Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/c9f2f6-191d-4f0f-a3c4-c3c80e4704e4/1/Lf-ZjC_-gGt_6Ou5bsOiVUwrnAM.roa
File: Lf-ZjC_-gGt_6Ou5bsOiVUwrnAM.roa (raw, json)
Hash identifier: TG2JGisBCXxRcNtHoKOUvoiNW6csf7BDgviXXHqe+pM=
Subject key identifier: 2D:FF:99:8C:2F:FE:80:6B:7F:E8:EB:B9:6E:C3:A2:55:4C:2B:9C:03
Certificate issuer: /CN=7672c0fe08371764058c6ab85dfb5dcdc109f77e
Certificate serial: 018975EFF456F4821AE763FB07C8E4D69CA5
Authority key identifier: 76:72:C0:FE:08:37:17:64:05:8C:6A:B8:5D:FB:5D:CD:C1:09:F7:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnLA_gg3F2QFjGq4XftdzcEJ934.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/c9f2f6-191d-4f0f-a3c4-c3c80e4704e4/1/Lf-ZjC_-gGt_6Ou5bsOiVUwrnAM.roa
Signing time: Fri 21 Jul 2023 00:53:27 +0000
ROA not before: Fri 21 Jul 2023 00:53:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 185.43.145.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:75:ef:f4:56:f4:82:1a:e7:63:fb:07:c8:e4:d6:9c:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7672c0fe08371764058c6ab85dfb5dcdc109f77e
Validity
Not Before: Jul 21 00:53:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2dff998c2ffe806b7fe8ebb96ec3a2554c2b9c03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:09:e8:51:6c:5c:35:9e:55:90:d3:f2:e1:e1:
00:45:23:20:5d:e1:87:eb:62:88:5e:2b:f0:90:4f:
1a:7c:1a:78:fd:a2:30:6d:a6:94:56:d0:82:88:82:
2b:6d:12:18:77:8e:3c:eb:2b:43:88:fd:d5:20:04:
b5:d7:53:50:34:d5:bc:41:8f:ff:66:a1:6a:1d:44:
89:3e:eb:20:44:80:1a:fc:e2:2d:6b:ec:ac:aa:d0:
2c:f8:40:9b:c0:e8:46:49:32:81:5f:22:10:9b:46:
89:65:b9:a3:e0:d7:a2:54:4d:d9:fe:f0:ba:0d:98:
52:42:d5:18:4d:e6:18:ae:f8:53:24:f9:2e:2f:74:
ee:6d:27:f4:da:a1:da:ae:0b:e3:9c:5d:6c:a7:3f:
e0:b4:b1:ae:12:07:d9:8e:a4:69:b7:aa:04:2a:34:
4c:24:db:60:98:6e:a0:bd:3d:ca:bc:30:8d:1f:1b:
43:46:b1:b6:a2:3f:b3:01:99:34:21:9c:6f:25:ee:
91:25:0d:56:e5:dc:7e:fe:a4:53:b4:56:11:25:f6:
38:37:2e:29:f9:6b:18:52:28:07:35:df:92:0b:2c:
8f:83:d3:ae:07:14:16:8a:3f:fc:6f:f6:a0:ca:a7:
65:23:ff:e3:3d:85:46:6e:31:9b:34:5f:7d:9b:2e:
fb:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FF:99:8C:2F:FE:80:6B:7F:E8:EB:B9:6E:C3:A2:55:4C:2B:9C:03
X509v3 Authority Key Identifier:
keyid:76:72:C0:FE:08:37:17:64:05:8C:6A:B8:5D:FB:5D:CD:C1:09:F7:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnLA_gg3F2QFjGq4XftdzcEJ934.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c9f2f6-191d-4f0f-a3c4-c3c80e4704e4/1/Lf-ZjC_-gGt_6Ou5bsOiVUwrnAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/c9f2f6-191d-4f0f-a3c4-c3c80e4704e4/1/dnLA_gg3F2QFjGq4XftdzcEJ934.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.145.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:c9:fd:cb:e9:30:0c:11:94:fb:b7:43:53:e3:ac:e8:10:41:
