Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/LPOfP6hIka5zBtkdPWq3BjQ0ONw.roa
File: LPOfP6hIka5zBtkdPWq3BjQ0ONw.roa (raw, json)
Hash identifier: +4ri4xEnY2NMUgKh8jNvKRu6vd0dc92sNBO+HwODPZ8=
Subject key identifier: 2C:F3:9F:3F:A8:48:91:AE:73:06:D9:1D:3D:6A:B7:06:34:34:38:DC
Certificate issuer: /CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Certificate serial: 01857079B398D129FF70B67B65CBA618F1E7
Authority key identifier: 75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/LPOfP6hIka5zBtkdPWq3BjQ0ONw.roa
Signing time: Mon 02 Jan 2023 03:15:02 +0000
ROA not before: Mon 02 Jan 2023 03:15:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50025
IP address blocks: 195.211.181.0/24 maxlen: 24
195.211.180.0/23 maxlen: 23
195.211.182.0/24 maxlen: 24
195.211.180.0/22 maxlen: 22
195.211.180.0/24 maxlen: 24
195.211.182.0/23 maxlen: 23
91.229.165.0/24 maxlen: 24
91.229.164.0/23 maxlen: 23
91.229.160.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:b3:98:d1:29:ff:70:b6:7b:65:cb:a6:18:f1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75da0e63eb247d9a0b13b4cb36dd67249920bbca
Validity
Not Before: Jan 2 03:15:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cf39f3fa84891ae7306d91d3d6ab706343438dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:0b:94:8c:f9:20:78:a3:bc:f0:e4:f2:f3:3b:
c2:3d:d5:77:20:9b:57:e5:08:75:8b:89:71:69:45:
20:5c:a8:86:06:fb:01:4a:01:5a:84:4b:97:27:b2:
76:82:e1:a8:c8:70:58:22:11:3c:c8:86:28:38:88:
9b:c7:25:d2:15:14:d6:70:da:b9:b0:81:fc:e5:25:
a4:f4:a8:29:cb:2a:20:41:16:f8:c7:99:76:53:4a:
13:51:17:f8:08:d2:85:73:4c:66:bf:af:06:20:bb:
56:1b:d9:6f:51:f6:12:d6:13:ee:39:0d:5e:8c:68:
39:ff:bb:ab:32:31:e1:1e:44:29:5c:17:9c:a1:46:
04:09:32:78:5a:62:5b:54:cf:70:58:69:ed:ef:d8:
2f:db:1e:ef:3a:a2:a8:c9:09:12:37:05:d8:18:21:
41:d8:fb:67:d2:97:b4:5a:6c:2d:08:1f:21:ef:a4:
9e:1e:a8:ef:3c:8d:84:0f:28:f5:17:23:b9:9a:d6:
75:a6:b2:36:e9:04:ec:94:18:8f:3e:ba:50:de:de:
68:42:9a:a2:44:8e:b4:17:57:e5:68:5e:df:ef:01:
a9:ca:b3:54:46:78:14:e5:95:09:4c:48:a5:f1:c6:
01:a8:82:b1:55:cd:6a:0d:7f:ca:e8:16:86:39:eb:
13:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:F3:9F:3F:A8:48:91:AE:73:06:D9:1D:3D:6A:B7:06:34:34:38:DC
X509v3 Authority Key Identifier:
keyid:75:DA:0E:63:EB:24:7D:9A:0B:13:B4:CB:36:DD:67:24:99:20:BB:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ddoOY-skfZoLE7TLNt1nJJkgu8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/LPOfP6hIka5zBtkdPWq3BjQ0ONw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/4b5c19-821a-40ce-9168-df4a3173522b/1/ddoOY-skfZoLE7TLNt1nJJkgu8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.160.0-91.229.165.255
