Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/LR1y1GUEy15SYblnHAdk9HtI37M.roa
File: LR1y1GUEy15SYblnHAdk9HtI37M.roa (raw, json)
Hash identifier: GOZh+03PILfewGxGpRKAeVE0j9mB5XS6yr/1SBemk7g=
Subject key identifier: 2D:1D:72:D4:65:04:CB:5E:52:61:B9:67:1C:07:64:F4:7B:48:DF:B3
Certificate issuer: /CN=4a2e7fe7af2ba5a3046e17644fabe8f038b4e7df
Certificate serial: 0185710C1FFF7D79DF73CAD8DA5344E1608B
Authority key identifier: 4A:2E:7F:E7:AF:2B:A5:A3:04:6E:17:64:4F:AB:E8:F0:38:B4:E7:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Si5_568rpaMEbhdkT6vo8Di0598.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/LR1y1GUEy15SYblnHAdk9HtI37M.roa
Signing time: Mon 02 Jan 2023 05:54:58 +0000
ROA not before: Mon 02 Jan 2023 05:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8220
IP address blocks: 193.16.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:1f:ff:7d:79:df:73:ca:d8:da:53:44:e1:60:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a2e7fe7af2ba5a3046e17644fabe8f038b4e7df
Validity
Not Before: Jan 2 05:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d1d72d46504cb5e5261b9671c0764f47b48dfb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ea:7e:aa:8c:f4:53:3a:51:33:cc:e2:f2:a2:
e2:ed:e6:d9:c9:ef:bd:a6:3d:c3:c6:53:d6:d0:a8:
6c:99:de:15:0f:0d:25:51:d1:90:6d:09:8a:ca:c5:
0e:4d:8d:4f:da:8d:51:d8:3a:ec:b5:e8:2c:02:c4:
c6:4f:91:5e:da:02:45:d4:e9:43:3b:76:ae:80:24:
03:ba:59:2a:2c:db:84:e8:5b:de:e2:f9:cd:f4:56:
d2:f8:fe:05:54:46:9d:2f:c9:09:2a:e7:3a:93:01:
1a:d8:1d:9c:a2:7e:45:69:0a:d2:fb:d9:0d:02:95:
f9:e4:0d:4c:1b:17:f8:ea:e6:33:7b:2d:2c:5c:01:
d0:80:2a:6c:50:4d:ee:7f:9f:74:9f:53:aa:65:a6:
32:f4:d0:e5:93:79:05:6d:c3:75:2a:db:39:45:89:
c2:0a:44:88:9d:4d:ce:84:50:4d:1a:df:aa:b2:1c:
b7:d2:03:a1:2c:a8:13:22:26:c3:82:39:7b:13:ae:
b0:69:81:e2:50:61:93:be:82:c3:50:2e:0a:37:16:
aa:88:0e:7b:8a:76:0c:01:94:d4:0d:39:e5:32:6e:
eb:ad:eb:f8:0a:3d:73:53:da:83:1e:b2:1f:2f:80:
38:f3:23:28:65:af:09:73:cd:73:46:8e:b5:bf:79:
5b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:1D:72:D4:65:04:CB:5E:52:61:B9:67:1C:07:64:F4:7B:48:DF:B3
X509v3 Authority Key Identifier:
keyid:4A:2E:7F:E7:AF:2B:A5:A3:04:6E:17:64:4F:AB:E8:F0:38:B4:E7:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Si5_568rpaMEbhdkT6vo8Di0598.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/LR1y1GUEy15SYblnHAdk9HtI37M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/d9eeb8-7914-4047-b573-e670a2d47b86/1/Si5_568rpaMEbhdkT6vo8Di0598.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.16.241.0/24
