Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/lbbb2pA62D4k7rurVT89p43IVoM.roa
File: lbbb2pA62D4k7rurVT89p43IVoM.roa (raw, json)
Hash identifier: IojXizTf9nyZCIDh9NwOHnMS5YOdp8bsj7PYfCU0+ZA=
Subject key identifier: 95:B6:DB:DA:90:3A:D8:3E:24:EE:BB:AB:55:3F:3D:A7:8D:C8:56:83
Certificate issuer: /CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Certificate serial: 0185704BBAF5F8F243931232710EB30D92E3
Authority key identifier: 6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/lbbb2pA62D4k7rurVT89p43IVoM.roa
Signing time: Mon 02 Jan 2023 02:24:49 +0000
ROA not before: Mon 02 Jan 2023 02:24:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8315
IP address blocks: 91.223.124.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:ba:f5:f8:f2:43:93:12:32:71:0e:b3:0d:92:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f85a4d564283a7fddf6345697d6bc3373a32246
Validity
Not Before: Jan 2 02:24:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95b6dbda903ad83e24eebbab553f3da78dc85683
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5f:45:10:59:0a:1a:79:79:46:0c:f1:85:1c:
27:a9:84:8e:e6:2b:f6:cb:bd:fe:cd:d3:a6:e1:35:
5f:c8:6d:14:69:e4:ed:d2:71:98:70:29:1c:1e:57:
6d:cb:aa:cc:38:58:56:c3:6b:52:1c:b4:8a:30:2e:
b0:ea:93:03:1f:6d:3d:41:11:9b:27:13:ac:b6:07:
29:ce:f5:fe:f8:ec:ae:47:f1:3e:3c:61:9b:f9:3d:
0d:a2:c9:bc:3f:13:c3:06:b7:9d:c7:f9:28:fb:85:
89:a3:c4:b8:14:17:53:08:5f:7d:de:86:23:22:73:
a6:65:21:d0:e7:70:b9:16:dd:18:b6:77:0a:c5:de:
2e:50:1f:18:29:34:f6:97:27:43:6b:b2:a7:60:d7:
cd:1f:b3:20:ab:ca:10:90:eb:21:c4:fa:08:2c:dd:
27:42:6d:f8:58:f1:a7:88:04:30:da:63:1f:ae:65:
fb:ef:dc:d7:23:92:db:7a:69:d3:5b:3a:b9:57:58:
ed:44:df:14:7b:d4:e8:f0:bd:db:1e:54:4a:4f:91:
4d:44:31:98:a6:c0:e8:f1:87:b1:e0:a7:fd:7d:0a:
b2:6b:95:f8:f1:0d:ec:96:a9:40:fe:53:de:78:b3:
0f:f8:2f:47:01:9d:f2:d5:da:ba:4f:fc:41:61:8f:
ab:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:B6:DB:DA:90:3A:D8:3E:24:EE:BB:AB:55:3F:3D:A7:8D:C8:56:83
X509v3 Authority Key Identifier:
keyid:6F:85:A4:D5:64:28:3A:7F:DD:F6:34:56:97:D6:BC:33:73:A3:22:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/lbbb2pA62D4k7rurVT89p43IVoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/98dffa-810b-49b5-addd-061fc1aeb158/1/b4Wk1WQoOn_d9jRWl9a8M3OjIkY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.124.0/24
Signature Algorithm: sha256WithRSAEncryption
