Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/lGlJQ8CtaIXjKWoytXfmnMiglhs.roa
File: lGlJQ8CtaIXjKWoytXfmnMiglhs.roa (raw, json)
Hash identifier: l4HanrvfFKKBTfxKfy7ias0aQ6VpMfRSryMoudEeIEk=
Subject key identifier: 94:69:49:43:C0:AD:68:85:E3:29:6A:32:B5:77:E6:9C:C8:A0:96:1B
Certificate issuer: /CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Certificate serial: 0183A312DC851F7B5FFB866F91576F535C50
Authority key identifier: 69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/lGlJQ8CtaIXjKWoytXfmnMiglhs.roa
Signing time: Tue 04 Oct 2022 12:57:45 +0000
ROA not before: Tue 04 Oct 2022 12:57:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203908
IP address blocks: 185.150.240.0/22 maxlen: 24
2a03:ad60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a3:12:dc:85:1f:7b:5f:fb:86:6f:91:57:6f:53:5c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69720a9103e1ae00cc788c5decfe0948c84bcd1b
Validity
Not Before: Oct 4 12:57:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94694943c0ad6885e3296a32b577e69cc8a0961b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:5c:0b:75:57:9c:47:d3:56:40:d4:81:78:77:
aa:6c:14:62:cb:c6:91:ee:d9:1d:d8:91:59:55:1b:
b6:24:76:56:ea:6c:4f:9f:ce:8a:e1:6a:4f:96:a6:
09:4d:aa:ba:b4:f5:90:f7:a0:64:15:69:78:22:d9:
9c:0a:ed:1c:03:d3:6e:f2:23:fc:88:0a:cd:9c:08:
19:95:bf:d7:0f:4f:c8:44:2d:7c:b3:95:97:f0:b1:
7d:a4:e7:2a:e1:a5:54:86:34:6e:22:54:a5:e8:9b:
0d:84:79:5a:dd:5e:ba:1e:e4:60:56:ec:de:07:66:
b7:7b:80:fb:d7:62:69:bd:0e:00:36:d3:a1:15:c6:
02:f1:7b:0f:d9:37:31:af:68:2f:35:02:92:e9:07:
02:b0:d4:4c:30:f3:1b:88:a0:eb:ca:58:fd:e9:3e:
54:fa:0c:45:f8:b5:98:8b:d9:57:71:f3:12:e8:b8:
7f:44:95:5e:40:3e:28:22:2a:8d:aa:3b:05:04:9b:
51:db:01:a0:26:2f:6f:db:80:c4:78:8c:32:fb:38:
0b:41:13:98:ab:3d:a2:3f:3f:77:13:ed:56:2a:5c:
1f:56:8a:13:24:38:8c:a7:e3:3f:0a:83:71:86:10:
50:f2:2f:b3:d7:9e:57:ac:63:b3:55:00:3f:f3:73:
16:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:69:49:43:C0:AD:68:85:E3:29:6A:32:B5:77:E6:9C:C8:A0:96:1B
X509v3 Authority Key Identifier:
keyid:69:72:0A:91:03:E1:AE:00:CC:78:8C:5D:EC:FE:09:48:C8:4B:CD:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aXIKkQPhrgDMeIxd7P4JSMhLzRs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/lGlJQ8CtaIXjKWoytXfmnMiglhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/d516a3-8974-45db-8226-8174ddae31d3/1/aXIKkQPhrgDMeIxd7P4JSMhLzRs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.240.0/22
IPv6:
