Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/lu1e9E3UMibQs8nDOcu83UlHtYc.roa
File: lu1e9E3UMibQs8nDOcu83UlHtYc.roa (raw, json)
Hash identifier: sfJPORYd11AoB3j0K4x0JyqOafvioHTpuXxrgH3i6uE=
Subject key identifier: 96:ED:5E:F4:4D:D4:32:26:D0:B3:C9:C3:39:CB:BC:DD:49:47:B5:87
Certificate issuer: /CN=b81c9652557987a2a0580cc5c65e3646b01da3bb
Certificate serial: 0185732821DF04CFFB0AEAECC0507908D560
Authority key identifier: B8:1C:96:52:55:79:87:A2:A0:58:0C:C5:C6:5E:36:46:B0:1D:A3:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uByWUlV5h6KgWAzFxl42RrAdo7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/lu1e9E3UMibQs8nDOcu83UlHtYc.roa
Signing time: Mon 02 Jan 2023 15:44:47 +0000
ROA not before: Mon 02 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49136
IP address blocks: 109.229.96.0/19 maxlen: 19
94.231.128.0/20 maxlen: 20
94.231.136.0/24 maxlen: 24
81.162.32.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:21:df:04:cf:fb:0a:ea:ec:c0:50:79:08:d5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b81c9652557987a2a0580cc5c65e3646b01da3bb
Validity
Not Before: Jan 2 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96ed5ef44dd43226d0b3c9c339cbbcdd4947b587
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9d:3d:51:5d:65:ac:6e:47:14:89:1f:42:d2:
02:78:a8:f9:f5:f2:d8:be:ba:d9:2a:ab:98:f8:a6:
b1:62:fb:ce:5a:65:88:4e:cf:f6:24:ca:ab:65:73:
6e:ec:b5:a7:27:6f:57:02:7c:9b:53:5f:a8:d6:54:
f4:a3:4d:22:1b:bf:84:49:c3:85:31:d6:06:10:df:
48:11:b3:b2:3f:8d:e1:01:5e:c1:4c:fb:e7:d5:7d:
1f:ae:27:c4:e9:df:e2:f8:2c:8a:67:19:45:32:54:
1e:7f:3e:b0:86:2e:91:63:29:72:88:f3:3c:87:07:
b0:74:d7:1d:bc:97:ef:67:e0:e0:65:09:f2:a1:a5:
e4:79:12:c7:71:ef:23:bb:97:82:e6:c6:03:34:a9:
53:75:99:d2:b6:ac:0f:d8:09:86:91:f8:ac:01:1f:
59:80:63:c3:25:00:f1:52:08:85:d5:0f:90:5e:e8:
6d:71:ba:ec:2b:03:a4:3f:e4:05:c9:8e:16:48:ef:
13:ee:cf:c2:d8:ef:05:5b:fb:25:65:f7:c1:f5:bc:
ae:37:5e:77:6c:66:f7:3a:84:e8:79:c4:ef:65:b4:
8a:ec:b4:21:eb:b0:5e:bb:e5:13:e9:2e:e9:1f:11:
0b:9e:a4:1f:92:08:b0:4c:2c:73:18:8f:0e:4c:3d:
e1:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:ED:5E:F4:4D:D4:32:26:D0:B3:C9:C3:39:CB:BC:DD:49:47:B5:87
X509v3 Authority Key Identifier:
keyid:B8:1C:96:52:55:79:87:A2:A0:58:0C:C5:C6:5E:36:46:B0:1D:A3:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uByWUlV5h6KgWAzFxl42RrAdo7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/lu1e9E3UMibQs8nDOcu83UlHtYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/aab054-ed50-4aa6-acee-fa0d2e47e6f1/1/uByWUlV5h6KgWAzFxl42RrAdo7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.162.32.0/20
