Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/lliVa4DDflwx_Hdfs895r1SI4rE.roa
File: lliVa4DDflwx_Hdfs895r1SI4rE.roa (raw, json)
Hash identifier: mnMumVeAJtqvUCgESNBZD+VaOZoE0qsmaZgyDG7yu48=
Subject key identifier: 96:58:95:6B:80:C3:7E:5C:31:FC:77:5F:B3:CF:79:AF:54:88:E2:B1
Certificate issuer: /CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Certificate serial: 018B7D1BCD7CA692ECDB7083ECE22321937D
Authority key identifier: 7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/lliVa4DDflwx_Hdfs895r1SI4rE.roa
Signing time: Sun 29 Oct 2023 20:24:15 +0000
ROA not before: Sun 29 Oct 2023 20:24:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34984
IP address blocks: 86.108.235.0/24 maxlen: 24
86.108.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:7d:1b:cd:7c:a6:92:ec:db:70:83:ec:e2:23:21:93:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ec65a1dcf8225e7f10be20ddde1e216e800b67c
Validity
Not Before: Oct 29 20:24:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9658956b80c37e5c31fc775fb3cf79af5488e2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b9:a0:32:f0:cd:db:c8:f0:23:d7:29:ee:16:
ba:04:16:69:97:9c:b0:2a:55:b2:5f:82:28:f8:fa:
7e:9b:3a:37:45:c1:fc:35:c2:6a:e9:3e:aa:fc:97:
ed:6e:1f:de:2a:ec:a4:dc:62:15:49:6b:14:a2:d2:
1d:ab:0a:a4:39:40:83:66:03:ef:14:28:ac:08:3f:
e4:9e:26:fe:14:75:2d:e0:03:db:22:ec:d6:39:95:
65:95:0e:c3:0a:bb:d5:99:70:54:33:79:17:27:a6:
e7:be:e6:07:86:f3:2e:80:50:70:1b:52:97:4e:93:
3e:53:00:02:65:48:78:d3:d5:af:39:9f:b7:90:1a:
ca:16:5a:1a:1a:42:f5:b5:66:36:1d:70:d3:6b:d3:
4a:0e:12:0c:33:0b:43:f4:61:9f:e0:45:bd:3c:67:
40:e0:d2:eb:3d:22:bf:a7:11:2f:c3:ed:67:0f:e1:
15:48:42:f4:4f:38:3a:5b:ac:08:46:bf:4e:be:0a:
24:21:73:05:a3:15:e4:a7:ad:e9:fd:d4:6d:f0:d7:
bc:d4:e4:84:eb:ab:b3:42:f4:b1:d3:5f:19:1b:50:
88:2e:04:78:e9:80:bc:72:c2:57:02:94:ee:e8:a3:
0d:13:4f:98:ed:a0:81:31:79:44:aa:42:b0:66:8f:
e7:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:58:95:6B:80:C3:7E:5C:31:FC:77:5F:B3:CF:79:AF:54:88:E2:B1
X509v3 Authority Key Identifier:
keyid:7E:C6:5A:1D:CF:82:25:E7:F1:0B:E2:0D:DD:E1:E2:16:E8:00:B6:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fsZaHc-CJefxC-IN3eHiFugAtnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/lliVa4DDflwx_Hdfs895r1SI4rE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8e7785-9451-46fb-b244-7d9b8230537e/1/fsZaHc-CJefxC-IN3eHiFugAtnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.108.204.0/24
