Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/Lz09CN5n07CioJVlkS1QyN5R4s4.roa
File: Lz09CN5n07CioJVlkS1QyN5R4s4.roa (raw, json)
Hash identifier: mMvImc5g+HnjIFURgZzBtYrq+cpYueuV5gDDJqDfx1k=
Subject key identifier: 2F:3D:3D:08:DE:67:D3:B0:A2:A0:95:65:91:2D:50:C8:DE:51:E2:CE
Certificate issuer: /CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Certificate serial: 1A0B5202
Authority key identifier: 01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/Lz09CN5n07CioJVlkS1QyN5R4s4.roa
Signing time: Sat 01 Jan 2022 15:05:01 +0000
ROA not before: Sat 01 Jan 2022 15:05:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202213
IP address blocks: 193.108.111.0/24 maxlen: 24
193.108.110.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 436949506 (0x1a0b5202)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01c4b784d8166e8bd0f47d720fde5faec1645b34
Validity
Not Before: Jan 1 15:05:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f3d3d08de67d3b0a2a09565912d50c8de51e2ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:68:1b:7d:4f:aa:22:b5:6b:a4:93:de:d6:8f:
d0:25:cf:6a:25:82:7f:0b:b1:39:c3:5c:19:c2:89:
6b:74:5e:aa:4f:f5:c8:a7:a3:28:cd:95:dc:20:78:
76:40:67:11:f2:56:67:ce:20:23:71:cc:7d:b1:4c:
46:30:58:ad:39:56:93:f1:1a:a0:90:7e:ac:3c:de:
af:49:1c:7a:c6:4b:f8:a9:70:ce:bb:8a:5c:40:77:
cc:ca:d7:83:f2:03:d1:7a:ac:d0:f2:da:e6:24:d2:
47:34:da:ae:98:5b:8a:cd:b4:f3:dc:ec:7c:30:53:
1e:dd:b7:56:b9:62:b2:f6:8b:14:c3:c1:f8:94:25:
d7:0d:f2:da:03:47:67:98:95:c3:d7:4b:01:d7:ee:
f1:c7:7e:41:c2:ba:b0:e7:68:ab:83:a7:ff:26:7c:
26:dc:40:e0:da:ff:6c:06:f2:98:0d:14:50:ef:96:
c8:40:4e:7d:5c:39:2b:a7:1b:96:e3:99:ce:41:81:
77:8f:13:50:15:4d:f1:39:b5:d6:66:36:d3:68:14:
1b:6e:fd:53:28:dd:7a:cb:1f:14:9b:5d:57:ae:fb:
16:60:77:b8:64:2b:a2:99:07:74:ce:7d:6b:92:66:
25:40:2d:ac:dc:4b:c2:75:85:1b:1b:81:7f:85:ea:
63:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3D:3D:08:DE:67:D3:B0:A2:A0:95:65:91:2D:50:C8:DE:51:E2:CE
X509v3 Authority Key Identifier:
keyid:01:C4:B7:84:D8:16:6E:8B:D0:F4:7D:72:0F:DE:5F:AE:C1:64:5B:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AcS3hNgWbovQ9H1yD95frsFkWzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/Lz09CN5n07CioJVlkS1QyN5R4s4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/f2b840-2c85-465b-8b93-5b5beb10513b/1/AcS3hNgWbovQ9H1yD95frsFkWzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.110.0/23
Signature Algorithm: sha256WithRSAEncryption
69:7e:b1:b0:38:e0:cd:84:fe:8f:8f:eb:67:18:cd:20:22:99:
