Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/lS0FEv-Vjsv04JxvMTJ1YfmogLA.roa
File: lS0FEv-Vjsv04JxvMTJ1YfmogLA.roa (raw, json)
Hash identifier: KvlO9hf2xV7WiFLMFphKU9Weh73pV0TPtH7eWUY0Acs=
Subject key identifier: 95:2D:05:12:FF:95:8E:CB:F4:E0:9C:6F:31:32:75:61:F9:A8:80:B0
Certificate issuer: /CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Certificate serial: 018573718AC9F1D78CA26E5A7ABD79ABCE72
Authority key identifier: 64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/lS0FEv-Vjsv04JxvMTJ1YfmogLA.roa
Signing time: Mon 02 Jan 2023 17:04:58 +0000
ROA not before: Mon 02 Jan 2023 17:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34432
IP address blocks: 194.34.225.0/24 maxlen: 24
2a0d:f9c1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:8a:c9:f1:d7:8c:a2:6e:5a:7a:bd:79:ab:ce:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=643e1ba91c569a8b21a6d2d67f5dbbd6c04e43ea
Validity
Not Before: Jan 2 17:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=952d0512ff958ecbf4e09c6f31327561f9a880b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:55:d9:18:d7:b8:32:11:9d:cd:71:c0:e3:76:
29:5e:3a:6d:ec:be:65:d9:6f:57:86:36:4e:bb:a8:
2c:ba:c3:86:9a:8c:0c:c9:bc:d3:de:a1:f4:fc:3c:
cd:1d:56:43:1e:60:3c:27:58:99:33:ff:6e:e4:d6:
12:3a:ff:ec:f8:78:e2:81:f5:e7:66:81:0f:fe:c5:
39:fa:c5:c2:a6:1d:61:a4:fd:e0:07:96:14:cf:13:
90:04:08:4c:b9:fe:fb:7f:f4:60:9b:da:39:9f:e3:
e2:9d:7e:fa:0a:c5:6c:5c:6e:a1:6d:d2:6f:9e:6b:
11:ac:04:e1:56:aa:a9:e2:54:bb:25:9c:8d:ef:06:
56:65:02:81:d2:67:e7:e2:7c:fc:bc:f6:ed:c2:3a:
8a:dd:cb:e6:e7:c5:d1:d0:08:a0:83:ff:03:40:4a:
f1:37:fc:3b:92:99:cd:09:05:36:93:87:c4:cf:31:
68:88:75:f5:02:32:de:c3:79:7e:a6:9f:62:37:45:
8a:56:b6:4e:20:a0:4c:55:89:1d:c8:3a:e0:48:00:
f0:1f:0c:d9:6a:42:7c:11:95:e0:0a:a7:83:f0:ed:
98:d3:6d:4f:5e:e7:5f:1c:3a:1b:b4:f1:9e:1a:0c:
6a:3e:22:b4:bf:d2:54:82:7b:c1:75:f9:b2:1c:35:
07:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:2D:05:12:FF:95:8E:CB:F4:E0:9C:6F:31:32:75:61:F9:A8:80:B0
X509v3 Authority Key Identifier:
keyid:64:3E:1B:A9:1C:56:9A:8B:21:A6:D2:D6:7F:5D:BB:D6:C0:4E:43:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZD4bqRxWmoshptLWf1271sBOQ-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/lS0FEv-Vjsv04JxvMTJ1YfmogLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/aca912-9e8d-4749-95e0-fea0aff359f5/1/ZD4bqRxWmoshptLWf1271sBOQ-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.34.225.0/24
IPv6:
2a0d:f9c1::/32
