Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/lhjTHOeteAagaAb7cEOSmU_LVdk.roa
File: lhjTHOeteAagaAb7cEOSmU_LVdk.roa (raw, json)
Hash identifier: VW5muqoSZGFzNHMAOzYwEbC8CpuDwXGehcUdxVFcB7k=
Subject key identifier: 96:18:D3:1C:E7:AD:78:06:A0:68:06:FB:70:43:92:99:4F:CB:55:D9
Certificate issuer: /CN=1335738c6c13c2a092e4c4a21d5d55c10ee05c5a
Certificate serial: 0184D25118497EE966DBE8E1C3B27E06483C
Authority key identifier: 13:35:73:8C:6C:13:C2:A0:92:E4:C4:A2:1D:5D:55:C1:0E:E0:5C:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/lhjTHOeteAagaAb7cEOSmU_LVdk.roa
Signing time: Fri 02 Dec 2022 10:10:40 +0000
ROA not before: Fri 02 Dec 2022 10:10:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59848
IP address blocks: 146.19.242.0/24 maxlen: 24
2a0c:e880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d2:51:18:49:7e:e9:66:db:e8:e1:c3:b2:7e:06:48:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1335738c6c13c2a092e4c4a21d5d55c10ee05c5a
Validity
Not Before: Dec 2 10:10:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9618d31ce7ad7806a06806fb704392994fcb55d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:41:fa:87:3c:22:d6:58:86:2f:2f:50:a7:fa:
49:61:54:65:f0:09:dc:35:61:1e:fa:33:18:2d:31:
8f:ee:b5:6d:9a:fb:53:89:e6:b2:68:ed:84:ff:67:
31:7b:b5:7d:ca:5f:ab:b9:77:1b:07:6a:00:0e:b3:
4c:a0:aa:e4:b4:aa:2c:33:3e:48:25:b4:af:75:3c:
7e:2f:04:6f:29:c2:79:37:bd:cc:d5:80:72:34:1c:
ea:7a:78:0c:05:e3:b4:29:4b:39:77:c8:81:2c:8e:
dd:b6:ec:5b:86:bb:5d:65:84:1c:e2:86:aa:0d:13:
4e:95:f0:e7:67:a5:b8:d3:a2:3c:60:4e:01:4d:cf:
80:79:43:66:56:e5:c9:56:3a:51:e9:b7:fd:0b:67:
d8:d0:71:84:cd:2a:95:db:56:2a:3b:bf:23:c2:30:
74:9d:c3:f5:f5:35:cd:fe:b9:14:28:86:a0:ed:78:
9b:e0:55:86:ee:c3:2e:b8:f3:5c:de:12:bc:7d:71:
1d:e8:17:69:49:e1:4a:18:a1:b4:2e:c3:06:9b:43:
cf:ee:47:43:c3:da:a1:df:3e:e1:9f:2c:29:05:3c:
b8:13:58:2a:2d:b1:e1:97:d3:48:dc:1a:54:ea:8b:
b9:c6:dd:16:02:75:3e:a5:e2:ed:4a:73:7a:c8:f8:
f9:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:18:D3:1C:E7:AD:78:06:A0:68:06:FB:70:43:92:99:4F:CB:55:D9
X509v3 Authority Key Identifier:
keyid:13:35:73:8C:6C:13:C2:A0:92:E4:C4:A2:1D:5D:55:C1:0E:E0:5C:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/lhjTHOeteAagaAb7cEOSmU_LVdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/e89b06-9b24-46a1-8ecf-244c1776a7ad/1/EzVzjGwTwqCS5MSiHV1VwQ7gXFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.242.0/24
IPv6:
2a0c:e880::/29
Signature Algorithm: sha256WithRSAEncryption
