Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/LRR_RNZ55-kNSk_JNIuSlQpxqWM.roa
File: LRR_RNZ55-kNSk_JNIuSlQpxqWM.roa (raw, json)
Hash identifier: NaZEq+VpMCSIEtjXRY4/wWkkCuZGueJVk64Jd4dhRKk=
Subject key identifier: 2D:14:7F:44:D6:79:E7:E9:0D:4A:4F:C9:34:8B:92:95:0A:71:A9:63
Certificate issuer: /CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Certificate serial: 01807C
Authority key identifier: DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/LRR_RNZ55-kNSk_JNIuSlQpxqWM.roa
Signing time: Wed 23 Feb 2022 07:49:37 +0000
ROA not before: Wed 23 Feb 2022 07:49:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42184
IP address blocks: 195.66.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98428 (0x1807c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf0ff365d4bd908de902eeda03b279c2f809d3
Validity
Not Before: Feb 23 07:49:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d147f44d679e7e90d4a4fc9348b92950a71a963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:d2:8b:8f:fa:b9:8b:81:b7:1f:e8:d2:39:
1c:d1:56:50:b5:de:f0:0f:f8:c0:eb:57:1b:21:2f:
9c:37:35:51:20:d2:01:84:4c:83:e4:31:09:5a:de:
4e:eb:a7:0e:2c:f5:e6:69:5b:6a:94:86:c8:c8:f4:
db:2f:33:5e:20:4e:2f:b1:e0:7d:23:5d:fd:04:86:
e2:8e:29:30:c3:de:71:61:38:ba:70:3c:29:6e:93:
fb:68:c1:fe:5f:1f:4c:58:ac:55:59:74:53:81:ea:
f4:22:c1:a8:9d:92:8c:95:95:45:99:31:95:8a:14:
3c:72:4f:23:e5:2d:97:40:7b:3d:6b:6f:0d:22:28:
c4:e9:6f:42:a8:d5:cf:5e:54:cf:3e:0a:4f:6a:23:
75:5c:b8:d8:35:a4:c5:32:70:36:b1:88:8b:29:51:
07:2a:96:7b:fd:76:3c:32:bd:47:06:f2:58:a8:47:
1c:a3:13:45:14:38:51:5e:eb:2e:6b:79:d8:55:d9:
a5:26:a7:92:a8:a5:dd:59:47:70:0b:6d:67:19:52:
bd:67:1c:e3:e3:7a:d2:a1:f9:9b:a5:e0:cb:6f:77:
48:e3:64:14:66:64:7b:d4:39:bb:39:cc:a0:e0:2e:
90:33:a4:1a:92:8b:91:8d:d2:a1:54:fa:c1:99:bf:
34:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:14:7F:44:D6:79:E7:E9:0D:4A:4F:C9:34:8B:92:95:0A:71:A9:63
X509v3 Authority Key Identifier:
keyid:DA:AF:0F:F3:65:D4:BD:90:8D:E9:02:EE:DA:03:B2:79:C2:F8:09:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8P82XUvZCN6QLu2gOyecL4CdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/LRR_RNZ55-kNSk_JNIuSlQpxqWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/779260-7be9-4b66-9df0-409176f846d3/1/2q8P82XUvZCN6QLu2gOyecL4CdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.121.0/24
Signature Algorithm: sha256WithRSAEncryption
50:a1:f0:69:71:03:30:af:7a:1b:50:f1:27:73:3c:74:05:bb:
