Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LfrYgfRoIs-v6Zz4waSibHh0LRM.roa
File: LfrYgfRoIs-v6Zz4waSibHh0LRM.roa (raw, json)
Hash identifier: qGi7jxI26NI3KY5NsuvrNfvlly+HO9XhgHWsEV+x8h0=
Subject key identifier: 2D:FA:D8:81:F4:68:22:CF:AF:E9:9C:F8:C1:A4:A2:6C:78:74:2D:13
Certificate issuer: /CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Certificate serial: 0235A8D5
Authority key identifier: 09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LfrYgfRoIs-v6Zz4waSibHh0LRM.roa
Signing time: Sat 01 Jan 2022 08:03:03 +0000
ROA not before: Sat 01 Jan 2022 08:03:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25591
IP address blocks: 5.188.144.0/22 maxlen: 22
185.104.4.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37071061 (0x235a8d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096bf7e6b32a5623f54bb9c737db8f814e93ad39
Validity
Not Before: Jan 1 08:03:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2dfad881f46822cfafe99cf8c1a4a26c78742d13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:22:67:0d:e0:0f:ef:af:9b:62:04:19:7b:ec:
0a:f5:b0:51:62:18:8b:a6:28:16:fa:4a:08:1f:f8:
7c:fd:3a:ed:eb:9e:10:ff:38:a9:e7:f9:52:8d:32:
db:e8:59:3c:d1:7f:f0:30:19:88:9a:58:88:a5:aa:
6f:76:ba:2c:53:5b:03:72:05:a4:d8:47:34:e3:59:
b2:7d:29:1b:1d:6b:c0:82:35:85:bd:ee:5c:a4:cd:
b1:65:55:01:90:25:da:14:60:63:14:7b:b9:7e:2f:
d5:03:4c:a7:ea:97:b9:80:cd:95:e6:5f:7b:f3:59:
a1:6a:3b:fb:02:c4:38:5f:39:b0:ce:63:4a:5d:50:
23:13:05:a6:fc:6c:14:8a:5e:bf:27:6d:8f:b4:a5:
bd:7f:91:97:0c:7f:c1:c7:6b:fe:80:c4:ef:a3:11:
59:46:62:92:40:80:c8:e4:1a:39:bc:a4:93:1d:cc:
f4:e3:e6:f7:de:51:53:75:f1:69:d3:2b:71:27:06:
55:9f:06:31:d1:a1:67:5c:aa:b3:c9:8c:a9:d5:8a:
44:c8:f3:75:13:5c:2f:6d:c3:75:3f:9f:51:7e:2d:
e0:b5:50:1d:94:b0:d9:14:63:83:e3:3d:96:69:ed:
8f:ee:d0:1c:26:88:a1:09:75:57:37:04:7b:51:6e:
47:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:FA:D8:81:F4:68:22:CF:AF:E9:9C:F8:C1:A4:A2:6C:78:74:2D:13
X509v3 Authority Key Identifier:
keyid:09:6B:F7:E6:B3:2A:56:23:F5:4B:B9:C7:37:DB:8F:81:4E:93:AD:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CWv35rMqViP1S7nHN9uPgU6TrTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/LfrYgfRoIs-v6Zz4waSibHh0LRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/b56b01-292f-4a1d-baa2-bcd6ada1b9da/1/CWv35rMqViP1S7nHN9uPgU6TrTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.144.0/22
185.104.4.0/22
Signature Algorithm: sha256WithRSAEncryption
77:e1:ff:f1:33:ff:9b:a4:e0:a5:4c:e8:2b:db:ee:10:4a:c4:
