Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/lFNf3AxmUNKK8fWldZNLDB2LCzI.roa
File: lFNf3AxmUNKK8fWldZNLDB2LCzI.roa (raw, json)
Hash identifier: J8OIEm+Y+DFU3Hgv0gJ+biaYCaXn1UBmeO9Mz0CqVoQ=
Subject key identifier: 94:53:5F:DC:0C:66:50:D2:8A:F1:F5:A5:75:93:4B:0C:1D:8B:0B:32
Certificate issuer: /CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Certificate serial: 0185711524CF26AC9D0BDC59CF092A962190
Authority key identifier: F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/lFNf3AxmUNKK8fWldZNLDB2LCzI.roa
Signing time: Mon 02 Jan 2023 06:04:49 +0000
ROA not before: Mon 02 Jan 2023 06:04:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207869
IP address blocks: 91.230.134.0/24 maxlen: 24
91.230.143.0/24 maxlen: 24
91.230.147.0/24 maxlen: 24
91.230.82.0/24 maxlen: 24
2a0f:70c0:100::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:24:cf:26:ac:9d:0b:dc:59:cf:09:2a:96:21:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f83ccaef9c91120ec6fb14ff4c4c5745a0239b77
Validity
Not Before: Jan 2 06:04:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94535fdc0c6650d28af1f5a575934b0c1d8b0b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:4d:fd:91:ae:c9:c3:8f:97:03:06:21:81:
0a:af:0f:55:9d:d1:47:04:55:b3:a5:6a:ad:8f:fd:
d5:e8:a3:66:75:f3:be:f4:00:1f:a4:9b:7e:c9:f2:
f7:52:2d:9b:66:17:49:39:14:c5:9e:ba:9e:40:92:
b6:4a:6c:75:93:27:7b:6d:b0:18:5d:1d:dd:43:0f:
79:f8:ba:89:a1:2e:01:1a:79:c5:42:48:82:33:28:
31:1d:00:d7:42:74:fc:6a:05:53:48:68:f6:40:e0:
73:b8:93:8d:7c:90:72:68:29:e8:e8:f2:94:c7:52:
a0:ed:de:58:ce:13:e7:b5:17:48:4c:03:f2:35:d7:
19:80:32:a7:de:5e:f8:db:65:8e:e1:0e:87:99:45:
ce:72:a4:94:7f:e3:21:cb:4c:b1:c9:c4:5b:7b:ae:
b5:34:fc:f0:97:fb:ba:33:85:d2:03:62:ba:bd:bb:
a5:86:89:d5:fc:75:80:c5:16:1b:e6:3a:6e:99:e7:
f5:d6:a8:7d:ed:79:1f:c5:84:5b:b3:78:00:cb:88:
3a:4f:cb:10:75:b9:d4:67:12:8d:82:c5:21:8f:da:
06:97:e6:8a:19:f5:3e:2e:88:af:68:ef:06:80:8b:
48:ab:76:a3:11:9e:11:36:2a:9d:3d:c5:f6:35:70:
80:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:53:5F:DC:0C:66:50:D2:8A:F1:F5:A5:75:93:4B:0C:1D:8B:0B:32
X509v3 Authority Key Identifier:
keyid:F8:3C:CA:EF:9C:91:12:0E:C6:FB:14:FF:4C:4C:57:45:A0:23:9B:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-DzK75yREg7G-xT_TExXRaAjm3c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/lFNf3AxmUNKK8fWldZNLDB2LCzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/45fcd5-8812-432d-b537-76982f03ea0c/1/1-DzK75yREg7G-xT_TExXRaAjm3c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.82.0/24
91.230.134.0/24
91.230.143.0/24
91.230.147.0/24
IPv6:
