2:5b:93:d9:15:79:de:0b:0c:cc:43:15:e2:cc:7b:93:72:e9:
9c:4a:46:f1:29:f5:1d:bf:e6:c6:62:84:75:07:57:2a:d8:a9:
d1:a6:36:d0:d5:17:44:fb:4a:01:ff:30:70:63:ec:a9:90:7b:
45:ee:d0:a6:6d:3d:cc:42:bc:65:5d:92:6e:2d:ee:b1:05:1e:
08:99:d4:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVrQOXBXqIJHbefM8qYU6asMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNmVhM2YwMzMwYjIxMzJkMGRmNzUyZjUxZjBlMGJmZWYz
ZDFiYWUwHhcNMjMwMTAxMDI1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRiOWI1ZWIyM2I2NzM2OWYwZGNlMzZlZmQ0Y2JmYjBlMGI2NWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SZEQprY+UPsl5s7HJyzpJyrkFEd
pKHqe33w8cYfMHxD7gLC5zUhh/uarzr6P9Z981+eNvsE4/0SXXkAYrZkJjdUT7aR
pjL6RY9iJCO3NDinPxu9KNM8GXTTc+SH3mczwKTP1TpnJWSgODp2e8JIypF9wLJm
V3f98yUbIMgQQWXlMFvQj/PWhfHJzx9BP71mHfamdQu67vf0iIXJhxHM7a/LrX71
h2PjsJ+o1ZPyFlBGeQ63jewolkVNrwuYzUc/87sW6BxXZh+hRkJFt15Q9Ggwa5Sk
+apl2V39oRW3AHiFTngSz6infspr0pEO9kMBWhVrjMJPSdm1Ydb/9tHY7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJVLm16yO2c2nw3ONu/Uy/sOC2X6MB8GA1UdIwQY
MBaAFPFuo/AzCyEy0N91L1Hw4L/vPRuuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFc2ajhETUxJVExRMzNVdlVmRGd2LTg5RzY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9lODY2N2EtYjdmZC00ZWE4LWJhZTkt
NjAwN2JiYWQ4NmQ2LzEvbFV1YlhySTdaemFmRGM0Mjc5VEwtdzRMWmZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9lODY2N2EtYjdmZC00ZWE4LWJhZTktNjAwN2JiYWQ4NmQ2
LzEvOFc2ajhETUxJVExRMzNVdlVmRGd2LTg5RzY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9QwAwQA
w76AMA0GCSqGSIb3DQEBCwUAA4IBAQCZCwrlpBOC/+O+pf2SqZASE9DmVVN2JUha
z4cAKVKa3TgQ+IO5Bd85nU9lkDECng35IfGigR6x2bcpt1UY1zOfxVGYu80RLqX2
aXVvsV2/hKQkudRoDvMXJcuxG4eGd6+RNpB23PULdTqAyPCEjSs4esNaBmYdysAS
5BHoTSlksROgLwr3rYZ6H5LQ/vKKw3pjj3OSevLnT+3h4YC33mtGe6h4l2jPJmYH
aoo5PXoEjC65YoiiW5PZFXneCwzMQxXizHuTcumcSkbxKfUdv+bGYoR1B1cq2KnR
pjbQ1RdE+0oB/zBwY+ypkHtF7tCmbT3MQrxlXZJuLe6xBR4ImdSp
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:48:34 2025 by rpki-client