Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/lPP2vym1qgQBRL18GK-5ss1h1Sk.roa
File: lPP2vym1qgQBRL18GK-5ss1h1Sk.roa (raw, json)
Hash identifier: GW32vVpmS36sIz6C/F28i0KA2LgrLe+YdY9NLHZMgQQ=
Subject key identifier: 94:F3:F6:BF:29:B5:AA:04:01:44:BD:7C:18:AF:B9:B2:CD:61:D5:29
Certificate issuer: /CN=90f25e6a6893f466d2695e90670c047443643701
Certificate serial: 338F3913
Authority key identifier: 90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/lPP2vym1qgQBRL18GK-5ss1h1Sk.roa
Signing time: Sat 01 Jan 2022 04:52:47 +0000
ROA not before: Sat 01 Jan 2022 04:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31079
IP address blocks: 195.20.106.0/24 maxlen: 24
2001:678:2e4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 865024275 (0x338f3913)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90f25e6a6893f466d2695e90670c047443643701
Validity
Not Before: Jan 1 04:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=94f3f6bf29b5aa040144bd7c18afb9b2cd61d529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:50:fd:a8:09:8b:fb:76:d5:86:68:cb:0b:21:
9a:0e:b2:77:85:a6:e9:c1:4b:ac:23:27:9a:e7:6a:
7c:bf:07:7d:04:e5:fd:d4:74:37:a2:bc:0d:51:6e:
06:73:1e:08:0d:b2:98:4a:d2:dd:f9:fa:41:aa:a2:
c2:c9:00:23:09:07:28:e8:e9:63:ef:1b:8b:28:5b:
84:7e:cd:62:3b:32:20:ed:2e:3d:3e:3a:86:56:31:
67:0a:f9:7c:ab:5e:7c:3d:f2:94:dd:01:15:dc:93:
c5:46:7f:34:1b:f0:3b:4f:db:de:d3:94:17:53:56:
1c:dc:39:a1:18:54:9f:de:0b:19:a5:9f:e3:d4:c8:
30:cd:b4:5a:ad:3a:52:7a:6d:83:54:ac:03:16:93:
e5:ea:aa:07:5e:72:c0:bf:a9:5c:e1:79:a3:70:c0:
1a:36:c5:00:d7:dc:63:7a:2f:0e:28:d4:06:5d:63:
a0:27:4c:62:89:ba:fd:6e:ca:05:a5:1f:71:5c:12:
b1:42:2e:9a:d4:9b:c6:cb:07:a5:94:c6:00:1f:1d:
88:b0:11:99:e5:fc:13:a6:3c:8d:c3:ab:cd:2d:72:
d1:f3:5a:d4:98:34:b3:34:81:bd:44:53:37:16:3e:
07:a9:c2:48:d5:d0:d3:04:9a:ed:9f:58:a3:c4:8e:
da:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:F3:F6:BF:29:B5:AA:04:01:44:BD:7C:18:AF:B9:B2:CD:61:D5:29
X509v3 Authority Key Identifier:
keyid:90:F2:5E:6A:68:93:F4:66:D2:69:5E:90:67:0C:04:74:43:64:37:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kPJeamiT9GbSaV6QZwwEdENkNwE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/lPP2vym1qgQBRL18GK-5ss1h1Sk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04b162-7099-404d-8391-3b0b4b8a2983/1/kPJeamiT9GbSaV6QZwwEdENkNwE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.20.106.0/24
IPv6:
2001:678:2e4::/48
Signature Algorithm: sha256WithRSAEncryption