c6:57:52:83:92:81:c3:cb:14:6c:5a:29:27:cb:29:65:83:a8:
7e:ed:fc:b0:8d:61:d2:1c:27:26:76:bc:92:21:54:7a:da:91:
03:5a:49:99:56:0a:47:ed:0a:b8:38:86:cc:79:11:f9:d3:a6:
7b:92:ba:9c:82:fd:3a:61:2e:06:b4:46:37:19:3e:cf:b8:31:
32:80:0c:45:24:b0:d9:41:0e:6f:03:d7:db:ce:1d:e3:7d:db:
4f:81:c2:be:12:64:cf:3f:a3:00:86:ba:71:79:12:06:01:42:
19:6d:77:21:91:88:a1:e4:55:29:91:44:ef:68:37:4a:05:ce:
a1:67:7e:d9:c3:fd:86:bd:6c:e9:41:06:19:aa:ab:32:9b:e8:
ea:8b:a7:28:db:f5:2b:79:71:51:3f:95:16:e4:90:c8:28:d3:
52:0a:50:dc:46:d7:ff:78:be:56:75:48:43:9c:c2:df:8c:c1:
8d:04:1e:d8:24:b1:85:58:f6:e4:8d:84:70:7e:26:d1:14:3e:
81:27:44:1c:ac:e4:17:b1:5e:53:26:b0:c8:0d:84:5b:e6:14:
4d:81:33:d1:93:7a:8f:ac:e6:ba:81:91:e5:fd:2e:f9:d6:af:
8c:f7:02:d4
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEGgtSAjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MWM0Yjc4NGQ4MTY2ZThiZDBmNDdkNzIwZmRlNWZhZWMxNjQ1YjM0MB4XDTIyMDEw
MTE1MDUwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmYzZDNkMDhkZTY3
ZDNiMGEyYTA5NTY1OTEyZDUwYzhkZTUxZTJjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRoG31PqiK1a6ST3taP0CXPaiWCfwuxOcNcGcKJa3Reqk/1
yKejKM2V3CB4dkBnEfJWZ84gI3HMfbFMRjBYrTlWk/EaoJB+rDzer0kcesZL+Klw
zruKXEB3zMrXg/ID0Xqs0PLa5iTSRzTarphbis2089zsfDBTHt23VrlisvaLFMPB
+JQl1w3y2gNHZ5iVw9dLAdfu8cd+QcK6sOdoq4On/yZ8JtxA4Nr/bAbymA0UUO+W
yEBOfVw5K6cbluOZzkGBd48TUBVN8Tm11mY202gUG279UyjdessfFJtdV677FmB3
uGQropkHdM59a5JmJUAtrNxLwnWFGxuBf4XqY/cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQvPT0I3mfTsKKglWWRLVDI3lHizjAfBgNVHSMEGDAWgBQBxLeE2BZui9D0
fXIP3l+uwWRbNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FjUzNoTmdXYm92UTlIMXlEOTVmcnNGa1d6US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvZjJiODQwLTJjODUtNDY1Yi04YjkzLTViNWJlYjEwNTEzYi8x
L0x6MDlDTjVuMDdDaW9KVmxrUzFReU41UjRzNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
ZjJiODQwLTJjODUtNDY1Yi04YjkzLTViNWJlYjEwNTEzYi8xL0FjUzNoTmdXYm92
UTlIMXlEOTVmcnNGa1d6US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAcFsbjANBgkqhkiG9w0BAQsFAAOC
AQEAaX6xsDjgzYT+j4/rZxjNICKZxldSg5KBw8sUbFopJ8spZYOofu38sI1h0hwn
Jna8kiFUetqRA1pJmVYKR+0KuDiGzHkR+dOme5K6nIL9OmEuBrRGNxk+z7gxMoAM
RSSw2UEObwPX284d433bT4HCvhJkzz+jAIa6cXkSBgFCGW13IZGIoeRVKZFE72g3
SgXOoWd+2cP9hr1s6UEGGaqrMpvo6ounKNv1K3lxUT+VFuSQyCjTUgpQ3EbX/3i+
VnVIQ5zC34zBjQQe2CSxhVj25I2EcH4m0RQ+gSdEHKzkF7FeUyawyA2EW+YUTYEz
0ZN6j6zmuoGR5f0u+davjPcC1A==
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:54:24 2025 by rpki-client