7e:cb:b0:0e:ab:79:0d:95:e5:72:5d:8a:18:6b:9d:38:cf:14:
48:93:4f:c9:4a:9e:16:d2:5b:73:17:a6:f6:c6:7a:2e:43:b0:
06:13:ca:07:5c:fd:64:af:b1:bf:12:b1:29:0d:cf:ad:3e:f9:
a7:7a:21:42:b5:74:ac:a1:54:b7:ab:83:19:70:22:9a:40:ba:
0a:4a:5e:db:e7:f2:04:25:33:43:ac:d5:2c:6e:50:f2:d2:51:
17:5a:d8:27:65:d0:6a:8a:29:b5:8f:f6:73:09:aa:00:f4:ae:
a4:59:14:45:bc:54:7b:65:fb:25:7b:58:e9:df:8e:a8:32:dd:
09:00:2f:49:1a:87:57:21:11:0b:7f:10:0b:80:ad:fe:2b:53:
d6:b0:17:19:d2:75:7d:6d:db:8d:a5:1f:cc:48:47:cf:e0:65:
af:91:d9:31:f7:c0:25:5f:28:ef:56:78:a9:c7:cc:3d:e3:9f:
f3:c6:94:e7:76:56:b8:3e:a7:6f:3c:37:59:db:73:ab:d2:24:
7b:ac:cb:e1:bf:5e:87:e6:fa:8e:3c:67:ea:c0:2b:04:b7:8d:
86:da:50:ef:ca:fa:44:8b:f7:63:06:f0:3d:81:6c:85:e3:a5:
90:58:00:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYl17/RW9IIa52P7B8jk1pylMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NzJjMGZlMDgzNzE3NjQwNThjNmFiODVkZmI1ZGNkYzEw
OWY3N2UwHhcNMjMwNzIxMDA1MzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGZmOTk4YzJmZmU4MDZiN2ZlOGViYjk2ZWMzYTI1NTRjMmI5YzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAignoUWxcNZ5VkNPy4eEARSMgXeGH
62KIXivwkE8afBp4/aIwbaaUVtCCiIIrbRIYd4486ytDiP3VIAS111NQNNW8QY//
ZqFqHUSJPusgRIAa/OIta+ysqtAs+ECbwOhGSTKBXyIQm0aJZbmj4NeiVE3Z/vC6
DZhSQtUYTeYYrvhTJPkuL3TubSf02qHargvjnF1spz/gtLGuEgfZjqRpt6oEKjRM
JNtgmG6gvT3KvDCNHxtDRrG2oj+zAZk0IZxvJe6RJQ1W5dx+/qRTtFYRJfY4Ny4p
+WsYUigHNd+SCyyPg9OuBxQWij/8b/agyqdlI//jPYVGbjGbNF99my77BwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC3/mYwv/oBrf+jruW7DolVMK5wDMB8GA1UdIwQY
MBaAFHZywP4INxdkBYxquF37Xc3BCfd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG5MQV9nZzNGMlFGakdxNFhmdGR6Y0VKOTM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS9jOWYyZjYtMTkxZC00ZjBmLWEzYzQt
YzNjODBlNDcwNGU0LzEvTGYtWmpDXy1nR3RfNk91NWJzT2lWVXdybkFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS9jOWYyZjYtMTkxZC00ZjBmLWEzYzQtYzNjODBlNDcwNGU0
LzEvZG5MQV9nZzNGMlFGakdxNFhmdGR6Y0VKOTM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSuRMA0G
CSqGSIb3DQEBCwUAA4IBAQCfyf3L6TAMEZT7t0NT46zoEEF+y7AOq3kNleVyXYoY
a504zxRIk0/JSp4W0ltzF6b2xnouQ7AGE8oHXP1kr7G/ErEpDc+tPvmneiFCtXSs
oVS3q4MZcCKaQLoKSl7b5/IEJTNDrNUsblDy0lEXWtgnZdBqiim1j/ZzCaoA9K6k
WRRFvFR7Zfsle1jp346oMt0JAC9JGodXIRELfxALgK3+K1PWsBcZ0nV9bduNpR/M
SEfP4GWvkdkx98AlXyjvVnipx8w945/zxpTndla4PqdvPDdZ23Or0iR7rMvhv16H
5vqOPGfqwCsEt42G2lDvyvpEi/djBvA9gWyF46WQWAA6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:57 2025 by rpki-client