Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/LTOVY3dov-vmPh1-27lFYEKSigk.roa
File: LTOVY3dov-vmPh1-27lFYEKSigk.roa (raw, json)
Hash identifier: d8qh87tWPLZkeuTEZHRAnpBxfn8I02DNCcY2xNw2PzU=
Subject key identifier: 2D:33:95:63:77:68:BF:EB:E6:3E:1D:7E:DB:B9:45:60:42:92:8A:09
Certificate issuer: /CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Certificate serial: 018570C2BC45777D438A2EB010BE7E4091FA
Authority key identifier: 09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/LTOVY3dov-vmPh1-27lFYEKSigk.roa
Signing time: Mon 02 Jan 2023 04:34:48 +0000
ROA not before: Mon 02 Jan 2023 04:34:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207558
IP address blocks: 91.224.171.0/24 maxlen: 24
91.196.229.0/24 maxlen: 24
91.196.228.0/22 maxlen: 22
91.196.228.0/24 maxlen: 24
91.196.231.0/24 maxlen: 24
91.196.230.0/24 maxlen: 24
2a0f:d840::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:c2:bc:45:77:7d:43:8a:2e:b0:10:be:7e:40:91:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09fecd7071b727db3d12f09efbb454e04d4f743d
Validity
Not Before: Jan 2 04:34:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d3395637768bfebe63e1d7edbb9456042928a09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d1:be:cb:00:ec:4c:76:e2:c0:53:88:99:62:
05:8f:05:7c:0b:31:45:9a:86:88:af:a7:32:fe:5e:
b2:50:78:c7:74:9d:6b:4d:f7:46:f8:00:b5:89:61:
5e:3f:84:12:79:7f:1b:2e:c7:8d:56:7c:9d:bd:2d:
49:15:88:f9:50:3b:f1:5c:36:a9:57:de:55:c9:b6:
65:dc:8f:87:d9:12:96:b5:68:5a:39:61:f1:69:a5:
20:a1:7f:13:83:90:21:fc:fa:ac:d3:68:ed:bf:73:
08:2b:3d:ba:e4:ca:62:ef:b0:6b:7e:40:a7:3e:76:
1a:7e:38:d1:dc:38:3a:df:22:ad:55:4b:3f:5e:e3:
ab:69:33:82:91:91:b5:4d:94:5f:c2:80:aa:2e:6c:
18:87:b8:8f:a9:f3:37:9d:01:ce:97:5f:5f:b5:a1:
3e:3d:91:65:d7:07:2a:7d:8b:4d:61:45:eb:8a:4f:
a0:a0:07:21:e5:f4:8f:98:8a:92:1d:77:c8:c5:da:
cd:99:59:60:e8:01:8e:7c:80:8f:c2:47:47:ec:78:
03:3c:35:28:11:10:4f:ae:80:34:2c:1f:0a:24:c1:
82:32:be:97:88:10:dd:03:aa:e1:94:5a:c1:65:52:
4e:31:e9:cf:93:7e:29:a8:5f:95:9b:b0:99:a3:68:
38:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:33:95:63:77:68:BF:EB:E6:3E:1D:7E:DB:B9:45:60:42:92:8A:09
X509v3 Authority Key Identifier:
keyid:09:FE:CD:70:71:B7:27:DB:3D:12:F0:9E:FB:B4:54:E0:4D:4F:74:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/LTOVY3dov-vmPh1-27lFYEKSigk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/72e3a1-906c-448b-98da-5a206e8b1369/1/Cf7NcHG3J9s9EvCe-7RU4E1PdD0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.228.0/22
