Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/L-45x6lxrU5x0MJXG9SjkY3u4J4.roa
File: L-45x6lxrU5x0MJXG9SjkY3u4J4.roa (raw, json)
Hash identifier: vkgVc/obkjgw8yN7SxCVQxcgoCJEJDzxL5fG57L6TPc=
Subject key identifier: 2F:EE:39:C7:A9:71:AD:4E:71:D0:C2:57:1B:D4:A3:91:8D:EE:E0:9E
Certificate issuer: /CN=1e00a55f9d7b75396b4bfa13e78960a5a12f4ef5
Certificate serial: 01856DB88396DC325F95439FBE5B01613855
Authority key identifier: 1E:00:A5:5F:9D:7B:75:39:6B:4B:FA:13:E7:89:60:A5:A1:2F:4E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HgClX517dTlrS_oT54lgpaEvTvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/L-45x6lxrU5x0MJXG9SjkY3u4J4.roa
Signing time: Sun 01 Jan 2023 14:24:46 +0000
ROA not before: Sun 01 Jan 2023 14:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50673
IP address blocks: 91.200.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:83:96:dc:32:5f:95:43:9f:be:5b:01:61:38:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e00a55f9d7b75396b4bfa13e78960a5a12f4ef5
Validity
Not Before: Jan 1 14:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2fee39c7a971ad4e71d0c2571bd4a3918deee09e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:69:4b:fb:31:c4:4a:4a:5f:0d:ff:d6:80:
f2:b0:18:89:fe:49:b8:88:bf:09:db:98:d5:a6:2f:
f6:95:e6:52:8c:8e:9f:46:02:3d:36:61:49:a3:c5:
27:13:7f:79:e7:3f:66:a7:d0:df:ac:ea:b2:f1:de:
8a:c3:11:cd:d1:e2:22:be:95:de:8c:09:cf:13:17:
7c:48:e5:46:45:09:d4:41:20:be:b6:91:47:ea:51:
09:ce:d3:54:f5:d6:7d:ac:5b:67:19:35:37:a2:30:
a2:be:bd:52:07:bf:dc:5e:bc:63:7c:8a:68:f0:46:
f3:88:2a:3b:7b:24:7a:f4:9e:ce:b8:11:b7:e1:eb:
cf:1d:e1:50:34:00:79:93:e7:18:6a:cd:cf:b4:7f:
c0:e9:a9:98:c6:a6:74:85:f3:49:b5:e3:aa:f7:de:
89:b2:6d:59:6f:d7:18:2a:00:a4:a4:60:44:d9:37:
a3:73:b9:0f:0d:28:8b:71:d1:ef:59:05:e2:ce:1b:
7e:ab:7d:bc:e3:73:5d:4b:21:73:e4:f4:f6:67:c8:
93:09:e5:ae:4a:a5:f9:d6:20:c7:8c:e5:8b:9f:e5:
a9:1f:a7:81:1f:1f:23:1c:39:1d:cb:a1:a3:04:f2:
2f:31:bc:85:65:47:32:0b:9c:65:c6:fd:05:89:3d:
6b:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:EE:39:C7:A9:71:AD:4E:71:D0:C2:57:1B:D4:A3:91:8D:EE:E0:9E
X509v3 Authority Key Identifier:
keyid:1E:00:A5:5F:9D:7B:75:39:6B:4B:FA:13:E7:89:60:A5:A1:2F:4E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HgClX517dTlrS_oT54lgpaEvTvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/L-45x6lxrU5x0MJXG9SjkY3u4J4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/681526-863d-4698-b125-cf7edf3f5eac/1/HgClX517dTlrS_oT54lgpaEvTvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.147.0/24