2a0f:70c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
48:f9:ec:8b:69:6d:aa:75:9d:69:a2:1d:bd:0b:a9:9a:59:b7:
9d:d4:43:09:40:64:56:d2:86:14:dc:bb:19:93:9b:7b:5c:78:
9c:97:9e:c9:4d:e1:ea:ba:6a:32:3a:95:11:75:7d:0f:ee:a5:
32:4b:2d:17:78:91:36:05:6a:3e:c4:3f:f6:71:35:e3:e0:75:
2b:b5:4e:37:70:0a:17:fc:c0:b3:b8:3c:6b:57:1c:32:ac:3b:
33:53:68:f1:b7:ff:e8:4d:3c:d5:62:0f:66:1f:53:fa:e7:20:
b3:db:b9:b2:a8:1e:11:4c:31:c0:cc:b3:b2:e2:81:70:9f:c7:
f1:bb:fb:5b:76:1a:2b:09:50:c4:a1:ab:c5:b0:bb:bb:08:ab:
b9:c3:74:48:09:0b:78:6f:31:10:14:81:f8:67:f9:db:41:81:
bd:1e:9f:c3:de:ee:fa:6e:1d:7d:87:f0:92:49:a3:7a:20:c5:
a3:96:56:07:91:e4:ed:a6:4e:73:e3:2b:a8:2b:51:db:11:8d:
b4:42:1f:4d:ba:f1:df:ef:77:ca:26:56:98:d6:6b:c9:82:53:
c2:e5:65:f0:e4:2e:5f:10:e3:00:95:7c:0d:21:65:58:8a:e4:
14:db:3b:88:5c:73:2e:c7:25:eb:e5:20:69:82:1e:f1:fd:06:
31:1b:28:95
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYVxFSTPJqydC9xZzwkqliGQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4M2NjYWVmOWM5MTEyMGVjNmZiMTRmZjRjNGM1NzQ1YTAy
MzliNzcwHhcNMjMwMTAyMDYwNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUzNWZkYzBjNjY1MGQyOGFmMWY1YTU3NTkzNGIwYzFkOGIwYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXZN/ZGuycOPlwMGIYEKrw9VndFH
BFWzpWqtj/3V6KNmdfO+9AAfpJt+yfL3Ui2bZhdJORTFnrqeQJK2Smx1kyd7bbAY
XR3dQw95+LqJoS4BGnnFQkiCMygxHQDXQnT8agVTSGj2QOBzuJONfJByaCno6PKU
x1Kg7d5YzhPntRdITAPyNdcZgDKn3l7422WO4Q6HmUXOcqSUf+Mhy0yxycRbe661
NPzwl/u6M4XSA2K6vbulhonV/HWAxRYb5jpumef11qh97XkfxYRbs3gAy4g6T8sQ
dbnUZxKNgsUhj9oGl+aKGfU+LoivaO8GgItIq3ajEZ4RNiqdPcX2NXCAqQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFJRTX9wMZlDSivH1pXWTSwwdiwsyMB8GA1UdIwQY
MBaAFPg8yu+ckRIOxvsU/0xMV0WgI5t3MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Eeks3NXlSRWc3Ry14VF9URXhYUmFBam0zYy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3
LTc2OTgyZjAzZWEwYy8xL2xGTmYzQXhtVU5LSzhmV2xkWk5MREIyTEN6SS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmYvNDVmY2Q1LTg4MTItNDMyZC1iNTM3LTc2OTgyZjAzZWEw
Yy8xLzEtRHpLNzV5UkVnN0cteFRfVEV4WFJhQWptM2MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQgYIKwYBBQUHAQcBAf8EMzAxMB4EAgABMBgDBABb5lID
BABb5oYDBABb5o8DBABb5pMwDwQCAAIwCQMHACoPcMABADANBgkqhkiG9w0BAQsF
AAOCAQEASPnsi2ltqnWdaaIdvQupmlm3ndRDCUBkVtKGFNy7GZObe1x4nJeeyU3h
6rpqMjqVEXV9D+6lMkstF3iRNgVqPsQ/9nE14+B1K7VON3AKF/zAs7g8a1ccMqw7
M1No8bf/6E081WIPZh9T+ucgs9u5sqgeEUwxwMyzsuKBcJ/H8bv7W3YaKwlQxKGr
xbC7uwirucN0SAkLeG8xEBSB+Gf520GBvR6fw97u+m4dfYfwkkmjeiDFo5ZWB5Hk
7aZOc+MrqCtR2xGNtEIfTbrx3+93yiZWmNZryYJTwuVl8OQuXxDjAJV8DSFlWIrk
FNs7iFxzLscl6+UgaYIe8f0GMRsolQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:15 2025 by rpki-client