Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/P-LbL9okdpPyQS-lzCIq6xP5_tg.roa
File: P-LbL9okdpPyQS-lzCIq6xP5_tg.roa (raw, json)
Hash identifier: LlfeKYGFMCQxVK71F9z8F6SCDdBudNq67zaCmAmliUA=
Subject key identifier: 3F:E2:DB:2F:DA:24:76:93:F2:41:2F:A5:CC:22:2A:EB:13:F9:FE:D8
Certificate issuer: /CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Certificate serial: 01856F393F87393182C57E7648BBEC2CF816
Authority key identifier: 3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/P-LbL9okdpPyQS-lzCIq6xP5_tg.roa
Signing time: Sun 01 Jan 2023 21:25:00 +0000
ROA not before: Sun 01 Jan 2023 21:25:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47777
IP address blocks: 185.160.96.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:39:3f:87:39:31:82:c5:7e:76:48:bb:ec:2c:f8:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e2bbf346ebd4aa0b76e10c58321ad33d72d519f
Validity
Not Before: Jan 1 21:25:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3fe2db2fda247693f2412fa5cc222aeb13f9fed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:55:29:c8:11:ad:27:56:f0:8f:9d:d1:d5:ce:
be:84:f4:5e:3f:60:3f:6e:e0:15:ee:3d:f2:b5:b6:
57:74:72:17:77:0a:1b:99:78:e9:da:7b:6d:03:29:
b1:81:d1:fc:8b:b4:46:63:d9:75:0a:87:1b:13:9f:
6f:58:c2:f4:c7:9d:78:ff:e5:69:e6:2f:fe:f7:82:
c4:17:33:9c:b1:07:6e:63:bb:9b:37:49:fa:6f:b1:
01:d1:42:29:1b:57:ab:69:0a:07:d7:eb:5e:0e:8a:
f0:23:60:76:06:89:b9:62:9e:06:a6:27:cd:d0:8d:
5f:10:29:64:46:40:22:b0:1b:8a:c8:24:08:6e:7c:
bb:6e:63:84:a5:89:cd:8b:19:c1:6f:8b:0a:45:f1:
4c:30:a9:1b:9f:1f:55:fd:0a:b7:db:3c:f2:30:35:
d3:ed:a1:61:28:a0:39:92:ad:c4:d3:35:c0:6c:2d:
ff:36:37:05:ac:68:46:8d:86:02:49:90:32:8b:f9:
cd:12:d8:76:ab:12:42:7a:d7:52:b0:ce:f7:cf:b3:
bb:60:4b:73:7a:56:8d:bd:4b:fc:bd:d2:cc:72:33:
72:50:73:68:7c:47:4f:31:59:64:22:9c:95:c2:8b:
ad:7c:d9:53:8a:8b:cd:3d:f5:00:a2:14:0d:01:79:
25:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E2:DB:2F:DA:24:76:93:F2:41:2F:A5:CC:22:2A:EB:13:F9:FE:D8
X509v3 Authority Key Identifier:
keyid:3E:2B:BF:34:6E:BD:4A:A0:B7:6E:10:C5:83:21:AD:33:D7:2D:51:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Piu_NG69SqC3bhDFgyGtM9ctUZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/P-LbL9okdpPyQS-lzCIq6xP5_tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bc51cb-de0c-4881-b0b1-1aa277df3769/1/Piu_NG69SqC3bhDFgyGtM9ctUZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.96.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:94:4d:02:dd:c6:12:61:9b:a7:52:23:a0:18:1e:b3:85:81:
