Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rLgzVDLujHMS-GRlvjKzrSeMVZ4.roa
File: rLgzVDLujHMS-GRlvjKzrSeMVZ4.roa (raw, json)
Hash identifier: Zqiygv1dyTwl1+5SoLKe3sYCo3QyWiCXpLh0eUiOFyc=
Subject key identifier: AC:B8:33:54:32:EE:8C:73:12:F8:64:65:BE:32:B3:AD:27:8C:55:9E
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCACA1D7E29305A5E1B0CD8F409EE25
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rLgzVDLujHMS-GRlvjKzrSeMVZ4.roa
Signing time: Sun 01 Jan 2023 10:05:07 +0000
ROA not before: Sun 01 Jan 2023 10:05:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1882
IP address blocks: 192.36.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:ca:1d:7e:29:30:5a:5e:1b:0c:d8:f4:09:ee:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acb8335432ee8c7312f86465be32b3ad278c559e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5d:d3:0b:30:52:a3:58:e9:b9:5a:69:d2:31:
24:96:87:77:36:a2:06:15:af:ee:2e:d8:93:33:24:
3a:16:a8:65:fd:ca:19:95:32:ed:3f:7d:90:6e:ed:
85:cf:4c:2f:5e:52:d8:8b:96:ac:71:e5:b3:c7:52:
8c:50:a4:b3:81:79:fd:65:a8:f1:d6:e6:97:72:5e:
b7:d8:f8:a7:73:17:55:39:be:0f:9f:96:d0:6f:39:
cc:4f:b0:0a:1d:19:02:ba:5e:9e:f7:41:49:fb:9a:
27:c7:75:d8:c3:00:f6:cf:e0:2b:e8:26:f9:a9:57:
9a:b5:56:47:68:20:89:91:ba:bb:8c:fb:cd:24:26:
93:20:ba:43:7f:67:cf:cd:2c:02:20:06:d8:7e:45:
06:c9:f0:6e:8b:3a:17:31:75:5d:58:4c:ab:e1:e6:
aa:8b:4a:ac:bf:74:41:8a:d4:dc:d9:6e:f7:36:1b:
22:c7:88:17:e4:74:0a:4a:19:b7:f3:a4:34:37:b6:
c7:0d:19:62:19:d5:d5:21:cb:16:7c:89:d6:14:d7:
94:2b:fa:8a:2b:cd:f3:e0:83:7f:94:1b:a5:df:05:
52:5c:ff:92:7b:8b:a7:b5:14:7b:0c:e8:52:75:4c:
fd:5e:19:f7:6c:da:18:fd:4d:d4:ba:ed:a5:f6:f3:
d3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:B8:33:54:32:EE:8C:73:12:F8:64:65:BE:32:B3:AD:27:8C:55:9E
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/rLgzVDLujHMS-GRlvjKzrSeMVZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.42.0/24
Signature Algorithm: sha256WithRSAEncryption
26:6b:3a:97:5f:f4:6b:e3:70:89:f3:b0:47:7c:4f:41:1e:dc:
d7:d1:b3:b7:85:00:85:44:83:87:44:92:6e:10:2c:be:5f:33:
81:8b:d3:bd:e0:ec:9a:ce:de:dc:b4:fe:a5:9e:4a:a4:aa:1d:
1b:16:cf:0d:cb:f8:f7:19:42:b7:70:f1:a6:69:5e:b8:04:2b:
d6:5b:47:11:9a:61:2c:c0:e9:b6:b6:12:27:9b:a8:53:21:ab:
51:72:72:f0:b4:b6:8c:ac:9c:82:2f:be:03:bb:38:cb:ff:d6:
3f:0c:94:ae:31:6a:53:87:d4:ce:f6:fd:0f:3f:52:9b:b1:ab:
99:f7:c4:f9:7e:0b:45:a1:f4:da:72:26:3c:e2:c4:de:29:49:
cd:f8:07:54:09:23:d8:7a:5e:c0:a7:74:2e:bb:23:c7:5c:73:
bf:4d:34:8c:cd:f9:81:5e:c1:2a:93:04:15:a0:3b:0d:7c:39:
bc:d7:b1:b1:00:c3:99:75:9d:47:b8:15:2d:6e:ab:4b:d4:44:
9e:e4:8f:ce:9b:c9:0b:0b:ea:39:2b:27:6b:f2:b6:8a:50:22:
5d:b4:b1:97:96:c3:04:e5:46:3c:15:5f:11:60:d8:97:35:d4:
f5:a2:1d:83:80:f3:ca:05:81:94:96:85:f7:55:0d:cb:ec:30:
2f:a4:64:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsysodfikwWl4bDNj0Ce4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2I4MzM1NDMyZWU4YzczMTJmODY0NjViZTMyYjNhZDI3OGM1NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkF3TCzBSo1jpuVpp0jEklod3NqIG
Fa/uLtiTMyQ6Fqhl/coZlTLtP32Qbu2Fz0wvXlLYi5asceWzx1KMUKSzgXn9Zajx
1uaXcl632PincxdVOb4Pn5bQbznMT7AKHRkCul6e90FJ+5onx3XYwwD2z+Ar6Cb5
qVeatVZHaCCJkbq7jPvNJCaTILpDf2fPzSwCIAbYfkUGyfBuizoXMXVdWEyr4eaq
i0qsv3RBitTc2W73Nhsix4gX5HQKShm386Q0N7bHDRliGdXVIcsWfInWFNeUK/qK
K83z4IN/lBul3wVSXP+Se4untRR7DOhSdUz9Xhn3bNoY/U3Uuu2l9vPTyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKy4M1Qy7oxzEvhkZb4ys60njFWeMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvckxnelZETHVqSE1TLUdSbHZqS3pyU2VNVlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCQqMA0G
CSqGSIb3DQEBCwUAA4IBAQAmazqXX/Rr43CJ87BHfE9BHtzX0bO3hQCFRIOHRJJu
ECy+XzOBi9O94Oyazt7ctP6lnkqkqh0bFs8Ny/j3GUK3cPGmaV64BCvWW0cRmmEs
wOm2thInm6hTIatRcnLwtLaMrJyCL74DuzjL/9Y/DJSuMWpTh9TO9v0PP1KbsauZ
98T5fgtFofTaciY84sTeKUnN+AdUCSPYel7Ap3QuuyPHXHO/TTSMzfmBXsEqkwQV
oDsNfDm817GxAMOZdZ1HuBUtbqtL1ESe5I/Om8kLC+o5Kydr8raKUCJdtLGXlsME
5UY8FV8RYNiXNdT1oh2DgPPKBYGUloX3VQ3L7DAvpGSA
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:45:21 2025 by rpki-client