Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LsoBt8N8CEaiZMEPL5dl_p_99Lk.roa
File: LsoBt8N8CEaiZMEPL5dl_p_99Lk.roa (raw, json)
Hash identifier: kF6SU+DmGHOhxrxWiqAlOJjoAqHMYpiZimSsJbNVYEY=
Subject key identifier: 2E:CA:01:B7:C3:7C:08:46:A2:64:C1:0F:2F:97:65:FE:9F:FD:F4:B9
Certificate issuer: /CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Certificate serial: 0189BA0468E1D06D3C7DB98F3353871988A6
Authority key identifier: F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LsoBt8N8CEaiZMEPL5dl_p_99Lk.roa
Signing time: Thu 03 Aug 2023 06:09:58 +0000
ROA not before: Thu 03 Aug 2023 06:09:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62442
IP address blocks: 95.38.38.0/24 maxlen: 24
95.38.45.0/24 maxlen: 24
95.38.72.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ba:04:68:e1:d0:6d:3c:7d:b9:8f:33:53:87:19:88:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c104041691dc384f3b1a8cdf95c96628ea6daf
Validity
Not Before: Aug 3 06:09:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2eca01b7c37c0846a264c10f2f9765fe9ffdf4b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:28:71:ba:60:96:64:63:8d:3d:01:a2:af:78:
5d:08:ec:be:94:14:e5:87:96:45:f2:64:36:5d:a9:
b9:65:ac:dc:12:07:53:71:4e:8f:91:6d:f1:56:9d:
d0:e8:7b:31:50:87:b2:f8:bc:d9:ff:54:4e:b0:ef:
b9:8c:4e:04:e9:c3:8e:b1:dc:6a:c1:e6:72:29:b2:
f3:80:80:ea:9b:72:88:10:b1:c9:a0:17:69:3e:69:
47:79:40:b6:15:fb:3a:89:74:bc:20:25:ff:99:41:
58:57:df:ae:e2:84:88:3e:f4:cc:0a:dc:9f:2f:13:
3f:6e:95:32:9a:ff:34:ed:00:69:7a:2b:b9:a2:45:
c0:da:de:8e:6f:2c:40:f4:ba:0e:e3:cb:1c:fa:e3:
b7:b3:de:78:18:ac:13:1d:b1:a1:ec:66:0c:c5:a7:
53:ff:de:82:47:cf:f9:cf:94:0a:26:d2:dd:cb:52:
fb:f1:00:6b:d6:48:bc:a0:97:41:86:b6:3b:03:49:
cb:8f:b7:8a:90:06:6a:0a:f4:d7:36:fe:5a:9c:37:
fb:28:e9:7a:b4:ff:34:fd:f0:d5:ba:4a:9d:ed:66:
00:46:19:10:48:69:ac:15:e5:4a:00:1d:7b:2e:8d:
80:6c:a2:cd:15:0a:17:95:c4:ea:ec:e0:27:e2:29:
2d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:CA:01:B7:C3:7C:08:46:A2:64:C1:0F:2F:97:65:FE:9F:FD:F4:B9
X509v3 Authority Key Identifier:
keyid:F0:C1:04:04:16:91:DC:38:4F:3B:1A:8C:DF:95:C9:66:28:EA:6D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8MEEBBaR3DhPOxqM35XJZijqba8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/LsoBt8N8CEaiZMEPL5dl_p_99Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/789caf-c8d2-419e-ae04-691422311729/1/8MEEBBaR3DhPOxqM35XJZijqba8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.38.38.0/24
95.38.45.0/24
