Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/lFO93DoEMRNcsYnInntzICiiG0M.roa
File: lFO93DoEMRNcsYnInntzICiiG0M.roa (raw, json)
Hash identifier: 1sP+84x7NGwdtTgrjrdMDf6bqp26CdHLBNaweJcLR8w=
Subject key identifier: 94:53:BD:DC:3A:04:31:13:5C:B1:89:C8:9E:7B:73:20:28:A2:1B:43
Certificate issuer: /CN=a86057859d1660e8d872979ee6d6a6b2c433a305
Certificate serial: 01856B8112019F63892D062378E3D0025B93
Authority key identifier: A8:60:57:85:9D:16:60:E8:D8:72:97:9E:E6:D6:A6:B2:C4:33:A3:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGBXhZ0WYOjYcpee5tamssQzowU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/lFO93DoEMRNcsYnInntzICiiG0M.roa
Signing time: Sun 01 Jan 2023 04:04:58 +0000
ROA not before: Sun 01 Jan 2023 04:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35565
IP address blocks: 194.187.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:81:12:01:9f:63:89:2d:06:23:78:e3:d0:02:5b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86057859d1660e8d872979ee6d6a6b2c433a305
Validity
Not Before: Jan 1 04:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9453bddc3a0431135cb189c89e7b732028a21b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:24:1a:36:54:b1:b8:2c:7f:08:df:89:94:fc:
86:8e:db:a6:c6:46:dc:7f:7a:5f:0c:c5:45:a3:e6:
2f:f6:dc:de:c6:c5:08:1a:4b:c6:f2:4a:fc:a5:a1:
c5:a9:7f:b9:84:71:7f:36:c9:52:f7:85:f3:f6:65:
92:ac:c4:52:a6:14:fe:da:0c:ed:7b:a8:5f:d7:c3:
37:d7:f5:02:cf:54:fa:33:a1:52:90:3a:7a:ca:e4:
52:05:f6:34:39:42:1a:e9:87:79:73:b9:f3:5d:2e:
4f:b2:eb:f5:6d:ec:ef:2f:d0:fc:b2:0d:cf:fd:41:
dc:67:ed:74:8b:31:39:fa:d8:f9:17:d8:41:e6:0c:
82:86:58:e5:c1:0d:62:8a:51:bf:6c:80:15:9b:ca:
80:2f:3a:81:46:7d:dc:09:67:08:60:90:c6:99:70:
9a:78:e6:bf:db:7e:2b:2f:95:d8:16:ef:8c:c8:de:
b2:ec:ea:8e:73:d6:60:fa:e1:43:4b:fc:66:bc:92:
a6:ae:67:db:02:89:1f:6a:67:0a:b7:c3:77:80:0d:
7d:27:d2:ff:a5:31:ce:dc:13:81:29:2f:64:de:dc:
e0:7f:87:51:2d:13:1e:11:f0:86:28:06:40:1b:75:
b3:21:81:06:84:f0:30:b1:f5:99:2d:48:c6:94:ac:
23:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:53:BD:DC:3A:04:31:13:5C:B1:89:C8:9E:7B:73:20:28:A2:1B:43
X509v3 Authority Key Identifier:
keyid:A8:60:57:85:9D:16:60:E8:D8:72:97:9E:E6:D6:A6:B2:C4:33:A3:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGBXhZ0WYOjYcpee5tamssQzowU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/lFO93DoEMRNcsYnInntzICiiG0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/21345b-4de7-4086-9abf-d4edc20cc1ac/1/qGBXhZ0WYOjYcpee5tamssQzowU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.187.60.0/22
