Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lcFNVf5fryC6_5BLbPGzLSn6sr4.roa
File: lcFNVf5fryC6_5BLbPGzLSn6sr4.roa (raw, json)
Hash identifier: S//10d8uk5+sYy4T7gkUVoJVZMPYBKfkHjln40HtJQU=
Subject key identifier: 95:C1:4D:55:FE:5F:AF:20:BA:FF:90:4B:6C:F1:B3:2D:29:FA:B2:BE
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018413E2FC5A79388E383AF482E5B2B6BA5F
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lcFNVf5fryC6_5BLbPGzLSn6sr4.roa
Signing time: Wed 26 Oct 2022 10:42:33 +0000
ROA not before: Wed 26 Oct 2022 10:42:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204230
IP address blocks: 62.89.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:13:e2:fc:5a:79:38:8e:38:3a:f4:82:e5:b2:b6:ba:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 26 10:42:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95c14d55fe5faf20baff904b6cf1b32d29fab2be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:23:b4:1c:7b:14:3d:dd:03:ff:09:ed:e6:65:
cc:fa:5b:6e:e5:48:ca:86:e1:56:17:3a:b4:10:8a:
1b:e5:51:2a:be:a7:92:53:da:cf:ac:53:b7:b2:bf:
8c:27:76:2f:d9:f3:bc:3c:bd:92:c7:96:0f:ea:07:
c3:2f:05:9d:97:ca:48:c1:c4:24:5e:d2:1f:b4:5d:
34:03:82:24:66:cc:29:38:3a:bf:22:eb:c2:52:fc:
1b:02:32:74:99:4a:e2:c9:2f:7b:26:0d:43:9e:4e:
bc:14:fc:a9:71:40:0d:b5:a2:e3:5c:28:2e:7b:d8:
ad:cd:a8:fa:ad:0d:04:45:18:78:12:af:0d:fd:49:
97:ab:80:ba:ab:77:ca:b3:eb:64:05:2a:1b:ab:e7:
f5:53:79:e4:c3:97:93:a5:7c:ba:5e:20:eb:4b:f6:
90:d7:36:bf:14:5a:31:c3:a3:5a:7a:ac:11:94:86:
03:88:63:ea:0a:06:c6:e3:f7:af:aa:e3:b8:b2:93:
92:7f:da:98:9b:3b:b5:2b:c3:76:67:ad:44:33:ec:
4c:c3:b6:9a:55:41:a6:1d:ee:c2:9e:15:2f:9b:30:
3a:9a:2f:6f:ef:4f:8a:49:14:ee:5c:5d:df:7f:53:
73:39:04:38:d2:de:ce:06:57:fb:e7:46:7b:37:14:
bb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:C1:4D:55:FE:5F:AF:20:BA:FF:90:4B:6C:F1:B3:2D:29:FA:B2:BE
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/lcFNVf5fryC6_5BLbPGzLSn6sr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.89.195.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2d:eb:2c:42:fb:20:62:8b:65:96:76:5a:16:b7:e6:75:18:
ad:fd:9b:c7:16:b2:6b:8d:f2:eb:fb:1b:e7:0d:de:4b:b1:0d:
a5:36:8e:f4:33:dd:b8:5f:fd:cd:b2:dd:f5:99:d5:1d:32:2f:
c8:4b:ac:d3:0f:9f:44:91:f5:33:da:d5:09:31:a3:07:b6:7d:
5f:02:c8:18:94:25:e1:6f:09:fc:df:36:6d:8e:e9:ff:ae:c8:
25:9a:58:d2:0d:15:cc:3d:1e:8a:94:25:1e:6e:cd:e4:74:76:
39:da:a3:8e:da:bb:c3:65:88:8e:c8:f8:43:e0:e0:de:0a:90:
bd:13:41:a4:24:0f:12:63:a5:32:1d:6c:89:79:64:08:38:a8:
e4:5d:50:72:df:0d:38:23:dd:a9:af:d6:16:08:fa:cb:90:62:
24:3f:03:df:54:d0:8c:8d:80:45:6b:f5:99:1a:1c:11:b7:8e:
de:ac:15:6e:27:7c:cc:86:03:9e:b5:ea:7d:7f:26:44:30:8f:
a9:8b:08:27:07:32:3b:4f:16:b4:96:9c:ee:34:b4:94:a7:37:
d1:69:48:b0:7d:4a:3e:31:cf:2f:d9:66:2a:f2:35:ae:75:3c:
61:06:d3:af:48:cd:d8:9e:42:81:8c:26:88:81:61:9c:79:52:
9d:67:b2:94
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYQT4vxaeTiOODr0guWytrpfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMDI2MTA0MjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWMxNGQ1NWZlNWZhZjIwYmFmZjkwNGI2Y2YxYjMyZDI5ZmFiMmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSO0HHsUPd0D/wnt5mXM+ltu5UjK
huFWFzq0EIob5VEqvqeSU9rPrFO3sr+MJ3Yv2fO8PL2Sx5YP6gfDLwWdl8pIwcQk
XtIftF00A4IkZswpODq/IuvCUvwbAjJ0mUriyS97Jg1Dnk68FPypcUANtaLjXCgu
e9itzaj6rQ0ERRh4Eq8N/UmXq4C6q3fKs+tkBSobq+f1U3nkw5eTpXy6XiDrS/aQ
1za/FFoxw6NaeqwRlIYDiGPqCgbG4/evquO4spOSf9qYmzu1K8N2Z61EM+xMw7aa
VUGmHe7CnhUvmzA6mi9v70+KSRTuXF3ff1NzOQQ40t7OBlf750Z7NxS7hQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJXBTVX+X68guv+QS2zxsy0p+rK+MB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvbGNGTlZmNWZyeUM2XzVCTGJQR3pMU242c3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAPlnDMA0G
CSqGSIb3DQEBCwUAA4IBAQCcLessQvsgYotllnZaFrfmdRit/ZvHFrJrjfLr+xvn
Dd5LsQ2lNo70M924X/3Nst31mdUdMi/IS6zTD59EkfUz2tUJMaMHtn1fAsgYlCXh
bwn83zZtjun/rsglmljSDRXMPR6KlCUebs3kdHY52qOO2rvDZYiOyPhD4ODeCpC9
E0GkJA8SY6UyHWyJeWQIOKjkXVBy3w04I92pr9YWCPrLkGIkPwPfVNCMjYBFa/WZ
GhwRt47erBVuJ3zMhgOetep9fyZEMI+piwgnBzI7Txa0lpzuNLSUpzfRaUiwfUo+
Mc8v2WYq8jWudTxhBtOvSM3YnkKBjCaIgWGceVKdZ7KU
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:56:41 2025 by rpki-client