Signature Algorithm: sha256WithRSAEncryption
86:cc:32:94:76:88:e7:5f:3f:ca:2d:05:18:71:5b:bd:8d:f8:
42:c2:19:fb:a2:fb:fd:a0:ab:84:c2:92:9b:7b:50:b3:d1:60:
0e:61:e7:40:4f:ad:b2:53:44:26:6b:25:79:90:ba:d9:82:c1:
0a:79:cb:4d:e5:08:52:5c:f2:48:cd:39:7f:65:91:f1:0a:34:
8f:fc:72:f8:c9:b9:b0:3b:76:38:13:9f:54:01:fe:08:d0:e7:
b4:62:00:6d:83:6c:63:6c:05:38:bd:14:ee:ff:6d:d1:dc:b2:
2e:da:28:a6:3d:15:cd:2c:c5:fb:95:5b:0e:14:fc:08:fe:7e:
7a:00:7f:17:64:aa:c1:65:49:61:4d:c8:7b:b5:47:f9:70:d8:
a7:f9:91:b7:b5:0b:87:10:2f:27:1e:09:e4:06:80:10:af:a7:
59:d3:27:a3:82:b4:e9:c5:64:b9:b9:43:74:95:3d:fc:14:be:
77:cf:ed:16:95:0b:4b:3d:e5:a2:da:16:0c:23:b5:17:15:2c:
b9:7d:5e:0e:47:b9:81:a1:39:58:c9:0b:35:21:12:de:e0:30:
77:95:44:09:f7:a9:43:39:ba:55:f8:d4:8e:8e:75:54:2f:a7:
fb:49:1a:ac:98:7c:0e:11:87:af:30:9d:31:03:7d:42:35:05:
df:23:27:f1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxDB//fXnfc8rY2lNE4WCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhMmU3ZmU3YWYyYmE1YTMwNDZlMTc2NDRmYWJlOGYwMzhi
NGU3ZGYwHhcNMjMwMTAyMDU1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDFkNzJkNDY1MDRjYjVlNTI2MWI5NjcxYzA3NjRmNDdiNDhkZmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjup+qoz0UzpRM8zi8qLi7ebZye+9
pj3DxlPW0Khsmd4VDw0lUdGQbQmKysUOTY1P2o1R2DrstegsAsTGT5Fe2gJF1OlD
O3augCQDulkqLNuE6Fve4vnN9FbS+P4FVEadL8kJKuc6kwEa2B2con5FaQrS+9kN
ApX55A1MGxf46uYzey0sXAHQgCpsUE3uf590n1OqZaYy9NDlk3kFbcN1Kts5RYnC
CkSInU3OhFBNGt+qshy30gOhLKgTIibDgjl7E66waYHiUGGTvoLDUC4KNxaqiA57
inYMAZTUDTnlMm7rrev4Cj1zU9qDHrIfL4A48yMoZa8Jc81zRo61v3lbrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC0dctRlBMteUmG5ZxwHZPR7SN+zMB8GA1UdIwQY
MBaAFEouf+evK6WjBG4XZE+r6PA4tOffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2k1XzU2OHJwYU1FYmhka1Q2dm84RGkwNTk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9kOWVlYjgtNzkxNC00MDQ3LWI1NzMt
ZTY3MGEyZDQ3Yjg2LzEvTFIxeTFHVUV5MTVTWWJsbkhBZGs5SHRJMzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9kOWVlYjgtNzkxNC00MDQ3LWI1NzMtZTY3MGEyZDQ3Yjg2
LzEvU2k1XzU2OHJwYU1FYmhka1Q2dm84RGkwNTk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRDxMA0G
CSqGSIb3DQEBCwUAA4IBAQCGzDKUdojnXz/KLQUYcVu9jfhCwhn7ovv9oKuEwpKb
e1Cz0WAOYedAT62yU0QmayV5kLrZgsEKectN5QhSXPJIzTl/ZZHxCjSP/HL4ybmw
O3Y4E59UAf4I0Oe0YgBtg2xjbAU4vRTu/23R3LIu2iimPRXNLMX7lVsOFPwI/n56
AH8XZKrBZUlhTch7tUf5cNin+ZG3tQuHEC8nHgnkBoAQr6dZ0yejgrTpxWS5uUN0
lT38FL53z+0WlQtLPeWi2hYMI7UXFSy5fV4OR7mBoTlYyQs1IRLe4DB3lUQJ96lD
ObpV+NSOjnVUL6f7SRqsmHwOEYevMJ0xA31CNQXfIyfx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:59 2025 by rpki-client