Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/LJuHw7mxLnl75Zry4SVuchipkJE.roa
File: LJuHw7mxLnl75Zry4SVuchipkJE.roa (raw, json)
Hash identifier: 3oKhiAAA+2uTTCWsdTnO9/AJ7+H1sL0Gfa/EkV8MKlw=
Subject key identifier: 2C:9B:87:C3:B9:B1:2E:79:7B:E5:9A:F2:E1:25:6E:72:18:A9:90:91
Certificate issuer: /CN=8d66032e08894118d7998c5c060ca46eb3871338
Certificate serial: 018AFA9CD97459FA593C036DE0B6D341B9FC
Authority key identifier: 8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/LJuHw7mxLnl75Zry4SVuchipkJE.roa
Signing time: Wed 04 Oct 2023 12:14:57 +0000
ROA not before: Wed 04 Oct 2023 12:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43006
IP address blocks: 185.169.146.0/23 maxlen: 24
217.70.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:9c:d9:74:59:fa:59:3c:03:6d:e0:b6:d3:41:b9:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d66032e08894118d7998c5c060ca46eb3871338
Validity
Not Before: Oct 4 12:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c9b87c3b9b12e797be59af2e1256e7218a99091
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8a:b9:cf:a2:83:77:e9:3f:b0:22:5d:9f:04:
8a:80:01:ed:88:39:a9:bc:31:a6:3c:e6:d8:26:b8:
75:13:78:c4:00:8a:16:08:fd:17:b8:bc:a0:7c:5c:
e5:13:88:a0:4c:42:2f:e2:6b:a2:24:5b:a4:41:7f:
ee:d4:af:f3:65:49:c8:d2:03:b9:55:c3:f0:aa:07:
df:e0:ac:07:3d:51:03:22:08:3c:d4:43:db:48:5b:
02:2c:fb:53:e2:48:ca:ae:61:ce:b7:22:f8:00:d1:
fa:ab:e5:3e:3d:27:1d:9c:ba:21:e3:61:42:1d:18:
50:d4:27:23:4f:bd:5e:7c:2c:88:3a:fd:95:03:4b:
aa:82:97:56:31:d8:83:bd:f8:92:5b:86:f2:be:06:
92:c4:76:73:3b:fc:74:41:ee:14:95:2d:bb:d2:d4:
19:71:42:8e:96:67:d9:a6:99:46:dd:74:1e:89:fb:
f0:e1:4d:c5:50:2b:72:c6:5c:ca:f1:53:5b:d2:59:
26:59:6e:bd:53:49:4b:03:7a:29:a2:08:19:e9:f9:
38:69:0a:dc:29:0d:83:54:f3:01:1e:85:3c:37:7d:
c4:ea:41:1d:fb:5b:b1:ee:82:4b:0e:cb:05:b5:5c:
45:e0:bb:2d:6a:f0:18:0b:7e:68:34:c0:79:0f:fc:
06:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:9B:87:C3:B9:B1:2E:79:7B:E5:9A:F2:E1:25:6E:72:18:A9:90:91
X509v3 Authority Key Identifier:
keyid:8D:66:03:2E:08:89:41:18:D7:99:8C:5C:06:0C:A4:6E:B3:87:13:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jWYDLgiJQRjXmYxcBgykbrOHEzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/LJuHw7mxLnl75Zry4SVuchipkJE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/872dc7-7c01-4e66-844e-599d1ca6a5fd/1/jWYDLgiJQRjXmYxcBgykbrOHEzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.169.146.0/23
217.70.224.0/22
