Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/ls_aK520azVhuxPOdmjQGposgO4.roa
File: ls_aK520azVhuxPOdmjQGposgO4.roa (raw, json)
Hash identifier: gQ+ucJowHCtmLw6jsTGXgg+FzzWGcGCXYyDIrh3kD/E=
Subject key identifier: 96:CF:DA:2B:9D:B4:6B:35:61:BB:13:CE:76:68:D0:1A:9A:2C:80:EE
Certificate issuer: /CN=6a7a2c6dbe511a07472437a9a0fb4fccd12be89f
Certificate serial: 018571D7ABE8EF4F42A0FD6CE4562C4553B5
Authority key identifier: 6A:7A:2C:6D:BE:51:1A:07:47:24:37:A9:A0:FB:4F:CC:D1:2B:E8:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/anosbb5RGgdHJDepoPtPzNEr6J8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/ls_aK520azVhuxPOdmjQGposgO4.roa
Signing time: Mon 02 Jan 2023 09:37:17 +0000
ROA not before: Mon 02 Jan 2023 09:37:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47886
IP address blocks: 185.218.36.0/22 maxlen: 24
2a0b:d240::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:ab:e8:ef:4f:42:a0:fd:6c:e4:56:2c:45:53:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a7a2c6dbe511a07472437a9a0fb4fccd12be89f
Validity
Not Before: Jan 2 09:37:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96cfda2b9db46b3561bb13ce7668d01a9a2c80ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ef:05:de:fa:e8:75:d0:5b:0d:49:ab:31:03:
57:a1:15:f8:59:38:58:6e:07:97:d6:52:d8:f9:86:
58:34:d5:d1:40:08:f4:c1:40:64:80:85:30:81:80:
26:77:3b:e2:4d:3d:29:90:f2:7a:0e:f8:dc:2c:8c:
2b:09:bb:df:86:58:3c:4c:8f:f3:3a:b8:b5:37:de:
09:0e:7a:e9:c5:82:44:d3:78:98:5e:0d:a1:c2:4c:
45:6d:8d:ad:66:ab:57:ab:cf:3f:50:5d:c6:43:a4:
48:ae:3d:ce:84:ee:db:f1:dc:ae:9f:25:c3:89:dd:
4a:48:39:af:82:b0:61:48:74:10:de:f6:77:ba:f4:
07:c1:d4:cf:48:16:66:9b:42:47:80:49:31:98:56:
93:0e:49:81:8f:ce:e4:31:1b:f3:c2:af:09:25:4c:
3a:4b:8c:5e:2e:5f:dc:f6:d5:6a:be:b1:55:db:8a:
b9:4f:34:71:10:a2:84:eb:0b:11:5a:48:06:17:5c:
47:15:44:f8:66:28:70:b9:ba:10:2d:9b:3b:08:9a:
21:bd:c0:b7:20:a4:58:27:09:56:8d:a2:0f:6f:93:
fd:85:56:30:0b:85:eb:68:68:f0:00:73:28:45:4c:
84:4a:99:1b:4d:3c:d5:75:d3:ee:ed:00:01:87:00:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:CF:DA:2B:9D:B4:6B:35:61:BB:13:CE:76:68:D0:1A:9A:2C:80:EE
X509v3 Authority Key Identifier:
keyid:6A:7A:2C:6D:BE:51:1A:07:47:24:37:A9:A0:FB:4F:CC:D1:2B:E8:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/anosbb5RGgdHJDepoPtPzNEr6J8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/ls_aK520azVhuxPOdmjQGposgO4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/4d53e5-6e0c-46d5-9a88-ce9c149f889b/1/anosbb5RGgdHJDepoPtPzNEr6J8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.36.0/22
IPv6:
2a0b:d240::/32