66:9d:7a:e1:12:80:e7:de:9d:34:af:bb:5b:4c:fe:9f:a7:e0:
21:e0:56:67:34:32:46:04:d8:af:2b:3c:7c:95:09:1f:c5:1a:
e5:b1:b5:8b:48:15:5c:07:1a:74:39:41:47:ec:bd:61:79:3f:
c2:e8:8a:5a:98:3a:74:eb:5c:6f:72:e4:44:42:a9:fc:80:f3:
a8:a4:ae:01:34:a3:be:6a:c0:a0:be:c7:51:33:5f:32:77:d2:
cd:d3:0b:e9:ee:9f:3b:a8:fc:a0:1f:60:96:c8:a3:20:20:54:
88:29:66:ce:e1:1f:7b:6e:74:8d:bc:53:33:bb:67:6d:8b:3e:
7f:53:43:0c:91:49:3e:28:01:1e:0c:e2:f6:a8:27:6b:c2:ac:
9c:1c:73:67:89:d8:f9:a7:43:81:f7:51:25:54:8c:b3:df:ea:
d8:43:e6:a0:a9:e2:fa:db:9e:e6:43:88:32:d1:b0:b1:18:d6:
31:84:14:e7:bf:69:d1:c5:cd:4c:14:18:05:4e:1d:ad:d8:1d:
29:33:c2:e6:cf:0f:11:eb:45:3b:83:7e:74:eb:29:68:99:d2:
16:d2:95:e3:ed:6d:67:94:33:68:4a:24:18:e9:1f:80:6a:c2:
75:8a:0c:cf
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvOT+HOTGCxX52SLvsLPgWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMmJiZjM0NmViZDRhYTBiNzZlMTBjNTgzMjFhZDMzZDcy
ZDUxOWYwHhcNMjMwMTAxMjEyNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmUyZGIyZmRhMjQ3NjkzZjI0MTJmYTVjYzIyMmFlYjEzZjlmZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFUpyBGtJ1bwj53R1c6+hPReP2A/
buAV7j3ytbZXdHIXdwobmXjp2nttAymxgdH8i7RGY9l1CocbE59vWML0x514/+Vp
5i/+94LEFzOcsQduY7ubN0n6b7EB0UIpG1eraQoH1+teDorwI2B2Bom5Yp4GpifN
0I1fEClkRkAisBuKyCQIbny7bmOEpYnNixnBb4sKRfFMMKkbnx9V/Qq32zzyMDXT
7aFhKKA5kq3E0zXAbC3/NjcFrGhGjYYCSZAyi/nNEth2qxJCetdSsM73z7O7YEtz
elaNvUv8vdLMcjNyUHNofEdPMVlkIpyVwoutfNlTiovNPfUAohQNAXkl/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD/i2y/aJHaT8kEvpcwiKusT+f7YMB8GA1UdIwQY
MBaAFD4rvzRuvUqgt24QxYMhrTPXLVGfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEt
MWFhMjc3ZGYzNzY5LzEvUC1MYkw5b2tkcFB5UVMtbHpDSXE2eFA1X3RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iYzUxY2ItZGUwYy00ODgxLWIwYjEtMWFhMjc3ZGYzNzY5
LzEvUGl1X05HNjlTcUMzYmhERmd5R3RNOWN0VVo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaBgMA0G
CSqGSIb3DQEBCwUAA4IBAQChlE0C3cYSYZunUiOgGB6zhYFmnXrhEoDn3p00r7tb
TP6fp+Ah4FZnNDJGBNivKzx8lQkfxRrlsbWLSBVcBxp0OUFH7L1heT/C6IpamDp0
61xvcuREQqn8gPOopK4BNKO+asCgvsdRM18yd9LN0wvp7p87qPygH2CWyKMgIFSI
KWbO4R97bnSNvFMzu2dtiz5/U0MMkUk+KAEeDOL2qCdrwqycHHNnidj5p0OB91El
VIyz3+rYQ+agqeL6257mQ4gy0bCxGNYxhBTnv2nRxc1MFBgFTh2t2B0pM8Lmzw8R
60U7g3506ylomdIW0pXj7W1nlDNoSiQY6R+AasJ1igzP
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:37:08 2025 by rpki-client