Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/14486a-a7e6-4113-93b1-15cdc9a8c38f/1/lnwqW5oWgA9P92eKFT-feApSb3Y.roa
File: lnwqW5oWgA9P92eKFT-feApSb3Y.roa (raw, json)
Hash identifier: P8lxsLx6jG1UzaAXGW4SEdO5gxCJEfg+zGzx/bOGq/8=
Subject key identifier: 96:7C:2A:5B:9A:16:80:0F:4F:F7:67:8A:15:3F:9F:78:0A:52:6F:76
Certificate issuer: /CN=a34911e9d2bbea66a6c240319dde307b3def48c1
Certificate serial: 01856BE595E83455B67079C74DF2F645AE6F
Authority key identifier: A3:49:11:E9:D2:BB:EA:66:A6:C2:40:31:9D:DE:30:7B:3D:EF:48:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o0kR6dK76mamwkAxnd4wez3vSME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/14486a-a7e6-4113-93b1-15cdc9a8c38f/1/lnwqW5oWgA9P92eKFT-feApSb3Y.roa
Signing time: Sun 01 Jan 2023 05:54:46 +0000
ROA not before: Sun 01 Jan 2023 05:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200820
IP address blocks: 185.94.13.0/24 maxlen: 24
185.94.14.0/24 maxlen: 24
185.94.12.0/24 maxlen: 24
185.94.12.0/23 maxlen: 23
185.94.15.0/24 maxlen: 24
2a03:9fc0:2::/48 maxlen: 48
2a03:9fc0:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:e5:95:e8:34:55:b6:70:79:c7:4d:f2:f6:45:ae:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a34911e9d2bbea66a6c240319dde307b3def48c1
Validity
Not Before: Jan 1 05:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=967c2a5b9a16800f4ff7678a153f9f780a526f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f6:d9:45:45:2e:12:41:5f:3d:9c:51:4d:50:
24:05:54:87:af:e9:65:2a:42:d8:1d:17:48:bf:83:
ea:82:ca:77:00:8e:57:42:9a:db:fa:fc:21:1c:47:
fb:bf:b6:f6:20:aa:32:7c:86:71:1d:39:d6:c7:63:
28:db:72:65:52:9c:4c:5f:6b:fd:fb:ab:49:7a:93:
bd:a4:6d:17:71:48:c9:4a:1c:4d:1d:25:14:46:13:
b8:b7:f8:94:92:3a:6d:4b:ea:cc:d0:9c:ca:7d:91:
a7:82:76:a8:6f:e4:36:27:8c:7f:72:19:ae:97:c5:
26:1f:31:d4:2b:3c:61:f9:44:9d:1f:f9:dc:ab:f1:
ec:24:49:c3:22:dd:59:a8:a2:63:48:79:c8:1b:8d:
0b:b7:e5:00:9b:a9:eb:1f:8e:12:19:7e:5e:53:24:
b6:b3:df:74:6e:e4:fa:3a:7c:de:e3:f0:ca:80:89:
35:d2:2c:7e:d5:1d:68:35:41:0f:1a:e3:30:e3:f6:
87:64:94:51:11:35:d4:e6:78:ea:6a:2d:b0:d1:bd:
a2:ff:2b:14:9a:cc:fd:c0:19:97:46:2e:1d:28:64:
99:ef:36:a4:11:4e:26:41:7b:d5:e8:e9:e0:35:7e:
c8:46:fd:91:7f:c8:58:fb:50:f8:bf:72:3d:02:10:
c1:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7C:2A:5B:9A:16:80:0F:4F:F7:67:8A:15:3F:9F:78:0A:52:6F:76
X509v3 Authority Key Identifier:
keyid:A3:49:11:E9:D2:BB:EA:66:A6:C2:40:31:9D:DE:30:7B:3D:EF:48:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o0kR6dK76mamwkAxnd4wez3vSME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/14486a-a7e6-4113-93b1-15cdc9a8c38f/1/lnwqW5oWgA9P92eKFT-feApSb3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/14486a-a7e6-4113-93b1-15cdc9a8c38f/1/o0kR6dK76mamwkAxnd4wez3vSME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.94.12.0/22
