Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LCMmPVETixRTAd0O8S7nSJJ1UXg.roa
File: LCMmPVETixRTAd0O8S7nSJJ1UXg.roa (raw, json)
Hash identifier: eQrVYYpvmndcP+Qi4iFxk5/On1TP/2dXnM/0zhUPf60=
Subject key identifier: 2C:23:26:3D:51:13:8B:14:53:01:DD:0E:F1:2E:E7:48:92:75:51:78
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018870D544085106D3CC2ABEED2E1EDB74A4
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LCMmPVETixRTAd0O8S7nSJJ1UXg.roa
Signing time: Wed 31 May 2023 08:03:24 +0000
ROA not before: Wed 31 May 2023 08:03:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56630
IP address blocks: 194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:d5:44:08:51:06:d3:cc:2a:be:ed:2e:1e:db:74:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 31 08:03:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c23263d51138b145301dd0ef12ee74892755178
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e7:7d:8a:d0:b4:5d:5b:32:e0:31:77:1e:2d:
02:00:8f:16:e9:fe:f1:05:e5:ee:48:79:39:5a:82:
53:9a:ea:18:f4:79:c6:6a:82:69:d8:1a:38:f4:86:
a4:df:d4:d3:bb:97:eb:2f:5c:f2:ce:55:e0:3f:fc:
7b:4e:0e:72:67:d6:13:f8:55:6d:9f:c3:0b:29:32:
2f:42:c1:8f:56:e5:b0:0f:b5:97:bf:d9:03:2d:f2:
ea:6d:3e:d8:f3:7d:ae:19:44:c4:e4:fc:ed:3c:b2:
1f:b5:b5:c8:b1:b8:22:95:8b:72:1f:a5:7b:0b:aa:
88:19:4a:de:42:7f:40:6c:e1:f5:89:c4:b8:95:69:
8e:87:0f:64:7d:9f:4b:cf:0b:38:78:42:ac:c6:1a:
84:75:63:16:8d:70:af:27:7d:ba:ee:ff:e5:fd:1b:
a5:81:f1:61:77:a3:75:90:68:b6:98:94:62:47:0e:
17:2d:69:4d:94:8f:de:18:eb:1a:c9:49:01:26:ac:
7a:3c:6c:0b:fb:81:46:7f:e8:b5:c7:f9:f6:5c:b5:
d4:83:f0:f3:9b:af:b8:85:60:59:c0:fc:a1:20:a3:
1f:26:b5:86:a4:5e:99:66:f3:6b:6c:f4:47:19:91:
55:af:ec:46:ea:f8:fb:9a:e6:fa:c5:6e:42:8f:03:
47:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:23:26:3D:51:13:8B:14:53:01:DD:0E:F1:2E:E7:48:92:75:51:78
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/LCMmPVETixRTAd0O8S7nSJJ1UXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.41.0/24
192.36.61.0/24
192.71.26.0/24
192.121.163.0/24
192.121.171.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:11:f9:8e:59:cd:44:c1:ac:7e:f3:95:65:e7:8e:50:e5:f8:
a0:ea:90:d3:e9:16:98:76:0f:cd:50:e2:a9:66:66:ce:73:2a:
69:e2:4f:87:23:04:94:f2:62:7c:a7:84:3f:d5:61:25:db:d9:
f3:30:f4:db:d4:ca:5f:eb:70:08:f4:ed:b1:1e:49:19:5b:92:
61:35:41:3b:71:56:32:5b:0e:3f:34:51:11:b0:64:6a:32:c3:
af:1b:15:7e:5d:2e:55:ea:c6:68:97:da:a1:ee:11:03:7e:8e:
be:2e:42:00:11:ae:b9:f3:c2:d5:e0:fa:4d:2f:6b:ac:37:e2:
66:68:b0:3f:d8:be:e0:a8:92:27:6f:e6:80:ab:8b:d9:f3:f5:
bc:12:5a:ca:08:3c:10:e8:3e:71:1e:a0:68:01:99:81:b5:8b:
e4:82:d8:50:8c:62:7d:bc:e0:57:fb:bd:50:ce:b4:4e:73:46:
c6:e1:79:8f:a1:6b:29:fb:8f:13:c2:4e:2b:0e:9b:25:cf:a5:
2c:ca:44:64:20:8c:d5:63:84:7a:a1:e4:b6:4f:94:9e:f7:30:
b8:1d:e4:41:e0:6e:c0:1b:d3:a7:7a:cc:7e:88:09:0d:69:08:
df:8d:09:e1:b6:7c:66:44:1a:c9:fb:93:9b:db:15:3a:b7:6a:
24:17:c3:b8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYhw1UQIUQbTzCq+7S4e23SkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwNTMxMDgwMzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzIzMjYzZDUxMTM4YjE0NTMwMWRkMGVmMTJlZTc0ODkyNzU1MTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Od9itC0XVsy4DF3Hi0CAI8W6f7x
BeXuSHk5WoJTmuoY9HnGaoJp2Bo49Iak39TTu5frL1zyzlXgP/x7Tg5yZ9YT+FVt
n8MLKTIvQsGPVuWwD7WXv9kDLfLqbT7Y832uGUTE5PztPLIftbXIsbgilYtyH6V7
C6qIGUreQn9AbOH1icS4lWmOhw9kfZ9Lzws4eEKsxhqEdWMWjXCvJ3267v/l/Rul
gfFhd6N1kGi2mJRiRw4XLWlNlI/eGOsayUkBJqx6PGwL+4FGf+i1x/n2XLXUg/Dz
m6+4hWBZwPyhIKMfJrWGpF6ZZvNrbPRHGZFVr+xG6vj7mub6xW5CjwNH5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCwjJj1RE4sUUwHdDvEu50iSdVF4MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvTENNbVBWRVRpeFJUQWQwTzhTN25TSkoxVVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwCQpAwQA
wCQ9AwQAwEcaAwQAwHmjAwQAwHmrAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUA
A4IBAQA9EfmOWc1Ewax+85Vl545Q5fig6pDT6RaYdg/NUOKpZmbOcypp4k+HIwSU
8mJ8p4Q/1WEl29nzMPTb1Mpf63AI9O2xHkkZW5JhNUE7cVYyWw4/NFERsGRqMsOv
GxV+XS5V6sZol9qh7hEDfo6+LkIAEa6588LV4PpNL2usN+JmaLA/2L7gqJInb+aA
q4vZ8/W8ElrKCDwQ6D5xHqBoAZmBtYvkgthQjGJ9vOBX+71QzrROc0bG4XmPoWsp
+48Twk4rDpslz6UsykRkIIzVY4R6oeS2T5Se9zC4HeRB4G7AG9Onesx+iAkNaQjf
jQnhtnxmRBrJ+5Ob2xU6t2okF8O4
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:27 2025 by rpki-client