Signature Algorithm: sha256WithRSAEncryption
71:49:b7:90:0e:6b:b7:3e:b1:3c:e8:aa:a7:86:f6:3b:74:9e:
0c:33:9d:a0:0c:79:5c:3b:43:be:c1:91:91:51:d4:9a:28:78:
76:0a:4b:de:32:ae:3b:0f:67:41:ab:c7:6d:03:eb:fe:aa:10:
2e:84:fd:d3:12:4b:ea:53:ee:1f:db:44:7b:bf:b5:e1:c0:7c:
f2:12:35:46:6b:c7:07:51:91:ac:a0:60:f4:b5:cc:7a:27:ac:
47:e6:cb:26:02:56:f4:46:28:32:66:43:18:db:55:79:1e:8e:
0a:47:73:fb:6c:5a:1f:4f:57:81:55:d9:06:50:71:c6:84:27:
25:d3:75:e0:ea:5d:04:b3:df:5f:7f:ad:70:60:8e:85:0d:b2:
44:bc:1e:45:66:05:65:16:d0:60:1f:2c:62:d4:4d:49:42:ee:
29:1e:8a:ac:64:bb:7b:53:ea:30:45:bf:12:75:26:84:62:af:
1e:a8:82:e7:7c:da:41:09:4d:b8:c2:f5:ca:a9:bf:7a:29:bc:
14:7f:4e:d0:d7:2e:d2:48:8f:44:7a:37:6e:b1:02:11:92:b5:
cd:2a:e5:ae:a1:76:37:e3:0e:7c:1b:fa:be:1c:3d:50:ab:0f:
01:3b:04:04:cb:c0:f0:7b:e8:25:de:d6:a8:b5:49:8e:82:85:
b7:0f:80:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVx16vo709CoP1s5FYsRVO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhN2EyYzZkYmU1MTFhMDc0NzI0MzdhOWEwZmI0ZmNjZDEy
YmU4OWYwHhcNMjMwMTAyMDkzNzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmNmZGEyYjlkYjQ2YjM1NjFiYjEzY2U3NjY4ZDAxYTlhMmM4MGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke8F3vroddBbDUmrMQNXoRX4WThY
bgeX1lLY+YZYNNXRQAj0wUBkgIUwgYAmdzviTT0pkPJ6DvjcLIwrCbvfhlg8TI/z
Ori1N94JDnrpxYJE03iYXg2hwkxFbY2tZqtXq88/UF3GQ6RIrj3OhO7b8dyunyXD
id1KSDmvgrBhSHQQ3vZ3uvQHwdTPSBZmm0JHgEkxmFaTDkmBj87kMRvzwq8JJUw6
S4xeLl/c9tVqvrFV24q5TzRxEKKE6wsRWkgGF1xHFUT4ZihwuboQLZs7CJohvcC3
IKRYJwlWjaIPb5P9hVYwC4XraGjwAHMoRUyESpkbTTzVddPu7QABhwA2JQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJbP2iudtGs1YbsTznZo0BqaLIDuMB8GA1UdIwQY
MBaAFGp6LG2+URoHRyQ3qaD7T8zRK+ifMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW5vc2JiNVJHZ2RISkRlcG9QdFB6TkVyNko4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS80ZDUzZTUtNmUwYy00NmQ1LTlhODgt
Y2U5YzE0OWY4ODliLzEvbHNfYUs1MjBhelZodXhQT2RtalFHcG9zZ080LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS80ZDUzZTUtNmUwYy00NmQ1LTlhODgtY2U5YzE0OWY4ODli
LzEvYW5vc2JiNVJHZ2RISkRlcG9QdFB6TkVyNko4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudokMA0E
AgACMAcDBQAqC9JAMA0GCSqGSIb3DQEBCwUAA4IBAQBxSbeQDmu3PrE86KqnhvY7
dJ4MM52gDHlcO0O+wZGRUdSaKHh2CkveMq47D2dBq8dtA+v+qhAuhP3TEkvqU+4f
20R7v7XhwHzyEjVGa8cHUZGsoGD0tcx6J6xH5ssmAlb0RigyZkMY21V5Ho4KR3P7
bFofT1eBVdkGUHHGhCcl03Xg6l0Es99ff61wYI6FDbJEvB5FZgVlFtBgHyxi1E1J
Qu4pHoqsZLt7U+owRb8SdSaEYq8eqILnfNpBCU24wvXKqb96KbwUf07Q1y7SSI9E
ejdusQIRkrXNKuWuoXY34w58G/q+HD1Qqw8BOwQEy8Dwe+gl3taotUmOgoW3D4Ai
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:29:11 2025 by rpki-client