94.231.128.0/20
109.229.96.0/19
Signature Algorithm: sha256WithRSAEncryption
a2:fc:37:5b:c2:b5:aa:b1:91:07:43:24:1a:69:b7:a5:8f:07:
6e:2a:1d:65:23:46:88:0a:ec:5f:5d:13:4e:43:f2:a4:62:7b:
68:24:cc:2f:e7:5c:db:aa:e2:f0:a5:1b:69:05:fa:92:a9:a4:
8b:4a:be:a8:71:fa:02:29:e4:43:ab:69:ba:72:61:31:90:68:
1a:ed:0f:ba:a3:3f:77:21:68:85:c8:c2:3c:cd:1b:40:83:59:
d2:04:47:2f:e7:89:cd:3f:0a:c3:ed:f5:87:78:b0:76:b8:28:
88:d0:20:37:c3:1e:75:65:89:66:f2:df:ca:b6:38:aa:45:5b:
30:f0:bf:f4:24:23:f8:7b:7f:5e:c0:e6:10:18:8b:74:27:f5:
ed:9d:73:10:b7:ea:69:76:a3:40:61:94:54:c3:fc:22:5c:ab:
92:5d:0a:86:de:8a:f3:24:28:18:2a:e9:f6:6a:96:b1:c6:af:
f5:f4:f7:b3:01:62:91:8a:7f:8e:1c:ea:c5:f9:ce:a6:b5:bb:
2d:10:e2:c0:69:41:01:cc:d2:fb:33:c1:f7:f3:43:19:2f:6f:
29:2e:84:79:34:ee:ce:eb:b9:c2:10:39:ca:af:83:24:50:00:
4c:c6:fe:bf:d6:71:61:05:ef:38:62:e5:eb:3b:87:62:2b:82:
07:8b:dd:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVzKCHfBM/7CurswFB5CNVgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MWM5NjUyNTU3OTg3YTJhMDU4MGNjNWM2NWUzNjQ2YjAx
ZGEzYmIwHhcNMjMwMTAyMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmVkNWVmNDRkZDQzMjI2ZDBiM2M5YzMzOWNiYmNkZDQ5NDdiNTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZ09UV1lrG5HFIkfQtICeKj59fLY
vrrZKquY+KaxYvvOWmWITs/2JMqrZXNu7LWnJ29XAnybU1+o1lT0o00iG7+EScOF
MdYGEN9IEbOyP43hAV7BTPvn1X0frifE6d/i+CyKZxlFMlQefz6whi6RYylyiPM8
hwewdNcdvJfvZ+DgZQnyoaXkeRLHce8ju5eC5sYDNKlTdZnStqwP2AmGkfisAR9Z
gGPDJQDxUgiF1Q+QXuhtcbrsKwOkP+QFyY4WSO8T7s/C2O8FW/slZffB9byuN153
bGb3OoToecTvZbSK7LQh67Beu+UT6S7pHxELnqQfkgiwTCxzGI8OTD3hewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJbtXvRN1DIm0LPJwznLvN1JR7WHMB8GA1UdIwQY
MBaAFLgcllJVeYeioFgMxcZeNkawHaO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUJ5V1VsVjVoNktnV0F6RnhsNDJSckFkbzdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9hYWIwNTQtZWQ1MC00YWE2LWFjZWUt
ZmEwZDJlNDdlNmYxLzEvbHUxZTlFM1VNaWJRczhuRE9jdTgzVWxIdFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9hYWIwNTQtZWQ1MC00YWE2LWFjZWUtZmEwZDJlNDdlNmYx
LzEvdUJ5V1VsVjVoNktnV0F6RnhsNDJSckFkbzdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEUaIgAwQE
XueAAwQFbeVgMA0GCSqGSIb3DQEBCwUAA4IBAQCi/DdbwrWqsZEHQyQaabeljwdu
Kh1lI0aICuxfXRNOQ/KkYntoJMwv51zbquLwpRtpBfqSqaSLSr6ocfoCKeRDq2m6
cmExkGga7Q+6oz93IWiFyMI8zRtAg1nSBEcv54nNPwrD7fWHeLB2uCiI0CA3wx51
ZYlm8t/KtjiqRVsw8L/0JCP4e39ewOYQGIt0J/XtnXMQt+ppdqNAYZRUw/wiXKuS
XQqG3orzJCgYKun2apaxxq/19PezAWKRin+OHOrF+c6mtbstEOLAaUEBzNL7M8H3
80MZL28pLoR5NO7O67nCEDnKr4MkUABMxv6/1nFhBe84YuXrO4diK4IHi91K
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:37 2025 by rpki-client