7c:77:82:05:8e:3e:54:63:d9:86:be:ad:1f:79:79:c9:06:02:
fb:c1:ea:64:22:b9:69:61:8b:d1:7f:d1:55:c8:79:f9:63:75:
b5:95:39:42:07:17:45:01:c0:0a:a4:f9:42:00:13:29:55:27:
19:50:66:b8:e0:3b:68:7c:1c:b3:83:3d:5c:d6:ec:b1:68:42:
a7:f9:1a:d4:6c:4b:39:50:ee:cf:a3:9c:00:ec:3e:e0:de:20:
c6:90:da:b5:99:d8:ac:3f:e7:f7:c1:f8:b0:1d:c5:5e:48:1c:
9f:97:33:36:06:bd:bf:43:2c:05:8a:f4:9c:02:0a:d5:d4:4e:
14:13:aa:87:4a:68:79:af:41:87:a0:98:b2:be:59:74:41:ca:
41:62:34:fc:63:18:cb:d9:d0:91:54:2e:6a:11:34:97:f3:03:
7e:54:44:cc:fa:0c:64:f1:3d:62:60:c9:01:28:f1:da:dd:56:
f2:e1:01:c4:a3:2c:62:68:7b:3b:70:e2:41:d8:75:dc:e9:6c:
73:aa:fc:53:d8:1b:b3:83:82:76:6c:7b:84:58:57:ad:c7:b3:
2d:89:48:fe:49:1a:1d:a1:41:71:80:f0:67:f7:43:b5:65:c8:
5c:91:c7:18:7b:f9:f3:82:84:ae:de:18:01:15:88:ab:3e:ed:
5c:f4:92:46
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTSURhJfulm2+jhw7J+Bkg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMzU3MzhjNmMxM2MyYTA5MmU0YzRhMjFkNWQ1NWMxMGVl
MDVjNWEwHhcNMjIxMjAyMTAxMDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjE4ZDMxY2U3YWQ3ODA2YTA2ODA2ZmI3MDQzOTI5OTRmY2I1NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUH6hzwi1liGLy9Qp/pJYVRl8Anc
NWEe+jMYLTGP7rVtmvtTieayaO2E/2cxe7V9yl+ruXcbB2oADrNMoKrktKosMz5I
JbSvdTx+LwRvKcJ5N73M1YByNBzqengMBeO0KUs5d8iBLI7dtuxbhrtdZYQc4oaq
DRNOlfDnZ6W406I8YE4BTc+AeUNmVuXJVjpR6bf9C2fY0HGEzSqV21YqO78jwjB0
ncP19TXN/rkUKIag7Xib4FWG7sMuuPNc3hK8fXEd6BdpSeFKGKG0LsMGm0PP7kdD
w9qh3z7hnywpBTy4E1gqLbHhl9NI3BpU6ou5xt0WAnU+peLtSnN6yPj5jwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJYY0xznrXgGoGgG+3BDkplPy1XZMB8GA1UdIwQY
MBaAFBM1c4xsE8KgkuTEoh1dVcEO4FxaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXpWempHd1R3cUNTNU1TaUhWMVZ3UTdnWEZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9lODliMDYtOWIyNC00NmExLThlY2Yt
MjQ0YzE3NzZhN2FkLzEvbGhqVEhPZXRlQWFnYUFiN2NFT1NtVV9MVmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9lODliMDYtOWIyNC00NmExLThlY2YtMjQ0YzE3NzZhN2Fk
LzEvRXpWempHd1R3cUNTNU1TaUhWMVZ3UTdnWEZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAkhPyMA0E
AgACMAcDBQMqDOiAMA0GCSqGSIb3DQEBCwUAA4IBAQB8d4IFjj5UY9mGvq0feXnJ
BgL7wepkIrlpYYvRf9FVyHn5Y3W1lTlCBxdFAcAKpPlCABMpVScZUGa44DtofByz
gz1c1uyxaEKn+RrUbEs5UO7Po5wA7D7g3iDGkNq1mdisP+f3wfiwHcVeSByflzM2
Br2/QywFivScAgrV1E4UE6qHSmh5r0GHoJiyvll0QcpBYjT8YxjL2dCRVC5qETSX
8wN+VETM+gxk8T1iYMkBKPHa3Vby4QHEoyxiaHs7cOJB2HXc6WxzqvxT2Buzg4J2
bHuEWFetx7MtiUj+SRodoUFxgPBn90O1ZchckccYe/nzgoSu3hgBFYirPu1c9JJG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:16 2025 by rpki-client