2a03:ad60::/32
Signature Algorithm: sha256WithRSAEncryption
a6:d2:1e:cc:04:1c:dd:b5:52:b9:04:ce:06:53:ac:84:fb:8f:
67:f2:e8:34:e0:01:0d:9b:56:dd:db:33:c3:fa:f9:8e:d6:07:
68:0b:38:64:1e:94:7a:5a:2a:bc:88:b9:fb:01:90:36:10:49:
2a:0d:7b:71:9c:35:88:f6:33:66:25:44:98:12:6d:85:ae:41:
5b:0f:d7:e8:00:ef:45:fb:39:4c:04:a9:bb:22:3a:26:da:ff:
17:5e:93:5a:4f:e3:6f:1e:00:99:bb:cc:6e:0f:64:cb:35:ae:
97:54:73:32:e4:18:76:be:50:0b:cd:e6:32:74:13:81:f0:11:
db:10:c2:13:e2:9b:36:7a:d6:d0:25:26:6e:93:96:70:e6:29:
ce:46:88:96:64:1c:3b:c2:f7:8f:5a:af:66:a2:3b:1a:20:bc:
b8:3b:88:bc:60:a6:a1:e5:48:99:46:4f:63:d9:d5:1f:6f:4c:
66:73:39:6f:74:c8:6e:89:44:49:7c:14:39:cd:65:b4:f0:30:
91:f4:99:3c:63:1a:97:fa:c5:c3:a8:88:f6:b3:45:5d:19:cb:
61:4f:ef:49:8f:d5:5c:62:f3:2a:d2:3d:8a:26:a4:cb:77:6b:
5b:99:68:d3:62:76:4f:20:ce:e8:63:21:77:56:62:61:a6:ad:
37:35:ba:39
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYOjEtyFH3tf+4ZvkVdvU1xQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NzIwYTkxMDNlMWFlMDBjYzc4OGM1ZGVjZmUwOTQ4Yzg0
YmNkMWIwHhcNMjIxMDA0MTI1NzQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY5NDk0M2MwYWQ2ODg1ZTMyOTZhMzJiNTc3ZTY5Y2M4YTA5NjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlwLdVecR9NWQNSBeHeqbBRiy8aR
7tkd2JFZVRu2JHZW6mxPn86K4WpPlqYJTaq6tPWQ96BkFWl4ItmcCu0cA9Nu8iP8
iArNnAgZlb/XD0/IRC18s5WX8LF9pOcq4aVUhjRuIlSl6JsNhHla3V66HuRgVuze
B2a3e4D712JpvQ4ANtOhFcYC8XsP2Tcxr2gvNQKS6QcCsNRMMPMbiKDrylj96T5U
+gxF+LWYi9lXcfMS6Lh/RJVeQD4oIiqNqjsFBJtR2wGgJi9v24DEeIwy+zgLQROY
qz2iPz93E+1WKlwfVooTJDiMp+M/CoNxhhBQ8i+z155XrGOzVQA/83MWDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJRpSUPArWiF4ylqMrV35pzIoJYbMB8GA1UdIwQY
MBaAFGlyCpED4a4AzHiMXez+CUjIS80bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYt
ODE3NGRkYWUzMWQzLzEvbEdsSlE4Q3RhSVhqS1dveXRYZm1uTWlnbGhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9kNTE2YTMtODk3NC00NWRiLTgyMjYtODE3NGRkYWUzMWQz
LzEvYVhJS2tRUGhyZ0RNZUl4ZDdQNEpTTWhMelJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZbwMA0E
AgACMAcDBQAqA61gMA0GCSqGSIb3DQEBCwUAA4IBAQCm0h7MBBzdtVK5BM4GU6yE
+49n8ug04AENm1bd2zPD+vmO1gdoCzhkHpR6Wiq8iLn7AZA2EEkqDXtxnDWI9jNm
JUSYEm2FrkFbD9foAO9F+zlMBKm7Ijom2v8XXpNaT+NvHgCZu8xuD2TLNa6XVHMy
5Bh2vlALzeYydBOB8BHbEMIT4ps2etbQJSZuk5Zw5inORoiWZBw7wvePWq9mojsa
ILy4O4i8YKah5UiZRk9j2dUfb0xmczlvdMhuiURJfBQ5zWW08DCR9Jk8YxqX+sXD
qIj2s0VdGcthT+9Jj9VcYvMq0j2KJqTLd2tbmWjTYnZPIM7oYyF3VmJhpq03Nbo5
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:59 2025 by rpki-client