7d:94:2d:3d:ed:d1:d2:1d:db:13:88:5f:17:b5:58:60:9b:4f:
d0:53:bb:fe:46:6b:74:e0:03:a8:89:2e:e3:b6:5a:6e:2a:1e:
fc:b8:1e:ca:05:ba:fa:f1:02:81:99:d0:6c:62:56:bc:e4:d3:
c7:25:08:c6:4e:da:27:40:6b:59:c9:82:57:88:00:8a:0a:e1:
b7:ca:37:45:19:3e:ec:f8:c7:3f:92:61:a5:a8:e3:43:23:e0:
15:d3:4a:83:d4:4a:87:b4:4b:78:46:61:6c:85:02:b5:72:2a:
27:21:00:e2:dc:95:ef:5d:a6:ff:63:81:be:f4:2a:9a:09:8a:
e7:de:78:4b:47:0d:66:ea:82:ee:6a:34:65:71:bb:38:bd:7e:
75:37:7c:c4:f5:b0:91:e8:4a:26:66:79:13:7b:83:57:db:fb:
ba:a3:3d:63:9b:08:4c:bc:f8:4d:53:d7:01:10:1e:af:cc:1d:
5c:5a:94:bd:3b:4e:8d:3c:11:0d:f6:45:94:d8:c6:61:26:ee:
e3:e7:64:2e:1e:f7:08:22:1c:27:44:03:49:f0:9d:e9:7d:89:
eb:79:01:c3:3b:5a:d8:fc:34:a2:ff:a7:6a:09:8d:ef:65:a5:
f4:16:6b:48
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAjWo1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTZiZjdlNmIzMmE1NjIzZjU0YmI5YzczN2RiOGY4MTRlOTNhZDM5MB4XDTIyMDEw
MTA4MDMwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRmYWQ4ODFmNDY4
MjJjZmFmZTk5Y2Y4YzFhNGEyNmM3ODc0MmQxMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK0iZw3gD++vm2IEGXvsCvWwUWIYi6YoFvpKCB/4fP067eue
EP84qef5Uo0y2+hZPNF/8DAZiJpYiKWqb3a6LFNbA3IFpNhHNONZsn0pGx1rwII1
hb3uXKTNsWVVAZAl2hRgYxR7uX4v1QNMp+qXuYDNleZfe/NZoWo7+wLEOF85sM5j
Sl1QIxMFpvxsFIpevydtj7SlvX+Rlwx/wcdr/oDE76MRWUZikkCAyOQaObykkx3M
9OPm995RU3XxadMrcScGVZ8GMdGhZ1yqs8mMqdWKRMjzdRNcL23DdT+fUX4t4LVQ
HZSw2RRjg+M9lmntj+7QHCaIoQl1VzcEe1FuR6cCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQt+tiB9Ggiz6/pnPjBpKJseHQtEzAfBgNVHSMEGDAWgBQJa/fmsypWI/VL
ucc324+BTpOtOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NXdjM1ck1xVmlQMVM3bkhOOXVQZ1U2VHJUay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWYvYjU2YjAxLTI5MmYtNGExZC1iYWEyLWJjZDZhZGExYjlkYS8x
L0xmcllnZlJvSXMtdjZaejR3YVNpYkhoMExSTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWYv
YjU2YjAxLTI5MmYtNGExZC1iYWEyLWJjZDZhZGExYjlkYS8xL0NXdjM1ck1xVmlQ
MVM3bkhOOXVQZ1U2VHJUay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAgW8kAMEArloBDANBgkqhkiG9w0B
AQsFAAOCAQEAd+H/8TP/m6TgpUzoK9vuEErEfZQtPe3R0h3bE4hfF7VYYJtP0FO7
/kZrdOADqIku47Zabioe/LgeygW6+vECgZnQbGJWvOTTxyUIxk7aJ0BrWcmCV4gA
igrht8o3RRk+7PjHP5JhpajjQyPgFdNKg9RKh7RLeEZhbIUCtXIqJyEA4tyV712m
/2OBvvQqmgmK5954S0cNZuqC7mo0ZXG7OL1+dTd8xPWwkehKJmZ5E3uDV9v7uqM9
Y5sITLz4TVPXARAer8wdXFqUvTtOjTwRDfZFlNjGYSbu4+dkLh73CCIcJ0QDSfCd
6X2J63kBwzta2Pw0ov+nagmN72Wl9BZrSA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:41 2025 by rpki-client