Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/8e4518-0dd0-4cbb-ba78-bb86d4ba02de/1/Lts66QbApA71yFOys3L4rsSW92o.roa
File: Lts66QbApA71yFOys3L4rsSW92o.roa (raw, json)
Hash identifier: GlBY3L3YRkgB+9cHFXj5aE7d8fRJG7j5j5O8WoxDi9A=
Subject key identifier: 2E:DB:3A:E9:06:C0:A4:0E:F5:C8:53:B2:B3:72:F8:AE:C4:96:F7:6A
Certificate issuer: /CN=4452633274b1d886a92757f65219c2e7546ecdf5
Certificate serial: 01856D66310AE7085C814E5C2E3518AA0558
Authority key identifier: 44:52:63:32:74:B1:D8:86:A9:27:57:F6:52:19:C2:E7:54:6E:CD:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFJjMnSx2IapJ1f2UhnC51RuzfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/8e4518-0dd0-4cbb-ba78-bb86d4ba02de/1/Lts66QbApA71yFOys3L4rsSW92o.roa
Signing time: Sun 01 Jan 2023 12:54:51 +0000
ROA not before: Sun 01 Jan 2023 12:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48294
IP address blocks: 195.137.176.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:66:31:0a:e7:08:5c:81:4e:5c:2e:35:18:aa:05:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4452633274b1d886a92757f65219c2e7546ecdf5
Validity
Not Before: Jan 1 12:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2edb3ae906c0a40ef5c853b2b372f8aec496f76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ca:95:2a:7b:8c:66:e0:7b:19:16:14:5a:3c:
05:7b:a6:2b:09:c3:31:14:a8:b8:eb:11:56:2a:7a:
65:12:d6:e2:87:3a:e9:da:a0:2c:69:16:16:27:7d:
0c:79:68:05:7e:77:74:92:ec:3f:ff:83:4f:1c:32:
9d:a6:59:f3:f0:6b:42:36:ec:e3:e6:17:6f:d9:7d:
54:75:29:b9:07:38:3c:ca:d3:37:fc:dd:7b:70:86:
00:0c:ef:c4:ba:d0:cc:2c:0f:ce:49:93:54:45:1a:
11:fa:17:ba:b5:9b:c1:01:5f:9e:c7:e4:0c:31:f6:
3e:25:6c:d8:dd:d8:59:c9:59:ee:4f:99:0f:fc:93:
40:dc:ac:58:49:30:d2:de:d8:35:c9:89:ac:85:79:
a4:d9:71:98:b9:a5:d3:81:fa:b2:27:d3:d7:fc:17:
e0:00:54:7a:1e:66:b6:2b:95:b1:d5:f5:0b:f8:68:
5e:06:31:c4:c2:fd:b7:75:cf:a8:f0:0a:9a:8f:9d:
17:60:9c:d1:18:fc:2b:7e:be:90:d0:6d:b9:97:80:
4f:10:3c:2b:a9:03:7d:6c:d8:a9:4a:79:29:9e:4e:
26:13:b4:b8:7a:26:17:bd:17:b4:b0:a2:9b:69:8b:
cb:6d:8b:fc:a6:47:5a:95:f9:15:85:d6:f3:7c:0f:
e2:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:DB:3A:E9:06:C0:A4:0E:F5:C8:53:B2:B3:72:F8:AE:C4:96:F7:6A
X509v3 Authority Key Identifier:
keyid:44:52:63:32:74:B1:D8:86:A9:27:57:F6:52:19:C2:E7:54:6E:CD:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFJjMnSx2IapJ1f2UhnC51RuzfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8e4518-0dd0-4cbb-ba78-bb86d4ba02de/1/Lts66QbApA71yFOys3L4rsSW92o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/8e4518-0dd0-4cbb-ba78-bb86d4ba02de/1/RFJjMnSx2IapJ1f2UhnC51RuzfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.137.176.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:a2:83:d5:87:11:93:c8:c0:25:ca:eb:3f:79:a9:be:c0:37:
89:9c:d5:0d:0c:3d:bd:98:7a:c0:87:eb:88:c9:9d:f6:c2:e0:
30:f0:0c:b5:74:eb:41:82:ea:e2:16:18:c9:1b:e6:ed:19:bf:
38:93:57:dd:86:d4:5a:a5:82:45:8b:d7:cc:ea:0c:f9:30:bf:
27:37:32:97:6d:ba:a2:86:ab:f0:7a:1e:c2:35:b2:05:e6:11:
91:91:4e:75:5d:fe:b0:50:71:a4:f4:35:27:ab:ae:35:7f:a5:
5f:98:bf:69:33:7b:9d:6c:f8:34:26:80:c6:db:77:43:80:95:
62:f8:fb:e4:79:a7:c4:56:b0:b3:67:ab:0f:04:a6:5d:07:6a:
3b:0b:88:0e:39:bc:64:61:a9:e5:ec:cb:76:81:80:78:9c:4f:
3d:30:16:a4:f1:41:de:5c:69:0f:5f:bb:ea:ac:9f:ce:dd:2f:
30:d3:fb:56:08:0f:9c:55:83:6a:50:fb:54:26:a0:75:e0:ca:
42:3e:2f:4d:7a:31:f0:68:74:b6:3f:26:b0:80:4a:9f:22:df:
ec:5c:11:0f:02:06:fd:6b:7e:2f:06:ad:67:7f:99:37:63:59:
9a:21:6a:33:ed:d2:e4:3f:83:21:bb:94:b1:14:70:ca:ca:96:
7c:62:72:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtZjEK5whcgU5cLjUYqgVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTI2MzMyNzRiMWQ4ODZhOTI3NTdmNjUyMTljMmU3NTQ2
ZWNkZjUwHhcNMjMwMTAxMTI1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWRiM2FlOTA2YzBhNDBlZjVjODUzYjJiMzcyZjhhZWM0OTZmNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgsqVKnuMZuB7GRYUWjwFe6YrCcMx
FKi46xFWKnplEtbihzrp2qAsaRYWJ30MeWgFfnd0kuw//4NPHDKdplnz8GtCNuzj
5hdv2X1UdSm5Bzg8ytM3/N17cIYADO/EutDMLA/OSZNURRoR+he6tZvBAV+ex+QM
MfY+JWzY3dhZyVnuT5kP/JNA3KxYSTDS3tg1yYmshXmk2XGYuaXTgfqyJ9PX/Bfg
AFR6Hma2K5Wx1fUL+GheBjHEwv23dc+o8Aqaj50XYJzRGPwrfr6Q0G25l4BPEDwr
qQN9bNipSnkpnk4mE7S4eiYXvRe0sKKbaYvLbYv8pkdalfkVhdbzfA/irwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7bOukGwKQO9chTsrNy+K7ElvdqMB8GA1UdIwQY
MBaAFERSYzJ0sdiGqSdX9lIZwudUbs31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZKak1uU3gySWFwSjFmMlVobkM1MVJ1emZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC84ZTQ1MTgtMGRkMC00Y2JiLWJhNzgt
YmI4NmQ0YmEwMmRlLzEvTHRzNjZRYkFwQTcxeUZPeXMzTDRyc1NXOTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC84ZTQ1MTgtMGRkMC00Y2JiLWJhNzgtYmI4NmQ0YmEwMmRl
LzEvUkZKak1uU3gySWFwSjFmMlVobkM1MVJ1emZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4mwMA0G
CSqGSIb3DQEBCwUAA4IBAQBcooPVhxGTyMAlyus/eam+wDeJnNUNDD29mHrAh+uI
yZ32wuAw8Ay1dOtBguriFhjJG+btGb84k1fdhtRapYJFi9fM6gz5ML8nNzKXbbqi
hqvweh7CNbIF5hGRkU51Xf6wUHGk9DUnq641f6VfmL9pM3udbPg0JoDG23dDgJVi
+PvkeafEVrCzZ6sPBKZdB2o7C4gOObxkYanl7Mt2gYB4nE89MBak8UHeXGkPX7vq
rJ/O3S8w0/tWCA+cVYNqUPtUJqB14MpCPi9NejHwaHS2PyawgEqfIt/sXBEPAgb9
a34vBq1nf5k3Y1maIWoz7dLkP4Mhu5SxFHDKypZ8YnJ8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:31:15 2025 by rpki-client