d8:d0:fb:84:6c:99:66:29:ac:7a:e2:a6:5e:4d:3a:c9:7f:b7:
0f:e9:65:08:5a:cc:1b:1d:4b:ef:92:88:f3:09:1d:4b:bf:1d:
8d:d3:dc:cd:20:c0:71:cf:d4:e4:b7:62:67:47:7a:63:fe:ff:
fa:58:03:bd:03:c8:43:53:98:c7:d7:e4:44:3f:25:7c:20:6f:
07:6d:84:52:d7:5b:35:dc:32:ad:fb:98:d3:08:be:06:6d:55:
4d:df:44:83:fa:e1:92:95:3f:44:f7:77:0b:1d:df:bc:2e:ff:
0d:f2:ec:f7:79:ce:bd:1d:44:88:42:ec:bf:ea:71:51:d4:df:
27:4e:28:41:72:85:be:d4:e5:f6:fb:e5:ee:63:59:18:29:ea:
d3:90:d8:28:b6:ef:e6:ee:2a:79:aa:6f:1e:fc:02:08:21:c0:
f6:f0:85:e7:0c:02:03:73:c6:95:8d:d9:e0:bf:0a:26:e1:2b:
ff:1e:c1:f3:87:42:9c:c2:1e:da:f1:4b:6c:df:7c:08:26:a2:
a0:ab:f1:b0:6a:47:44:ca:a1:4a:9b:3a:06:a8:57:cd:4a:e2:
b0:69:99:c2:a4:f4:14:ea:64:f3:ae:c7:dd:d7:de:a8:0f:3d:
1e:52:45:66:a5:cb:2d:ca:0d:89:ec:40:0a:7f:23:8b:1f:e6:
1b:49:36:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwS7r1+PJDkxIycQ6zDZLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODVhNGQ1NjQyODNhN2ZkZGY2MzQ1Njk3ZDZiYzMzNzNh
MzIyNDYwHhcNMjMwMTAyMDIyNDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWI2ZGJkYTkwM2FkODNlMjRlZWJiYWI1NTNmM2RhNzhkYzg1NjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhF9FEFkKGnl5RgzxhRwnqYSO5iv2
y73+zdOm4TVfyG0UaeTt0nGYcCkcHldty6rMOFhWw2tSHLSKMC6w6pMDH209QRGb
JxOstgcpzvX++OyuR/E+PGGb+T0Nosm8PxPDBredx/ko+4WJo8S4FBdTCF993oYj
InOmZSHQ53C5Ft0YtncKxd4uUB8YKTT2lydDa7KnYNfNH7Mgq8oQkOshxPoILN0n
Qm34WPGniAQw2mMfrmX779zXI5LbemnTWzq5V1jtRN8Ue9To8L3bHlRKT5FNRDGY
psDo8Yex4Kf9fQqya5X48Q3slqlA/lPeeLMP+C9HAZ3y1dq6T/xBYY+rGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJW229qQOtg+JO67q1U/PaeNyFaDMB8GA1UdIwQY
MBaAFG+FpNVkKDp/3fY0VpfWvDNzoyJGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQt
MDYxZmMxYWViMTU4LzEvbGJiYjJwQTYyRDRrN3J1clZUODlwNDNJVm9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC85OGRmZmEtODEwYi00OWI1LWFkZGQtMDYxZmMxYWViMTU4
LzEvYjRXazFXUW9Pbl9kOWpSV2w5YThNM09qSWtZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW998MA0G
CSqGSIb3DQEBCwUAA4IBAQDY0PuEbJlmKax64qZeTTrJf7cP6WUIWswbHUvvkojz
CR1Lvx2N09zNIMBxz9Tkt2JnR3pj/v/6WAO9A8hDU5jH1+REPyV8IG8HbYRS11s1
3DKt+5jTCL4GbVVN30SD+uGSlT9E93cLHd+8Lv8N8uz3ec69HUSIQuy/6nFR1N8n
TihBcoW+1OX2++XuY1kYKerTkNgotu/m7ip5qm8e/AIIIcD28IXnDAIDc8aVjdng
vwom4Sv/HsHzh0Kcwh7a8Uts33wIJqKgq/GwakdEyqFKmzoGqFfNSuKwaZnCpPQU
6mTzrsfd196oDz0eUkVmpcstyg2J7EAKfyOLH+YbSTbH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:26 2025 by rpki-client