Signature Algorithm: sha256WithRSAEncryption
36:cd:7d:71:90:ae:8d:e1:e3:f3:9e:31:5f:c7:c2:8c:cf:da:
fa:c3:17:a5:3d:0e:3f:bf:e3:10:0f:a8:1b:d1:97:3d:79:f9:
94:a1:18:52:49:d8:60:ba:d6:53:35:00:3e:61:4c:60:ef:96:
69:5b:ef:97:3f:2f:12:3b:14:62:64:f3:e6:2a:72:da:75:a8:
bb:ec:ce:6b:d9:c8:20:b6:9d:7d:f5:92:3c:aa:3f:4e:c3:a5:
b1:c9:51:ee:d1:bd:2d:d3:bc:8b:11:0d:fe:7e:a4:f2:19:f8:
15:56:78:7c:e7:62:c0:ed:5f:37:98:40:f2:e1:35:d9:76:30:
23:ec:ae:fc:67:74:31:de:e2:5b:fd:30:40:22:10:22:03:8f:
aa:a5:e1:f2:e5:86:98:90:9b:ab:4f:ef:65:f9:f1:7c:b4:d6:
fd:8b:3e:97:67:86:94:37:67:a6:a9:5d:2f:4e:24:51:ab:70:
29:03:09:c2:40:9e:26:2c:be:5f:ec:3b:66:85:91:ea:d2:89:
b4:af:fe:07:62:24:a7:35:b7:eb:6a:66:7d:74:78:2a:25:76:
09:c0:3e:92:8b:bd:d2:5d:7a:ab:3f:13:42:1c:25:89:64:40:
c8:ea:ef:49:fa:33:bf:1e:cf:34:d3:64:49:6f:c3:cd:21:f7:
f6:b6:14:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYr6nNl0WfpZPANt4LbTQbn8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNjYwMzJlMDg4OTQxMThkNzk5OGM1YzA2MGNhNDZlYjM4
NzEzMzgwHhcNMjMxMDA0MTIxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzliODdjM2I5YjEyZTc5N2JlNTlhZjJlMTI1NmU3MjE4YTk5MDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4q5z6KDd+k/sCJdnwSKgAHtiDmp
vDGmPObYJrh1E3jEAIoWCP0XuLygfFzlE4igTEIv4muiJFukQX/u1K/zZUnI0gO5
VcPwqgff4KwHPVEDIgg81EPbSFsCLPtT4kjKrmHOtyL4ANH6q+U+PScdnLoh42FC
HRhQ1CcjT71efCyIOv2VA0uqgpdWMdiDvfiSW4byvgaSxHZzO/x0Qe4UlS270tQZ
cUKOlmfZpplG3XQeifvw4U3FUCtyxlzK8VNb0lkmWW69U0lLA3opoggZ6fk4aQrc
KQ2DVPMBHoU8N33E6kEd+1ux7oJLDssFtVxF4LstavAYC35oNMB5D/wGMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCybh8O5sS55e+Wa8uElbnIYqZCRMB8GA1UdIwQY
MBaAFI1mAy4IiUEY15mMXAYMpG6zhxM4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUt
NTk5ZDFjYTZhNWZkLzEvTEp1SHc3bXhMbmw3NVpyeTRTVnVjaGlwa0pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84NzJkYzctN2MwMS00ZTY2LTg0NGUtNTk5ZDFjYTZhNWZk
LzEvaldZRExnaUpRUmpYbVl4Y0JneWtick9IRXpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuamSAwQC
2UbgMA0GCSqGSIb3DQEBCwUAA4IBAQA2zX1xkK6N4ePznjFfx8KMz9r6wxelPQ4/
v+MQD6gb0Zc9efmUoRhSSdhgutZTNQA+YUxg75ZpW++XPy8SOxRiZPPmKnLadai7
7M5r2cggtp199ZI8qj9Ow6WxyVHu0b0t07yLEQ3+fqTyGfgVVnh852LA7V83mEDy
4TXZdjAj7K78Z3Qx3uJb/TBAIhAiA4+qpeHy5YaYkJurT+9l+fF8tNb9iz6XZ4aU
N2emqV0vTiRRq3ApAwnCQJ4mLL5f7DtmhZHq0om0r/4HYiSnNbframZ9dHgqJXYJ
wD6Si73SXXqrPxNCHCWJZEDI6u9J+jO/Hs8002RJb8PNIff2thSG
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:29 2025 by rpki-client