IPv6:
2a03:9fc0:1::-2a03:9fc0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:aa:e9:1a:be:e0:53:35:6c:5e:4d:87:ca:64:ec:fe:7e:0a:
cc:64:c7:0c:43:3c:74:8f:58:a3:ac:52:40:4a:de:21:80:c4:
43:17:67:de:86:c3:3c:08:96:87:de:9f:5e:53:a7:72:a4:d1:
26:78:7f:3a:65:8b:97:1d:db:11:ce:95:71:96:1c:47:05:10:
36:11:2f:dd:67:f2:59:43:d6:0d:08:16:79:a7:b3:3d:bc:67:
9d:4a:8a:ea:9c:98:ab:6b:dd:fc:b2:f5:12:eb:74:99:cf:e9:
95:f0:c8:83:7c:7e:bb:cf:e0:f0:90:d1:82:39:92:88:70:fb:
ea:64:03:a7:32:30:b8:eb:35:09:76:7d:ff:dc:e5:99:c1:a5:
ef:a3:60:a1:ec:13:c6:f8:ec:f2:53:15:22:18:30:3a:28:2c:
28:3b:93:b4:41:6b:d5:92:8e:95:1b:7b:54:ec:20:02:d7:49:
8f:85:cc:4b:9e:73:85:cf:55:9a:8f:cc:f9:5b:b0:b1:58:a5:
33:9e:d0:12:ef:18:f3:91:39:c3:98:73:81:a2:65:62:c0:1c:
88:af:ae:31:fb:43:55:e2:fc:04:82:23:ec:a2:a9:92:00:28:
2a:93:c4:c2:bd:bd:30:42:42:20:93:09:a0:51:7b:50:4f:84:
2d:2b:44:f9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYVr5ZXoNFW2cHnHTfL2Ra5vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNDkxMWU5ZDJiYmVhNjZhNmMyNDAzMTlkZGUzMDdiM2Rl
ZjQ4YzEwHhcNMjMwMTAxMDU1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdjMmE1YjlhMTY4MDBmNGZmNzY3OGExNTNmOWY3ODBhNTI2Zjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvbZRUUuEkFfPZxRTVAkBVSHr+ll
KkLYHRdIv4Pqgsp3AI5XQprb+vwhHEf7v7b2IKoyfIZxHTnWx2Mo23JlUpxMX2v9
+6tJepO9pG0XcUjJShxNHSUURhO4t/iUkjptS+rM0JzKfZGngnaob+Q2J4x/chmu
l8UmHzHUKzxh+USdH/ncq/HsJEnDIt1ZqKJjSHnIG40Lt+UAm6nrH44SGX5eUyS2
s990buT6Onze4/DKgIk10ix+1R1oNUEPGuMw4/aHZJRRETXU5njqai2w0b2i/ysU
msz9wBmXRi4dKGSZ7zakEU4mQXvV6OngNX7IRv2Rf8hY+1D4v3I9AhDBAwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFJZ8KluaFoAPT/dnihU/n3gKUm92MB8GA1UdIwQY
MBaAFKNJEenSu+pmpsJAMZ3eMHs970jBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzBrUjZkSzc2bWFtd2tBeG5kNHdlejN2U01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xNDQ4NmEtYTdlNi00MTEzLTkzYjEt
MTVjZGM5YThjMzhmLzEvbG53cVc1b1dnQTlQOTJlS0ZULWZlQXBTYjNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xNDQ4NmEtYTdlNi00MTEzLTkzYjEtMTVjZGM5YThjMzhm
LzEvbzBrUjZkSzc2bWFtd2tBeG5kNHdlejN2U01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV4MMBoE
AgACMBQwEgMHACoDn8AAAQMHACoDn8AAAjANBgkqhkiG9w0BAQsFAAOCAQEARarp
Gr7gUzVsXk2HymTs/n4KzGTHDEM8dI9Yo6xSQEreIYDEQxdn3obDPAiWh96fXlOn
cqTRJnh/OmWLlx3bEc6VcZYcRwUQNhEv3WfyWUPWDQgWeaezPbxnnUqK6pyYq2vd
/LL1Eut0mc/plfDIg3x+u8/g8JDRgjmSiHD76mQDpzIwuOs1CXZ9/9zlmcGl76Ng
oewTxvjs8lMVIhgwOigsKDuTtEFr1ZKOlRt7VOwgAtdJj4XMS55zhc9Vmo/M+Vuw
sVilM57QEu8Y85E5w5hzgaJlYsAciK+uMftDVeL8BIIj7KKpkgAoKpPEwr29MEJC
IJMJoFF7UE+ELStE+Q==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:11:07 2025 by rpki-client