95.38.72.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:e1:ce:97:b8:82:67:0f:27:56:22:78:c1:e7:89:76:03:da:
b9:e6:29:20:6e:6a:60:9c:19:60:bc:e2:f0:31:79:cb:f7:67:
5f:c9:ca:12:fc:18:30:7c:4f:f7:7c:87:ce:0d:3e:e8:90:50:
f6:9c:a2:0c:0f:22:fa:32:fd:c9:33:31:fb:e8:2d:0d:0b:03:
e4:2d:85:75:ad:3d:23:25:8a:8c:1c:d2:8b:89:38:d8:9d:61:
af:8a:af:ac:20:ee:0d:57:96:60:9c:a3:ac:b2:a7:3c:f1:19:
bd:08:67:ba:8e:2a:93:55:aa:88:92:69:d9:70:c4:69:9d:02:
c9:d5:82:05:cb:83:b8:75:83:dc:b5:17:c2:47:6f:1a:6b:ae:
b1:a1:89:15:b2:17:fd:cd:54:40:e9:88:30:44:b5:58:65:92:
e1:6f:4e:14:fb:15:ec:e5:3d:40:84:f2:08:0a:1d:23:b2:84:
78:03:0a:09:91:06:13:bc:1b:7d:b8:44:82:f7:68:61:2c:8b:
e9:84:31:2d:44:eb:08:17:ae:64:a5:a9:ac:70:ed:ae:a1:55:
d8:f4:29:9f:6c:ab:1c:82:5b:05:e9:2d:8b:88:e4:b2:71:43:
11:2c:8c:06:a4:77:82:e7:5d:21:c8:ea:1f:81:6d:32:70:ee:
9d:35:c5:57
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYm6BGjh0G08fbmPM1OHGYimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzEwNDA0MTY5MWRjMzg0ZjNiMWE4Y2RmOTVjOTY2Mjhl
YTZkYWYwHhcNMjMwODAzMDYwOTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWNhMDFiN2MzN2MwODQ2YTI2NGMxMGYyZjk3NjVmZTlmZmRmNGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlihxumCWZGONPQGir3hdCOy+lBTl
h5ZF8mQ2Xam5ZazcEgdTcU6PkW3xVp3Q6HsxUIey+LzZ/1ROsO+5jE4E6cOOsdxq
weZyKbLzgIDqm3KIELHJoBdpPmlHeUC2Ffs6iXS8ICX/mUFYV9+u4oSIPvTMCtyf
LxM/bpUymv807QBpeiu5okXA2t6ObyxA9LoO48sc+uO3s954GKwTHbGh7GYMxadT
/96CR8/5z5QKJtLdy1L78QBr1ki8oJdBhrY7A0nLj7eKkAZqCvTXNv5anDf7KOl6
tP80/fDVukqd7WYARhkQSGmsFeVKAB17Lo2AbKLNFQoXlcTq7OAn4iktIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC7KAbfDfAhGomTBDy+XZf6f/fS5MB8GA1UdIwQY
MBaAFPDBBAQWkdw4TzsajN+VyWYo6m2vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQt
NjkxNDIyMzExNzI5LzEvTHNvQnQ4TjhDRWFpWk1FUEw1ZGxfcF85OUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS83ODljYWYtYzhkMi00MTllLWFlMDQtNjkxNDIyMzExNzI5
LzEvOE1FRUJCYVIzRGhQT3hxTTM1WEpaaWpxYmE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXyYmAwQA
XyYtAwQAXyZIMA0GCSqGSIb3DQEBCwUAA4IBAQAs4c6XuIJnDydWInjB54l2A9q5
5ikgbmpgnBlgvOLwMXnL92dfycoS/BgwfE/3fIfODT7okFD2nKIMDyL6Mv3JMzH7
6C0NCwPkLYV1rT0jJYqMHNKLiTjYnWGviq+sIO4NV5ZgnKOssqc88Rm9CGe6jiqT
VaqIkmnZcMRpnQLJ1YIFy4O4dYPctRfCR28aa66xoYkVshf9zVRA6YgwRLVYZZLh
b04U+xXs5T1AhPIICh0jsoR4AwoJkQYTvBt9uESC92hhLIvphDEtROsIF65kpams
cO2uoVXY9CmfbKscglsF6S2LiOSycUMRLIwGpHeC510hyOofgW0ycO6dNcVX
-----END CERTIFICATE-----
Generated at Mon Jun 9 04:18:32 2025 by rpki-client