24:29:73:58:36:8b:c9:1a:07:80:5e:8b:a1:83:a0:94:7d:a5:
f6:98:7b:76:9f:1a:48:28:e1:3b:99:11:ba:5a:77:57:a6:8f:
4d:3a:0f:67:ea:96:1b:48:3b:de:f1:91:e6:a2:8a:ee:38:10:
55:4e:c2:38:de:0f:fe:a8:4a:f0:9c:26:5e:3a:27:3e:9b:e9:
2b:95:07:f4:0f:c8:9e:a8:94:c0:58:b8:e0:ac:37:2b:b5:19:
be:53:ab:56:a0:37:64:d9:09:ba:b3:93:d7:62:5c:d6:77:0e:
e0:36:76:c2:e3:69:e2:2a:15:2b:dc:34:ab:e1:0b:63:47:e2:
29:a4:72:21:f9:f2:4d:4c:a6:15:ad:7b:e9:84:ec:4f:5e:02:
88:13:0a:62:f9:ae:26:3a:55:0f:22:ed:f3:bf:10:1d:48:a2:
72:5b:c9:c8:cd:ea:df:c6:51:d9:ea:c5:49:c1:09:10:d1:c7:
ae:16:27:d7:ca:27:8d:b7:6e:96:1b:8d:e9:8b:b7:fa:28:8e:
81:08:b5:15:c8:98:e9:66:63:fd:5c:af:56:d2:38:82:65:64:
77:f0:ec:c3:49:6d:93:b1:41:90:10:02:79:4d:c6:1e:91:aa:
86:8b:2f:60:f8:28:b3:96:96:c5:4c:ec:64:02:4a:6b:fe:d9:
81:49:30:61
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEM485EzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MGYyNWU2YTY4OTNmNDY2ZDI2OTVlOTA2NzBjMDQ3NDQzNjQzNzAxMB4XDTIyMDEw
MTA0NTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTRmM2Y2YmYyOWI1
YWEwNDAxNDRiZDdjMThhZmI5YjJjZDYxZDUyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM5Q/agJi/t21YZoywshmg6yd4Wm6cFLrCMnmudqfL8HfQTl
/dR0N6K8DVFuBnMeCA2ymErS3fn6QaqiwskAIwkHKOjpY+8biyhbhH7NYjsyIO0u
PT46hlYxZwr5fKtefD3ylN0BFdyTxUZ/NBvwO0/b3tOUF1NWHNw5oRhUn94LGaWf
49TIMM20Wq06Unptg1SsAxaT5eqqB15ywL+pXOF5o3DAGjbFANfcY3ovDijUBl1j
oCdMYom6/W7KBaUfcVwSsUIumtSbxssHpZTGAB8diLARmeX8E6Y8jcOrzS1y0fNa
1Jg0szSBvURTNxY+B6nCSNXQ0wSa7Z9Yo8SO2i8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBSU8/a/KbWqBAFEvXwYr7myzWHVKTAfBgNVHSMEGDAWgBSQ8l5qaJP0ZtJp
XpBnDAR0Q2Q3ATAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2tQSmVhbWlUOUdiU2FWNlFad3dFZEVOa053RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8x
L2xQUDJ2eW0xcWdRQlJMMThHSy01c3MxaDFTay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MDRiMTYyLTcwOTktNDA0ZC04MzkxLTNiMGI0YjhhMjk4My8xL2tQSmVhbWlUOUdi
U2FWNlFad3dFZEVOa053RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMMUajAPBAIAAjAJAwcAIAEGeALk
MA0GCSqGSIb3DQEBCwUAA4IBAQAkKXNYNovJGgeAXouhg6CUfaX2mHt2nxpIKOE7
mRG6WndXpo9NOg9n6pYbSDve8ZHmooruOBBVTsI43g/+qErwnCZeOic+m+krlQf0
D8ieqJTAWLjgrDcrtRm+U6tWoDdk2Qm6s5PXYlzWdw7gNnbC42niKhUr3DSr4Qtj
R+IppHIh+fJNTKYVrXvphOxPXgKIEwpi+a4mOlUPIu3zvxAdSKJyW8nIzerfxlHZ
6sVJwQkQ0ceuFifXyieNt26WG43pi7f6KI6BCLUVyJjpZmP9XK9W0jiCZWR38OzD
SW2TsUGQEAJ5TcYekaqGiy9g+CizlpbFTOxkAkpr/tmBSTBh
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:12 2025 by rpki-client