91.224.171.0/24
IPv6:
2a0f:d840::/29
Signature Algorithm: sha256WithRSAEncryption
52:60:9a:fb:0d:b9:28:3d:25:81:60:65:e3:05:8f:7a:aa:c4:
7c:62:1f:db:f9:04:8f:60:58:d2:24:e4:25:0d:77:59:06:48:
5f:e4:7e:f9:d1:5d:d7:dc:13:b1:14:5d:f3:30:cb:fb:5a:b2:
e8:6d:60:67:10:66:85:60:9e:86:b2:1b:3a:d8:e8:18:8d:de:
03:54:08:3d:48:cf:24:0f:2e:a3:6e:47:41:1f:bf:a7:6b:56:
e9:f1:7a:5b:1d:d2:f6:71:4b:d9:2e:a2:ef:96:1d:28:39:26:
5b:73:65:64:5b:99:ae:bd:51:38:2d:0c:aa:d9:11:24:f7:a9:
96:51:d7:8e:fc:f5:6c:44:5a:c2:06:8a:3c:19:39:0d:b5:9a:
42:75:0d:99:ef:5a:6f:b4:57:eb:28:90:b5:f8:c1:44:a2:a1:
ea:f8:55:5a:4e:27:ab:f4:7f:b5:06:d8:32:a3:bb:3f:62:25:
69:da:f5:09:d7:d6:97:c8:4f:dd:ed:a3:71:97:b8:fe:0a:84:
6b:5d:81:b7:8a:66:85:ae:05:be:c8:b0:d8:ec:6b:d1:aa:30:
61:64:ec:6e:30:6f:5e:4d:1c:db:c2:06:9d:ef:e5:56:fa:3c:
4e:18:9e:41:4f:41:10:cc:cc:b1:ff:8e:32:f4:90:da:95:7f:
dd:fb:e6:f3
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVwwrxFd31Dii6wEL5+QJH6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZmVjZDcwNzFiNzI3ZGIzZDEyZjA5ZWZiYjQ1NGUwNGQ0
Zjc0M2QwHhcNMjMwMTAyMDQzNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDMzOTU2Mzc3NjhiZmViZTYzZTFkN2VkYmI5NDU2MDQyOTI4YTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9G+ywDsTHbiwFOImWIFjwV8CzFF
moaIr6cy/l6yUHjHdJ1rTfdG+AC1iWFeP4QSeX8bLseNVnydvS1JFYj5UDvxXDap
V95VybZl3I+H2RKWtWhaOWHxaaUgoX8Tg5Ah/Pqs02jtv3MIKz265Mpi77BrfkCn
PnYafjjR3Dg63yKtVUs/XuOraTOCkZG1TZRfwoCqLmwYh7iPqfM3nQHOl19ftaE+
PZFl1wcqfYtNYUXrik+goAch5fSPmIqSHXfIxdrNmVlg6AGOfICPwkdH7HgDPDUo
ERBProA0LB8KJMGCMr6XiBDdA6rhlFrBZVJOMenPk34pqF+Vm7CZo2g48wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFC0zlWN3aL/r5j4dftu5RWBCkooJMB8GA1UdIwQY
MBaAFAn+zXBxtyfbPRLwnvu0VOBNT3Q9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEt
NWEyMDZlOGIxMzY5LzEvTFRPVlkzZG92LXZtUGgxLTI3bEZZRUtTaWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS83MmUzYTEtOTA2Yy00NDhiLTk4ZGEtNWEyMDZlOGIxMzY5
LzEvQ2Y3TmNIRzNKOXM5RXZDZS03UlU0RTFQZEQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8TkAwQA
W+CrMA0EAgACMAcDBQMqD9hAMA0GCSqGSIb3DQEBCwUAA4IBAQBSYJr7DbkoPSWB
YGXjBY96qsR8Yh/b+QSPYFjSJOQlDXdZBkhf5H750V3X3BOxFF3zMMv7WrLobWBn
EGaFYJ6Gshs62OgYjd4DVAg9SM8kDy6jbkdBH7+na1bp8XpbHdL2cUvZLqLvlh0o
OSZbc2VkW5muvVE4LQyq2REk96mWUdeO/PVsRFrCBoo8GTkNtZpCdQ2Z71pvtFfr
KJC1+MFEoqHq+FVaTier9H+1Btgyo7s/YiVp2vUJ19aXyE/d7aNxl7j+CoRrXYG3
imaFrgW+yLDY7GvRqjBhZOxuMG9eTRzbwgad7+VW+jxOGJ5BT0EQzMyx/44y9JDa
lX/d++bz
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:32:59 2025 by rpki-client