Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/ltQvPPlPrlHOoe8rWzMfM9sB5DI.roa
File: ltQvPPlPrlHOoe8rWzMfM9sB5DI.roa (raw, json)
Hash identifier: UndbpjWLIXIUtQq4vtAu2HJZdVte2/h9gTjyaCPGC1g=
Subject key identifier: 96:D4:2F:3C:F9:4F:AE:51:CE:A1:EF:2B:5B:33:1F:33:DB:01:E4:32
Certificate issuer: /CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Certificate serial: 036D5369
Authority key identifier: 9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/ltQvPPlPrlHOoe8rWzMfM9sB5DI.roa
Signing time: Mon 20 Jun 2022 10:24:46 +0000
ROA not before: Mon 20 Jun 2022 10:24:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39232
IP address blocks: 134.19.210.0/23 maxlen: 23
134.19.208.0/23 maxlen: 23
134.19.208.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57496425 (0x36d5369)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bed36af13da482fdf79fb5403e5074860eecd0d
Validity
Not Before: Jun 20 10:24:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96d42f3cf94fae51cea1ef2b5b331f33db01e432
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1d:1b:5f:21:8d:5b:e3:9f:7c:68:d0:f7:e1:
d6:9c:eb:ab:f1:41:9c:6d:ab:3d:cc:43:a1:3e:7d:
10:8c:08:ee:7d:07:47:15:d3:b0:79:03:99:8d:e5:
6d:a0:a4:ef:dd:a3:04:27:ac:9a:a0:3c:4c:89:8b:
37:e2:1f:3b:8d:eb:d6:8b:fe:6a:f2:a5:20:e4:65:
e1:63:53:31:0d:7c:d5:67:77:ab:10:41:78:f2:59:
b3:9e:00:61:b0:93:a1:a8:b1:ba:ea:ae:80:0d:a1:
ca:5d:c7:13:f9:68:21:c1:13:2c:69:92:5b:cd:06:
6c:e8:23:0d:7c:b9:e6:5a:57:de:29:3e:fc:30:0d:
7d:33:bb:17:f1:e0:75:1f:26:e5:b4:76:3c:29:c6:
9b:3e:8f:3a:1f:3e:86:45:dc:57:f7:29:d5:59:88:
a1:ec:a8:3a:3a:0b:9f:99:50:d7:9d:49:d3:f6:68:
2f:bd:1c:2e:98:b3:64:93:82:4a:5d:3b:d7:0d:11:
4c:69:c1:55:ea:b6:0f:e9:0f:b8:2b:02:ed:4a:f4:
16:65:28:a5:76:1b:5a:74:68:e8:2e:be:3a:47:8f:
6d:7d:73:c0:7a:a9:4c:6f:a8:51:c5:25:a8:8c:ce:
0c:b9:fa:25:16:40:7b:ea:26:cf:3d:e4:0e:02:e3:
2f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:D4:2F:3C:F9:4F:AE:51:CE:A1:EF:2B:5B:33:1F:33:DB:01:E4:32
X509v3 Authority Key Identifier:
keyid:9B:ED:36:AF:13:DA:48:2F:DF:79:FB:54:03:E5:07:48:60:EE:CD:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m-02rxPaSC_feftUA-UHSGDuzQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/ltQvPPlPrlHOoe8rWzMfM9sB5DI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/4b0283-a90c-4d64-8301-d221ebd0818d/1/m-02rxPaSC_feftUA-UHSGDuzQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.208.0/22
Signature Algorithm: sha256WithRSAEncryption