195.211.180.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:f1:bb:a9:b6:4a:d0:f4:3f:c7:85:6c:c1:fd:4f:15:b7:19:
65:8a:e5:06:3e:ea:23:81:e0:37:3e:2b:9f:e9:8c:2d:6d:ee:
a1:da:f1:cf:f8:00:0b:3d:40:4d:4f:26:1f:19:d5:46:22:12:
9b:4c:5b:f6:6f:2e:fe:0a:df:d7:00:83:ba:19:db:b5:6b:fb:
cc:41:eb:ec:60:2b:4a:0f:3f:07:40:f9:75:01:af:0e:89:9e:
54:8c:c0:40:fe:7a:23:14:67:62:39:28:4a:7f:b6:79:f0:24:
ca:ca:27:2d:8f:2f:50:7b:d9:f6:de:48:35:7d:26:47:2b:96:
d7:b0:6b:58:3e:21:80:96:5e:e2:c4:15:c4:d5:15:e5:99:69:
23:c1:e6:86:4a:16:d2:f2:53:50:25:17:43:82:16:89:9d:c6:
7c:f5:b5:40:55:6c:24:83:b5:3c:3f:0a:19:59:81:a5:cf:ad:
f4:ed:01:05:27:0d:b8:35:dc:62:92:f0:f8:46:37:fc:36:48:
8e:f3:d4:5a:77:17:52:1e:42:27:77:20:84:44:42:ee:65:a2:
33:52:8f:de:f7:df:3f:20:63:f3:2e:08:bf:14:b7:0f:31:bf:
36:dd:ed:33:4d:b7:19:cb:73:d2:d7:a5:31:cc:91:4d:5c:60:
38:d6:19:c8
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYVwebOY0Sn/cLZ7ZcumGPHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZGEwZTYzZWIyNDdkOWEwYjEzYjRjYjM2ZGQ2NzI0OTky
MGJiY2EwHhcNMjMwMTAyMDMxNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2YzOWYzZmE4NDg5MWFlNzMwNmQ5MWQzZDZhYjcwNjM0MzQzOGRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhwuUjPkgeKO88OTy8zvCPdV3IJtX
5Qh1i4lxaUUgXKiGBvsBSgFahEuXJ7J2guGoyHBYIhE8yIYoOIibxyXSFRTWcNq5
sIH85SWk9KgpyyogQRb4x5l2U0oTURf4CNKFc0xmv68GILtWG9lvUfYS1hPuOQ1e
jGg5/7urMjHhHkQpXBecoUYECTJ4WmJbVM9wWGnt79gv2x7vOqKoyQkSNwXYGCFB
2Ptn0pe0WmwtCB8h76SeHqjvPI2EDyj1FyO5mtZ1prI26QTslBiPPrpQ3t5oQpqi
RI60F1flaF7f7wGpyrNURngU5ZUJTEil8cYBqIKxVc1qDX/K6BaGOesTcwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCzznz+oSJGucwbZHT1qtwY0NDjcMB8GA1UdIwQY
MBaAFHXaDmPrJH2aCxO0yzbdZySZILvKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgt
ZGY0YTMxNzM1MjJiLzEvTFBPZlA2aElrYTV6QnRrZFBXcTNCalEwT053LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi80YjVjMTktODIxYS00MGNlLTkxNjgtZGY0YTMxNzM1MjJi
LzEvZGRvT1ktc2tmWm9MRTdUTE50MW5KSmtndThvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAVb5aAD
BAFb5aQDBALD07QwDQYJKoZIhvcNAQELBQADggEBACvxu6m2StD0P8eFbMH9TxW3
GWWK5QY+6iOB4Dc+K5/pjC1t7qHa8c/4AAs9QE1PJh8Z1UYiEptMW/ZvLv4K39cA
g7oZ27Vr+8xB6+xgK0oPPwdA+XUBrw6JnlSMwED+eiMUZ2I5KEp/tnnwJMrKJy2P
L1B72fbeSDV9Jkcrltewa1g+IYCWXuLEFcTVFeWZaSPB5oZKFtLyU1AlF0OCFomd
xnz1tUBVbCSDtTw/ChlZgaXPrfTtAQUnDbg13GKS8PhGN/w2SI7z1Fp3F1IeQid3
IIREQu5lojNSj9733z8gY/MuCL8Utw8xvzbd7TNNtxnLc9LXpTHMkU1cYDjWGcg=
-----END CERTIFICATE-----
Generated at Sat Apr 19 04:46:01 2025 by rpki-client