Signature Algorithm: sha256WithRSAEncryption
07:3e:72:7f:56:dc:39:48:31:9e:59:cb:d6:44:6d:8a:b5:49:
4e:71:af:7d:16:33:62:23:5b:60:03:d8:d6:f1:86:97:b2:24:
98:40:4c:bd:21:9e:45:ae:4e:05:b2:52:31:6d:5e:cd:12:41:
8a:2e:01:d8:d0:a4:88:3e:17:49:fd:f3:b3:a9:5f:ba:38:db:
8d:e3:fa:bf:d2:a5:bf:59:bb:45:cf:74:8c:06:57:bd:e2:0b:
1c:22:b5:2f:31:56:f0:a9:07:00:f3:47:13:20:87:cd:67:de:
37:9d:24:47:ff:ea:48:67:3a:af:3a:cf:f9:49:b8:6f:7b:3c:
9d:06:1c:24:5d:45:1a:7b:4d:ac:89:e6:e7:37:40:97:4c:b3:
40:5b:95:2a:4b:46:97:11:48:97:89:a1:5f:ad:bd:74:2d:2e:
0c:0f:b2:8c:c6:93:49:66:e4:20:7d:de:f7:54:70:72:0d:fb:
80:f3:0a:2a:89:f5:8e:18:58:a7:8c:f6:24:54:30:ef:5f:0a:
1b:bd:c0:2a:5d:22:f0:b8:b7:78:fd:04:11:ad:ee:08:fb:55:
c7:2c:74:bf:30:23:da:0c:5c:07:52:77:c5:86:ac:20:ce:58:
ec:d8:ba:e7:e9:d3:f2:b4:9f:d4:49:b2:ac:b6:65:60:4e:63:
11:64:91:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtuIOW3DJflUOfvlsBYThVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMDBhNTVmOWQ3Yjc1Mzk2YjRiZmExM2U3ODk2MGE1YTEy
ZjRlZjUwHhcNMjMwMTAxMTQyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmVlMzljN2E5NzFhZDRlNzFkMGMyNTcxYmQ0YTM5MThkZWVlMDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR9pS/sxxEpKXw3/1oDysBiJ/km4
iL8J25jVpi/2leZSjI6fRgI9NmFJo8UnE3955z9mp9DfrOqy8d6KwxHN0eIivpXe
jAnPExd8SOVGRQnUQSC+tpFH6lEJztNU9dZ9rFtnGTU3ojCivr1SB7/cXrxjfIpo
8EbziCo7eyR69J7OuBG34evPHeFQNAB5k+cYas3PtH/A6amYxqZ0hfNJteOq996J
sm1Zb9cYKgCkpGBE2Tejc7kPDSiLcdHvWQXizht+q32843NdSyFz5PT2Z8iTCeWu
SqX51iDHjOWLn+WpH6eBHx8jHDkdy6GjBPIvMbyFZUcyC5xlxv0FiT1rfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/uOcepca1OcdDCVxvUo5GN7uCeMB8GA1UdIwQY
MBaAFB4ApV+de3U5a0v6E+eJYKWhL071MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGdDbFg1MTdkVGxyU19vVDU0bGdwYUV2VHZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS82ODE1MjYtODYzZC00Njk4LWIxMjUt
Y2Y3ZWRmM2Y1ZWFjLzEvTC00NXg2bHhyVTV4ME1KWEc5U2prWTN1NEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS82ODE1MjYtODYzZC00Njk4LWIxMjUtY2Y3ZWRmM2Y1ZWFj
LzEvSGdDbFg1MTdkVGxyU19vVDU0bGdwYUV2VHZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8iTMA0G
CSqGSIb3DQEBCwUAA4IBAQAHPnJ/Vtw5SDGeWcvWRG2KtUlOca99FjNiI1tgA9jW
8YaXsiSYQEy9IZ5Frk4FslIxbV7NEkGKLgHY0KSIPhdJ/fOzqV+6ONuN4/q/0qW/
WbtFz3SMBle94gscIrUvMVbwqQcA80cTIIfNZ943nSRH/+pIZzqvOs/5Sbhvezyd
BhwkXUUae02siebnN0CXTLNAW5UqS0aXEUiXiaFfrb10LS4MD7KMxpNJZuQgfd73
VHByDfuA8woqifWOGFinjPYkVDDvXwobvcAqXSLwuLd4/QQRre4I+1XHLHS/MCPa
DFwHUnfFhqwgzljs2Lrn6dPytJ/USbKstmVgTmMRZJHa
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:25 2025 by rpki-client