31:89:4e:8d:95:08:32:17:f1:0e:c4:dd:4a:6d:b2:eb:34:58:
94:a9:10:05:76:00:ee:51:4d:33:dd:58:70:0a:53:7d:41:53:
d5:ab:23:53:5c:0a:f2:df:de:d9:e1:8c:06:19:00:6d:c5:3a:
cd:7b:db:32:7f:a8:48:c2:f9:87:2b:98:1a:90:ab:bd:27:86:
51:05:90:9b:6c:27:94:76:d3:4b:f4:8d:ad:10:d9:9a:6e:9e:
5d:4d:55:01:ef:82:0f:8b:3d:c0:53:1f:92:76:a9:6f:f1:44:
6e:3a:fa:55:e6:83:9e:07:d7:87:5c:96:29:b7:1b:d4:b8:ae:
7e:f5:8d:a7:c9:60:30:17:81:10:0f:8e:cc:b9:3a:bd:b3:10:
ad:89:3b:ab:3d:ac:3b:12:9a:53:b3:47:7f:18:ab:5c:9e:9a:
aa:e0:3f:8c:e2:f3:18:1c:d3:f1:6d:fd:eb:49:37:6c:58:86:
ad:d0:5f:52:6d:14:0d:a7:5a:c5:07:c6:ab:de:bc:cd:2f:36:
92:6c:ad:9c:47:7f:bb:62:ec:f1:08:74:f5:ed:e1:5b:ad:6f:
1c:ea:75:cf:85:3c:8f:c1:07:01:d5:e6:13:c3:89:c3:e1:a8:
37:37:3c:83:2a:69:39:8b:da:14:0d:4f:51:86:38:58:21:b7:
0a:bf:10:99
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA21TaTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YmVkMzZhZjEzZGE0ODJmZGY3OWZiNTQwM2U1MDc0ODYwZWVjZDBkMB4XDTIyMDYy
MDEwMjQ0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZkNDJmM2NmOTRm
YWU1MWNlYTFlZjJiNWIzMzFmMzNkYjAxZTQzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJodG18hjVvjn3xo0Pfh1pzrq/FBnG2rPcxDoT59EIwI7n0H
RxXTsHkDmY3lbaCk792jBCesmqA8TImLN+IfO43r1ov+avKlIORl4WNTMQ181Wd3
qxBBePJZs54AYbCToaixuuqugA2hyl3HE/loIcETLGmSW80GbOgjDXy55lpX3ik+
/DANfTO7F/HgdR8m5bR2PCnGmz6POh8+hkXcV/cp1VmIoeyoOjoLn5lQ151J0/Zo
L70cLpizZJOCSl071w0RTGnBVeq2D+kPuCsC7Ur0FmUopXYbWnRo6C6+OkePbX1z
wHqpTG+oUcUlqIzODLn6JRZAe+omzz3kDgLjLwkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSW1C88+U+uUc6h7ytbMx8z2wHkMjAfBgNVHSMEGDAWgBSb7TavE9pIL995
+1QD5QdIYO7NDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20tMDJyeFBhU0NfZmVmdFVBLVVIU0dEdXpRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvNGIwMjgzLWE5MGMtNGQ2NC04MzAxLWQyMjFlYmQwODE4ZC8x
L2x0UXZQUGxQcmxIT29lOHJXek1mTTlzQjVESS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
NGIwMjgzLWE5MGMtNGQ2NC04MzAxLWQyMjFlYmQwODE4ZC8xL20tMDJyeFBhU0Nf
ZmVmdFVBLVVIU0dEdXpRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoYT0DANBgkqhkiG9w0BAQsFAAOC
AQEAMYlOjZUIMhfxDsTdSm2y6zRYlKkQBXYA7lFNM91YcApTfUFT1asjU1wK8t/e
2eGMBhkAbcU6zXvbMn+oSML5hyuYGpCrvSeGUQWQm2wnlHbTS/SNrRDZmm6eXU1V
Ae+CD4s9wFMfknapb/FEbjr6VeaDngfXh1yWKbcb1LiufvWNp8lgMBeBEA+OzLk6
vbMQrYk7qz2sOxKaU7NHfxirXJ6aquA/jOLzGBzT8W3960k3bFiGrdBfUm0UDada
xQfGq968zS82kmytnEd/u2Ls8Qh09e3hW61vHOp1z4U8j8EHAdXmE8OJw+GoNzc8
gyppOYvaFA1PUYY4WCG3Cr8QmQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:11 2025 by rpki-client