e3:1d:e9:ac:ad:fe:f5:48:a3:34:4b:b4:c0:80:08:48:4f:d4:
8e:05:8d:cd:aa:cd:25:76:7e:da:c5:c0:fb:01:d3:4e:88:63:
eb:8a:43:93:66:34:e6:f8:a8:6c:0d:9c:68:2a:eb:a5:a1:47:
0c:d2:09:e2:d9:10:73:3a:70:7f:78:44:94:e1:6c:74:84:6d:
bc:08:74:68:0d:7d:8e:48:cf:37:7f:18:e2:46:84:ce:8c:30:
74:ce:09:e1:65:4c:32:7a:f4:f0:bc:d3:93:06:95:0f:c3:f9:
b0:93:39:1d:99:dd:ac:e4:8f:5f:62:48:50:17:49:2c:86:cc:
97:41:b1:a7:96:cc:c6:3b:19:12:7c:e6:4c:66:ce:4f:91:0e:
17:20:48:d5:4e:85:cd:5d:a6:19:f0:bf:49:c3:df:1d:b9:6d:
f6:18:0e:b7:8b:0f:7d:c7:4a:5c:fe:77:e2:41:0e:fb:09:5e:
87:11:75:1d:ec:b4:b7:8d:6b:e7:3a:c3:42:ea:6d:49:24:3f:
b5:f6:a1:74:19:90:74:7c:c9:dc:c7:56:3c:e0:3a:cb:9a:ee:
8f:42:89:49:bc:d2:e0:6f:c5:86:a3:0a:f9:4b:14:da:5a:f9:
0f:bd:65:5d
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAYB8MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRh
YWYwZmYzNjVkNGJkOTA4ZGU5MDJlZWRhMDNiMjc5YzJmODA5ZDMwHhcNMjIwMjIz
MDc0OTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyZDE0N2Y0NGQ2Nzll
N2U5MGQ0YTRmYzkzNDhiOTI5NTBhNzFhOTYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAvI7Si4/6uYuBtx/o0jkc0VZQtd7wD/jA61cbIS+cNzVRINIB
hEyD5DEJWt5O66cOLPXmaVtqlIbIyPTbLzNeIE4vseB9I139BIbijikww95xYTi6
cDwpbpP7aMH+Xx9MWKxVWXRTger0IsGonZKMlZVFmTGVihQ8ck8j5S2XQHs9a28N
IijE6W9CqNXPXlTPPgpPaiN1XLjYNaTFMnA2sYiLKVEHKpZ7/XY8Mr1HBvJYqEcc
oxNFFDhRXusua3nYVdmlJqeSqKXdWUdwC21nGVK9Zxzj43rSofmbpeDLb3dI42QU
ZmR71Dm7Ocyg4C6QM6QakouRjdKhVPrBmb80swIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFC0Uf0TWeefpDUpPyTSLkpUKcaljMB8GA1UdIwQYMBaAFNqvD/Nl1L2QjekC
7toDsnnC+AnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MnE4UDgyWFV2WkNONlFMdTJnT3llY0w0Q2RNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83ZS83NzkyNjAtN2JlOS00YjY2LTlkZjAtNDA5MTc2Zjg0NmQzLzEv
TFJSX1JOWjU1LWtOU2tfSk5JdVNsUXB4cVdNLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS83
NzkyNjAtN2JlOS00YjY2LTlkZjAtNDA5MTc2Zjg0NmQzLzEvMnE4UDgyWFV2WkNO
NlFMdTJnT3llY0w0Q2RNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0J5MA0GCSqGSIb3DQEBCwUAA4IB
AQBQofBpcQMwr3obUPEnczx0BbvjHemsrf71SKM0S7TAgAhIT9SOBY3Nqs0ldn7a
xcD7AdNOiGPrikOTZjTm+KhsDZxoKuuloUcM0gni2RBzOnB/eESU4Wx0hG28CHRo
DX2OSM83fxjiRoTOjDB0zgnhZUwyevTwvNOTBpUPw/mwkzkdmd2s5I9fYkhQF0ks
hsyXQbGnlszGOxkSfOZMZs5PkQ4XIEjVToXNXaYZ8L9Jw98duW32GA63iw99x0pc
/nfiQQ77CV6HEXUd7LS3jWvnOsNC6m1JJD+19qF0GZB0fMncx1Y84DrLmu6PQolJ
vNLgb8WGowr5SxTaWvkPvWVd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:13 2025 by rpki-client