Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/0896b2-f809-4f1d-9b94-14a0825b5291/1/Lx2szhrkMCMlP73sTuniv6OG6-M.roa
File: Lx2szhrkMCMlP73sTuniv6OG6-M.roa (raw, json)
Hash identifier: PLm+7jqcHjXSZSBv+JcqtHa0FDAsBL+cMsH2F8hv4cA=
Subject key identifier: 2F:1D:AC:CE:1A:E4:30:23:25:3F:BD:EC:4E:E9:E2:BF:A3:86:EB:E3
Certificate issuer: /CN=a896c1e14c86e6ef5b16724f7117676ec7214957
Certificate serial: 132BF383
Authority key identifier: A8:96:C1:E1:4C:86:E6:EF:5B:16:72:4F:71:17:67:6E:C7:21:49:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJbB4UyG5u9bFnJPcRdnbschSVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/0896b2-f809-4f1d-9b94-14a0825b5291/1/Lx2szhrkMCMlP73sTuniv6OG6-M.roa
Signing time: Sat 01 Jan 2022 12:57:41 +0000
ROA not before: Sat 01 Jan 2022 12:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 193.24.80.0/21 maxlen: 21
192.82.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 321647491 (0x132bf383)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a896c1e14c86e6ef5b16724f7117676ec7214957
Validity
Not Before: Jan 1 12:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f1dacce1ae43023253fbdec4ee9e2bfa386ebe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:cc:6b:76:56:a5:09:94:95:a2:23:ce:db:7f:
ec:d8:db:7a:e9:06:7f:ea:a0:9d:65:31:ba:2e:b5:
61:ab:39:ef:a9:2d:bc:77:34:42:50:7b:13:fe:e3:
4e:34:ac:0a:67:47:2d:c1:bc:b5:c0:69:27:67:4a:
f5:4c:eb:9a:13:9c:15:26:65:e8:77:ab:91:30:a6:
82:51:a5:c4:0d:b7:bc:f5:12:77:20:19:13:71:75:
f6:88:87:ab:24:20:de:fa:60:5f:9c:e8:f7:87:72:
29:ff:30:ce:61:6d:6b:07:2f:ec:f8:73:54:c0:5e:
86:68:fd:14:ca:1b:10:ab:b5:cb:ae:66:14:91:80:
12:e3:5e:18:9c:02:0f:55:29:8d:df:34:0f:ad:85:
68:05:86:2d:b5:26:8f:57:b5:b2:76:07:a5:fd:b9:
49:67:7d:1c:e1:22:2b:24:0c:6b:3d:3f:3c:59:cf:
c5:8d:a1:72:de:fc:ae:c1:56:21:8a:73:67:41:3b:
95:fa:93:19:43:9b:0b:96:28:22:8a:aa:16:82:13:
64:4e:ea:2e:a6:b0:56:d8:eb:e5:af:5f:87:60:9b:
df:56:24:81:9f:17:19:aa:6b:0b:86:04:f5:50:ce:
73:f2:19:db:27:d2:8c:c0:53:e5:2a:ca:38:e7:ef:
a7:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:1D:AC:CE:1A:E4:30:23:25:3F:BD:EC:4E:E9:E2:BF:A3:86:EB:E3
X509v3 Authority Key Identifier:
keyid:A8:96:C1:E1:4C:86:E6:EF:5B:16:72:4F:71:17:67:6E:C7:21:49:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJbB4UyG5u9bFnJPcRdnbschSVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/0896b2-f809-4f1d-9b94-14a0825b5291/1/Lx2szhrkMCMlP73sTuniv6OG6-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/0896b2-f809-4f1d-9b94-14a0825b5291/1/qJbB4UyG5u9bFnJPcRdnbschSVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.82.241.0/24