Signature Algorithm: sha256WithRSAEncryption
49:82:7e:a3:e0:3e:e2:05:62:24:71:d7:47:26:46:b6:bf:aa:
02:d8:3e:60:9f:21:ef:ee:fc:46:ca:8b:3e:e4:65:b6:ae:6c:
78:94:d0:8d:28:bc:fc:33:62:49:09:e4:c1:92:d5:b7:a8:5c:
b6:bf:48:16:5f:07:21:ff:88:11:60:e8:5a:59:d3:85:54:47:
c4:86:6e:f3:08:db:68:3d:d7:67:1e:2d:f6:cb:87:6a:ca:57:
ab:98:a5:0b:f8:88:8d:5e:82:78:af:eb:5f:5b:21:0f:83:59:
3d:dc:08:ac:1a:66:90:dd:79:3a:40:7e:03:1a:ad:53:e5:22:
5c:e5:f8:40:0a:f7:21:02:34:c6:38:d2:f6:ed:d1:9e:00:60:
e5:e2:06:53:a4:65:a2:eb:6a:3f:67:11:07:7a:1f:25:f6:30:
e7:4f:8c:0c:a9:df:65:dd:2f:a4:21:e7:b6:d8:c3:13:6a:a8:
ed:40:80:33:03:a2:9d:50:fc:d5:07:09:8f:22:0d:01:ef:38:
7c:f6:b3:ae:29:a9:86:48:eb:45:47:61:3d:b3:f5:c4:b7:b6:
7e:e9:6b:a1:21:37:30:42:cc:2d:ac:9f:1c:02:01:f0:a7:03:
3a:b5:9a:f1:4b:89:b4:b3:07:23:e6:fc:fa:4a:2a:be:67:73:
b7:3d:b3:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrgRIBn2OJLQYjeOPQAluTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NjA1Nzg1OWQxNjYwZThkODcyOTc5ZWU2ZDZhNmIyYzQz
M2EzMDUwHhcNMjMwMTAxMDQwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUzYmRkYzNhMDQzMTEzNWNiMTg5Yzg5ZTdiNzMyMDI4YTIxYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSQaNlSxuCx/CN+JlPyGjtumxkbc
f3pfDMVFo+Yv9tzexsUIGkvG8kr8paHFqX+5hHF/NslS94Xz9mWSrMRSphT+2gzt
e6hf18M31/UCz1T6M6FSkDp6yuRSBfY0OUIa6Yd5c7nzXS5Psuv1bezvL9D8sg3P
/UHcZ+10izE5+tj5F9hB5gyChljlwQ1iilG/bIAVm8qALzqBRn3cCWcIYJDGmXCa
eOa/234rL5XYFu+MyN6y7OqOc9Zg+uFDS/xmvJKmrmfbAokfamcKt8N3gA19J9L/
pTHO3BOBKS9k3tzgf4dRLRMeEfCGKAZAG3WzIYEGhPAwsfWZLUjGlKwjhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRTvdw6BDETXLGJyJ57cyAoohtDMB8GA1UdIwQY
MBaAFKhgV4WdFmDo2HKXnubWprLEM6MFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUdCWGhaMFdZT2pZY3BlZTV0YW1zc1F6b3dVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS8yMTM0NWItNGRlNy00MDg2LTlhYmYt
ZDRlZGMyMGNjMWFjLzEvbEZPOTNEb0VNUk5jc1luSW5udHpJQ2lpRzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS8yMTM0NWItNGRlNy00MDg2LTlhYmYtZDRlZGMyMGNjMWFj
LzEvcUdCWGhaMFdZT2pZY3BlZTV0YW1zc1F6b3dVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwrs8MA0G
CSqGSIb3DQEBCwUAA4IBAQBJgn6j4D7iBWIkcddHJka2v6oC2D5gnyHv7vxGyos+
5GW2rmx4lNCNKLz8M2JJCeTBktW3qFy2v0gWXwch/4gRYOhaWdOFVEfEhm7zCNto
PddnHi32y4dqylermKUL+IiNXoJ4r+tfWyEPg1k93AisGmaQ3Xk6QH4DGq1T5SJc
5fhACvchAjTGONL27dGeAGDl4gZTpGWi62o/ZxEHeh8l9jDnT4wMqd9l3S+kIee2
2MMTaqjtQIAzA6KdUPzVBwmPIg0B7zh89rOuKamGSOtFR2E9s/XEt7Z+6WuhITcw
QswtrJ8cAgHwpwM6tZrxS4m0swcj5vz6Siq+Z3O3PbMp
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:11:44 2025 by rpki-client