Signature Algorithm: sha256WithRSAEncryption
a6:a7:68:de:30:9e:0b:de:cc:89:54:ce:7e:f7:79:a5:c3:08:
b7:f6:94:1f:0d:91:de:80:d7:a7:62:48:17:65:e6:20:45:83:
74:2c:9f:85:16:0a:37:0e:46:1a:69:3f:35:3c:08:bb:04:0e:
ab:b8:f8:41:8a:16:8e:fa:27:17:b0:58:c7:79:0a:e8:fc:e6:
67:e3:de:ba:01:a7:5d:b9:b4:f7:85:49:39:14:3a:8a:48:74:
f4:36:e3:e8:70:d9:ff:70:8b:48:e8:59:90:f8:f4:79:e9:73:
73:0c:1d:ae:d1:ac:e7:9f:6a:52:e2:19:56:63:ad:11:f4:c3:
2b:a7:f0:1a:6d:57:77:6e:34:24:43:cc:9b:81:28:0b:fe:02:
5e:d4:78:3d:a8:ba:8f:07:16:cf:cc:e1:2f:c9:b7:3c:2e:7f:
63:ff:1b:2c:4f:fc:02:c3:b4:95:38:58:9a:a0:b6:8c:91:e7:
ff:dd:fa:e0:81:19:7d:bc:1e:14:d3:66:f5:e9:58:18:88:c1:
a3:be:16:40:88:6d:92:05:dd:f0:db:0d:43:61:ce:a6:66:56:
40:85:95:e4:f9:29:2a:ad:2b:3d:27:c7:4a:6c:82:c6:b6:e5:
06:29:7b:48:3c:86:cc:39:c1:9e:ac:8f:32:bc:1d:25:11:f1:
c8:fa:f9:2e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVzcYrJ8deMom5aer15q85yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0M2UxYmE5MWM1NjlhOGIyMWE2ZDJkNjdmNWRiYmQ2YzA0
ZTQzZWEwHhcNMjMwMTAyMTcwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTJkMDUxMmZmOTU4ZWNiZjRlMDljNmYzMTMyNzU2MWY5YTg4MGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkFXZGNe4MhGdzXHA43YpXjpt7L5l
2W9XhjZOu6gsusOGmowMybzT3qH0/DzNHVZDHmA8J1iZM/9u5NYSOv/s+HjigfXn
ZoEP/sU5+sXCph1hpP3gB5YUzxOQBAhMuf77f/Rgm9o5n+PinX76CsVsXG6hbdJv
nmsRrAThVqqp4lS7JZyN7wZWZQKB0mfn4nz8vPbtwjqK3cvm58XR0Aigg/8DQErx
N/w7kpnNCQU2k4fEzzFoiHX1AjLew3l+pp9iN0WKVrZOIKBMVYkdyDrgSADwHwzZ
akJ8EZXgCqeD8O2Y021PXudfHDobtPGeGgxqPiK0v9JUgnvBdfmyHDUH2wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJUtBRL/lY7L9OCcbzEydWH5qICwMB8GA1UdIwQY
MBaAFGQ+G6kcVpqLIabS1n9du9bATkPqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAt
ZmVhMGFmZjM1OWY1LzEvbFMwRkV2LVZqc3YwNEp4dk1USjFZZm1vZ0xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9hY2E5MTItOWU4ZC00NzQ5LTk1ZTAtZmVhMGFmZjM1OWY1
LzEvWkQ0YnFSeFdtb3NocHRMV2YxMjcxc0JPUS1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwiLhMA0E
AgACMAcDBQAqDfnBMA0GCSqGSIb3DQEBCwUAA4IBAQCmp2jeMJ4L3syJVM5+93ml
wwi39pQfDZHegNenYkgXZeYgRYN0LJ+FFgo3DkYaaT81PAi7BA6ruPhBihaO+icX
sFjHeQro/OZn4966AaddubT3hUk5FDqKSHT0NuPocNn/cItI6FmQ+PR56XNzDB2u
0aznn2pS4hlWY60R9MMrp/AabVd3bjQkQ8ybgSgL/gJe1Hg9qLqPBxbPzOEvybc8
Ln9j/xssT/wCw7SVOFiaoLaMkef/3frggRl9vB4U02b16VgYiMGjvhZAiG2SBd3w
2w1DYc6mZlZAhZXk+SkqrSs9J8dKbILGtuUGKXtIPIbMOcGerI8yvB0lEfHI+vku
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:23 2025 by rpki-client