193.24.80.0/21
Signature Algorithm: sha256WithRSAEncryption
56:78:08:42:f2:c5:00:80:2c:a0:ea:7e:51:50:97:44:5a:68:
27:16:65:26:be:d7:b3:b1:57:de:db:fb:7d:b3:15:f0:7a:02:
37:5b:ab:2d:c8:f7:d5:b4:1a:64:93:bb:56:c6:9e:a1:36:a4:
12:0b:dd:27:48:78:b2:bc:be:28:b8:f2:97:fd:be:82:8a:b0:
90:9c:0e:07:7b:90:a7:ee:14:ee:27:3a:13:2f:1a:ff:6c:3f:
03:65:cc:82:b0:7e:7c:89:da:28:1b:b3:cb:3d:de:d1:ae:b3:
e3:91:80:34:47:84:64:59:4a:79:2a:39:c6:dc:1d:73:8a:56:
32:ba:b0:1f:08:6e:ce:83:63:f2:01:5e:fb:6a:7e:b9:21:64:
46:61:6d:e6:0a:7c:d0:1b:73:36:2f:de:cd:30:67:70:f1:38:
31:0c:56:68:d9:7e:11:b3:9a:75:5e:6e:56:5d:30:79:6e:8e:
53:c4:b8:df:c1:ad:05:bc:60:3d:6e:ed:56:41:47:45:d7:29:
90:7e:1b:99:36:e7:f2:d6:2a:d5:3b:22:24:42:0d:01:3c:ce:
2d:53:c3:b0:6b:b8:06:4d:2e:ce:9f:4d:f4:d4:ed:4c:3e:3f:
00:97:61:51:b1:1f:71:78:3d:c6:6d:15:c6:74:52:08:9b:b9:
46:80:60:d2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEyvzgzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODk2YzFlMTRjODZlNmVmNWIxNjcyNGY3MTE3Njc2ZWM3MjE0OTU3MB4XDTIyMDEw
MTEyNTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYxZGFjY2UxYWU0
MzAyMzI1M2ZiZGVjNGVlOWUyYmZhMzg2ZWJlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLMa3ZWpQmUlaIjztt/7NjbeukGf+qgnWUxui61Yas576kt
vHc0QlB7E/7jTjSsCmdHLcG8tcBpJ2dK9UzrmhOcFSZl6HerkTCmglGlxA23vPUS
dyAZE3F19oiHqyQg3vpgX5zo94dyKf8wzmFtawcv7PhzVMBehmj9FMobEKu1y65m
FJGAEuNeGJwCD1Upjd80D62FaAWGLbUmj1e1snYHpf25SWd9HOEiKyQMaz0/PFnP
xY2hct78rsFWIYpzZ0E7lfqTGUObC5YoIoqqFoITZE7qLqawVtjr5a9fh2Cb31Yk
gZ8XGaprC4YE9VDOc/IZ2yfSjMBT5SrKOOfvp2MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQvHazOGuQwIyU/vexO6eK/o4br4zAfBgNVHSMEGDAWgBSolsHhTIbm71sW
ck9xF2duxyFJVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FKYkI0VXlHNXU5YkZuSlBjUmRuYnNjaFNWYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODkvMDg5NmIyLWY4MDktNGYxZC05Yjk0LTE0YTA4MjViNTI5MS8x
L0x4MnN6aHJrTUNNbFA3M3NUdW5pdjZPRzYtTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODkv
MDg5NmIyLWY4MDktNGYxZC05Yjk0LTE0YTA4MjViNTI5MS8xL3FKYkI0VXlHNXU5
YkZuSlBjUmRuYnNjaFNWYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAMBS8QMEA8EYUDANBgkqhkiG9w0B
AQsFAAOCAQEAVngIQvLFAIAsoOp+UVCXRFpoJxZlJr7Xs7FX3tv7fbMV8HoCN1ur
Lcj31bQaZJO7VsaeoTakEgvdJ0h4sry+KLjyl/2+goqwkJwOB3uQp+4U7ic6Ey8a
/2w/A2XMgrB+fInaKBuzyz3e0a6z45GANEeEZFlKeSo5xtwdc4pWMrqwHwhuzoNj
8gFe+2p+uSFkRmFt5gp80BtzNi/ezTBncPE4MQxWaNl+EbOadV5uVl0weW6OU8S4
38GtBbxgPW7tVkFHRdcpkH4bmTbn8tYq1TsiJEINATzOLVPDsGu4Bk0uzp9N9NTt
TD4/AJdhUbEfcXg9xm0VxnRSCJu5RoBg0g==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:46:48 2025 by rpki-client