Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/lR-T3NYAmxKbSWIymXGtFWZg4XM.roa
File: lR-T3NYAmxKbSWIymXGtFWZg4XM.roa (raw, json)
Hash identifier: mXvWVL3dNIReoC0WYgXRsF6pL4vdm7uPGsCBdY1wi+U=
Subject key identifier: 95:1F:93:DC:D6:00:9B:12:9B:49:62:32:99:71:AD:15:66:60:E1:73
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018446B70AA84D2C66741B3FE867122C53BC
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/lR-T3NYAmxKbSWIymXGtFWZg4XM.roa
Signing time: Sat 05 Nov 2022 07:35:11 +0000
ROA not before: Sat 05 Nov 2022 07:35:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:46:b7:0a:a8:4d:2c:66:74:1b:3f:e8:67:12:2c:53:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Nov 5 07:35:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=951f93dcd6009b129b4962329971ad156660e173
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:64:c5:44:7e:87:8a:5c:59:a6:10:2b:b7:e1:
14:e6:ff:27:c1:23:c2:40:d8:08:88:47:ca:fa:b6:
62:01:6d:05:4a:5b:10:db:c0:e0:9a:41:03:54:72:
87:fa:31:c0:cb:c5:59:05:ee:8e:ce:c0:91:79:b3:
cc:eb:cc:aa:54:ff:c8:86:80:5e:84:13:51:f8:76:
90:1d:0d:23:62:40:08:52:b2:45:53:82:e3:74:fe:
27:14:be:3f:be:ff:92:15:59:14:cc:96:e2:de:5b:
7c:78:f7:e6:1d:de:0f:b2:2d:51:9e:d6:3e:9f:c0:
7f:5b:c9:cd:93:eb:81:17:d3:68:7d:7c:92:2c:33:
00:6c:be:04:00:39:d2:9a:36:84:83:2b:4b:60:93:
74:1d:cf:a4:50:de:38:7f:80:ce:4c:e7:07:a7:70:
6a:a5:7a:fd:d6:ae:39:b2:06:ed:e9:65:ba:ca:18:
17:b9:a5:e9:1c:44:7c:51:d7:09:b4:24:73:a5:05:
75:82:bf:6d:a3:fc:ea:5a:9d:14:f8:c8:6c:bc:8c:
8d:2a:00:74:c5:0c:ae:59:f6:c3:81:fe:f4:24:fb:
03:79:b6:f1:db:45:67:30:24:20:35:6f:d8:47:10:
29:2b:2e:4e:80:b4:8c:c9:ab:5c:6d:96:b1:cf:09:
49:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:1F:93:DC:D6:00:9B:12:9B:49:62:32:99:71:AD:15:66:60:E1:73
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/lR-T3NYAmxKbSWIymXGtFWZg4XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0/22
185.215.228.0/23
Signature Algorithm: sha256WithRSAEncryption
33:eb:cf:3a:80:2a:11:a4:3b:d5:cf:7f:c3:20:d1:8d:22:25:
1e:c9:f6:82:a4:5b:61:72:00:06:50:3c:29:2d:b9:8c:57:97:
c8:7e:a1:b1:4f:5e:d6:1f:f3:be:d2:b5:6e:4c:18:0c:3e:48:
40:c4:ba:c2:70:1e:5b:f7:66:b9:42:8d:0b:c8:68:ee:1c:91:
d1:60:c4:0f:38:76:84:15:e2:36:6d:5c:4c:e5:4e:c7:97:25:
cc:c8:ed:4c:90:b5:14:a0:b2:5d:d3:04:6e:00:29:8e:a7:e1:
0d:5d:e2:fc:84:5d:ad:20:11:31:79:38:4e:39:0f:c2:ae:3e:
84:96:32:27:8c:7d:3b:45:b8:f3:75:e9:a3:10:11:0e:ab:66:
f9:aa:82:7a:a8:43:24:0a:cc:aa:e9:7f:62:15:81:1b:ee:19:
6c:3a:19:14:02:65:96:33:97:f4:3c:62:5f:bf:26:a3:97:48:
44:46:28:50:fc:c3:b5:bf:50:8e:0e:75:69:f3:a9:53:5a:56:
d7:d8:8b:6a:6f:18:58:cd:71:5c:77:51:cb:cb:a9:95:2b:ce:
db:b9:96:97:47:ff:05:55:fa:8b:02:35:f5:e2:82:34:5c:4b:
f6:1b:6e:8c:ea:ec:d5:f4:92:32:1d:79:26:f7:ba:83:b3:a1:
9f:51:1f:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYRGtwqoTSxmdBs/6GcSLFO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjIxMTA1MDczNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTFmOTNkY2Q2MDA5YjEyOWI0OTYyMzI5OTcxYWQxNTY2NjBlMTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA42TFRH6HilxZphArt+EU5v8nwSPC
QNgIiEfK+rZiAW0FSlsQ28DgmkEDVHKH+jHAy8VZBe6OzsCRebPM68yqVP/IhoBe
hBNR+HaQHQ0jYkAIUrJFU4LjdP4nFL4/vv+SFVkUzJbi3lt8ePfmHd4Psi1RntY+
n8B/W8nNk+uBF9NofXySLDMAbL4EADnSmjaEgytLYJN0Hc+kUN44f4DOTOcHp3Bq
pXr91q45sgbt6WW6yhgXuaXpHER8UdcJtCRzpQV1gr9to/zqWp0U+MhsvIyNKgB0
xQyuWfbDgf70JPsDebbx20VnMCQgNW/YRxApKy5OgLSMyatcbZaxzwlJDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJUfk9zWAJsSm0liMplxrRVmYOFzMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvbFItVDNOWUFteEtiU1dJeW1YR3RGV1pnNFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCsu+QAwQB
udfkMA0GCSqGSIb3DQEBCwUAA4IBAQAz6886gCoRpDvVz3/DINGNIiUeyfaCpFth
cgAGUDwpLbmMV5fIfqGxT17WH/O+0rVuTBgMPkhAxLrCcB5b92a5Qo0LyGjuHJHR
YMQPOHaEFeI2bVxM5U7HlyXMyO1MkLUUoLJd0wRuACmOp+ENXeL8hF2tIBExeThO
OQ/Crj6EljInjH07RbjzdemjEBEOq2b5qoJ6qEMkCsyq6X9iFYEb7hlsOhkUAmWW
M5f0PGJfvyajl0hERihQ/MO1v1CODnVp86lTWlbX2ItqbxhYzXFcd1HLy6mVK87b
uZaXR/8FVfqLAjX14oI0XEv2G26M6uzV9JIyHXkm97qDs6GfUR8r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:43 2025 by rpki-client