86.108.235.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:71:8e:f5:e5:fe:31:7a:c2:f9:96:d1:b6:55:e5:ed:46:12:
99:28:85:90:50:0f:e3:dc:e4:cc:13:6b:4e:fe:9d:ab:3f:ce:
c5:d5:90:ee:61:17:02:7a:47:34:69:29:bd:57:69:37:4b:c5:
7b:97:ba:fd:31:9a:32:b1:f6:1c:53:cb:c7:a1:ca:d8:93:80:
7d:57:29:4e:20:a2:82:ae:55:ed:5c:7d:57:f2:3a:49:99:ed:
03:a5:88:a2:69:23:95:7b:c5:15:30:a8:b2:47:80:c3:a3:44:
54:f3:89:9e:14:6e:c4:4a:77:ef:ab:26:be:4d:c6:84:ad:35:
37:db:af:1e:3d:93:2a:38:bd:58:68:79:12:cc:38:19:ae:c6:
71:6e:56:9e:f1:77:42:04:ec:2f:74:06:45:63:11:55:1f:1e:
90:18:04:70:60:bf:62:21:d1:ac:03:96:a5:56:14:0d:60:0d:
bd:1e:ee:fe:cd:e1:a1:74:dd:4b:a0:67:a1:cd:f3:b3:75:18:
2b:25:b0:9c:d1:ca:d7:17:cc:59:1d:b1:7d:2f:e5:f3:23:45:
9c:2e:27:e9:1a:dc:83:b2:e0:af:6e:d4:c0:3e:ea:f7:22:a9:
54:ad:09:4c:26:6a:1c:ae:fc:25:fb:99:30:c2:08:0f:48:21:
ee:8d:b4:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYt9G818ppLs23CD7OIjIZN9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlYzY1YTFkY2Y4MjI1ZTdmMTBiZTIwZGRkZTFlMjE2ZTgw
MGI2N2MwHhcNMjMxMDI5MjAyNDE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjU4OTU2YjgwYzM3ZTVjMzFmYzc3NWZiM2NmNzlhZjU0ODhlMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbmgMvDN28jwI9cp7ha6BBZpl5yw
KlWyX4Io+Pp+mzo3RcH8NcJq6T6q/Jftbh/eKuyk3GIVSWsUotIdqwqkOUCDZgPv
FCisCD/knib+FHUt4APbIuzWOZVllQ7DCrvVmXBUM3kXJ6bnvuYHhvMugFBwG1KX
TpM+UwACZUh409WvOZ+3kBrKFloaGkL1tWY2HXDTa9NKDhIMMwtD9GGf4EW9PGdA
4NLrPSK/pxEvw+1nD+EVSEL0Tzg6W6wIRr9OvgokIXMFoxXkp63p/dRt8Ne81OSE
66uzQvSx018ZG1CILgR46YC8csJXApTu6KMNE0+Y7aCBMXlEqkKwZo/nnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJZYlWuAw35cMfx3X7PPea9UiOKxMB8GA1UdIwQY
MBaAFH7GWh3PgiXn8QviDd3h4hboALZ8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQt
N2Q5YjgyMzA1MzdlLzEvbGxpVmE0RERmbHd4X0hkZnM4OTVyMVNJNHJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84ZTc3ODUtOTQ1MS00NmZiLWIyNDQtN2Q5YjgyMzA1Mzdl
LzEvZnNaYUhjLUNKZWZ4Qy1JTjNlSGlGdWdBdG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVmzMAwQA
VmzrMA0GCSqGSIb3DQEBCwUAA4IBAQCOcY715f4xesL5ltG2VeXtRhKZKIWQUA/j
3OTME2tO/p2rP87F1ZDuYRcCekc0aSm9V2k3S8V7l7r9MZoysfYcU8vHocrYk4B9
VylOIKKCrlXtXH1X8jpJme0DpYiiaSOVe8UVMKiyR4DDo0RU84meFG7ESnfvqya+
TcaErTU3268ePZMqOL1YaHkSzDgZrsZxblae8XdCBOwvdAZFYxFVHx6QGARwYL9i
IdGsA5alVhQNYA29Hu7+zeGhdN1LoGehzfOzdRgrJbCc0crXF8xZHbF9L+XzI0Wc
LifpGtyDsuCvbtTAPur3IqlUrQlMJmocrvwl+5kwwggPSCHujbQ/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:37 2025 by rpki-client