Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lqpaGqkCMK80GpjCpg4Z_g0JbWA.roa
File: lqpaGqkCMK80GpjCpg4Z_g0JbWA.roa (raw, json)
Hash identifier: 83KueCg8znn3F14fpCeZ1fcEOs/rxCGROzGy4VjdUns=
Subject key identifier: 96:AA:5A:1A:A9:02:30:AF:34:1A:98:C2:A6:0E:19:FE:0D:09:6D:60
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAE76FFFBD74A2CEA241DEB90A874A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lqpaGqkCMK80GpjCpg4Z_g0JbWA.roa
Signing time: Sun 01 Jan 2023 10:05:14 +0000
ROA not before: Sun 01 Jan 2023 10:05:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41884
IP address blocks: 192.121.218.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e7:6f:ff:bd:74:a2:ce:a2:41:de:b9:0a:87:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=96aa5a1aa90230af341a98c2a60e19fe0d096d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:f8:01:3a:1f:27:09:a3:85:5e:ac:13:d2:55:
fe:5e:f4:ea:70:bf:b2:2c:29:35:86:4b:0b:a6:00:
de:25:54:15:04:65:a2:58:bb:b3:0d:5d:4e:90:c4:
1f:60:07:76:bf:95:04:81:f9:78:c1:ae:92:d2:07:
28:34:19:76:51:be:45:9d:3f:a3:8c:3b:ff:47:6f:
e6:11:48:8c:95:e6:54:14:57:38:9d:d2:fd:6e:ca:
1e:08:2d:20:c9:6c:87:c1:65:09:44:a4:d6:1a:fa:
ad:6d:3f:db:c5:41:20:0a:7c:bb:b7:49:95:a3:ab:
20:2b:76:37:9c:e3:bf:78:bc:89:ae:b3:19:06:5a:
89:9e:64:e7:22:5f:b2:fa:9b:f4:e2:93:81:f7:fe:
3d:c7:d4:09:bc:e3:60:ad:93:03:30:f2:8d:17:df:
ab:04:94:02:57:a9:61:a9:12:2e:d3:39:1b:a8:5e:
96:3b:a4:b6:a7:f9:fd:fc:d2:4a:0b:8c:aa:b5:47:
b4:4a:96:8b:9b:43:19:61:45:cc:53:89:62:da:de:
be:74:23:02:59:28:ea:68:98:23:28:8d:5f:3f:bd:
8b:63:87:c5:54:34:7c:1a:cb:21:a8:6e:e0:e6:87:
3c:a9:2d:a8:5a:53:d9:b9:e0:41:bf:55:75:e7:b6:
6b:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:AA:5A:1A:A9:02:30:AF:34:1A:98:C2:A6:0E:19:FE:0D:09:6D:60
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/lqpaGqkCMK80GpjCpg4Z_g0JbWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:af:2f:8e:b3:c8:1a:17:66:09:cc:1b:96:5d:d1:ae:ae:5d:
a3:6e:15:08:44:5a:0d:0d:4d:97:d6:60:d3:62:46:d3:cd:e5:
4a:99:a7:06:aa:4a:92:17:c2:d2:15:e0:d1:ae:f3:de:3f:95:
95:4d:b9:a9:fc:5a:09:e2:c3:83:a3:e5:86:19:48:2f:9c:5c:
91:1f:4b:a8:7c:ee:19:99:90:2b:1e:50:f5:ea:48:df:b6:7f:
b2:54:2a:c0:64:e8:b7:5b:9c:6b:6b:b0:8b:7b:93:ec:84:53:
2b:1f:a3:be:13:d0:ff:c8:2e:d2:81:0b:cf:2f:71:13:24:f9:
a2:af:6c:ef:2b:cc:f6:6b:7f:f2:6d:c2:f5:89:ad:9c:d9:a3:
f1:60:23:09:b5:05:70:9c:5d:ce:00:c7:80:4c:5d:a4:6d:f3:
f5:fa:e3:33:a1:2b:b9:58:e4:38:c6:52:ac:b9:75:31:8b:97:
5e:21:06:35:67:80:5b:0d:d5:6d:ec:35:b9:7d:7a:c4:3f:15:
48:24:d5:28:fa:3f:1f:ea:1a:8d:a5:ea:18:f8:ec:91:7b:7d:
98:95:48:9d:4d:fe:95:3b:e5:a7:3d:71:2b:f4:4d:e2:ed:43:
28:1c:60:15:1e:69:c3:3a:29:a1:c8:7c:e3:06:97:a0:d2:3d:
fd:c7:9c:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsyudv/710os6iQd65CodKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmFhNWExYWE5MDIzMGFmMzQxYTk4YzJhNjBlMTlmZTBkMDk2ZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhvgBOh8nCaOFXqwT0lX+XvTqcL+y
LCk1hksLpgDeJVQVBGWiWLuzDV1OkMQfYAd2v5UEgfl4wa6S0gcoNBl2Ub5FnT+j
jDv/R2/mEUiMleZUFFc4ndL9bsoeCC0gyWyHwWUJRKTWGvqtbT/bxUEgCny7t0mV
o6sgK3Y3nOO/eLyJrrMZBlqJnmTnIl+y+pv04pOB9/49x9QJvONgrZMDMPKNF9+r
BJQCV6lhqRIu0zkbqF6WO6S2p/n9/NJKC4yqtUe0SpaLm0MZYUXMU4li2t6+dCMC
WSjqaJgjKI1fP72LY4fFVDR8GsshqG7g5oc8qS2oWlPZueBBv1V157ZrlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJaqWhqpAjCvNBqYwqYOGf4NCW1gMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbHFwYUdxa0NNSzgwR3BqQ3BnNFpfZzBKYldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHnaMA0G
CSqGSIb3DQEBCwUAA4IBAQCdry+Os8gaF2YJzBuWXdGurl2jbhUIRFoNDU2X1mDT
YkbTzeVKmacGqkqSF8LSFeDRrvPeP5WVTbmp/FoJ4sODo+WGGUgvnFyRH0uofO4Z
mZArHlD16kjftn+yVCrAZOi3W5xra7CLe5PshFMrH6O+E9D/yC7SgQvPL3ETJPmi
r2zvK8z2a3/ybcL1ia2c2aPxYCMJtQVwnF3OAMeATF2kbfP1+uMzoSu5WOQ4xlKs
uXUxi5deIQY1Z4BbDdVt7DW5fXrEPxVIJNUo+j8f6hqNpeoY+OyRe32YlUidTf6V
O+WnPXEr9E3i7UMoHGAVHmnDOimhyHzjBpeg0j39x5zy
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:00:41 2025 by rpki-client