Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/DN0SggJRHBoPEX_pWVmLaummzbc.roa
File: DN0SggJRHBoPEX_pWVmLaummzbc.roa (raw, json)
Hash identifier: bdefmgqT6Zl8YvCL7Is1SWFXUfKM2TExuVk2SHT6//E=
Subject key identifier: 0C:DD:12:82:02:51:1C:1A:0F:11:7F:E9:59:59:8B:6A:E9:A6:CD:B7
Certificate issuer: /CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Certificate serial: 01856E2FBEA7926A3939AEE6B6F7AAFD272A
Authority key identifier: 96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/DN0SggJRHBoPEX_pWVmLaummzbc.roa
Signing time: Sun 01 Jan 2023 16:35:00 +0000
ROA not before: Sun 01 Jan 2023 16:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59885
IP address blocks: 185.152.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:2f:be:a7:92:6a:39:39:ae:e6:b6:f7:aa:fd:27:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Validity
Not Before: Jan 1 16:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0cdd128202511c1a0f117fe959598b6ae9a6cdb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6a:c0:c7:e2:33:13:ba:fa:88:38:33:0a:31:
ef:84:aa:9f:71:f4:75:fd:ce:34:72:e2:f1:63:7b:
ea:9d:22:d3:9a:13:52:82:c7:26:a5:22:0f:76:f0:
11:c3:b8:1b:e8:76:7f:ff:75:9c:ee:d4:b6:1d:bb:
52:93:21:b1:27:28:e4:32:5e:e9:e0:ed:80:72:5b:
74:52:35:e2:d7:42:90:f4:93:6d:a4:b0:7d:5d:01:
55:04:48:82:5a:09:1e:df:90:2b:db:c2:a2:0e:96:
47:f9:e0:a1:ef:60:3d:ee:f6:2d:b7:01:02:10:fa:
00:c1:03:41:65:f6:e0:07:d2:db:a4:16:a0:b8:c0:
21:32:cb:6d:c1:27:e1:a9:ad:fa:6a:b5:bd:2e:41:
41:bf:d9:5e:a4:51:e4:1d:85:a5:66:87:d7:92:8e:
6c:b0:69:3b:3a:64:d5:b5:26:61:4c:37:c9:4f:fb:
05:bc:39:13:ef:ad:87:ba:a5:4b:e8:af:32:d7:25:
b6:59:a0:9a:0a:8a:02:f7:3b:48:46:5f:20:32:72:
c9:4f:86:36:69:84:7f:0f:8d:fa:da:3d:d6:53:2b:
79:8d:d2:9f:ca:52:9c:8a:7b:de:1e:19:d0:53:44:
c4:42:68:f0:bb:66:10:af:33:be:c9:21:30:87:f0:
26:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DD:12:82:02:51:1C:1A:0F:11:7F:E9:59:59:8B:6A:E9:A6:CD:B7
X509v3 Authority Key Identifier:
keyid:96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/DN0SggJRHBoPEX_pWVmLaummzbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.111.0/24
Signature Algorithm: sha256WithRSAEncryption
38:a3:08:02:ff:17:e6:83:33:33:7c:37:5e:e5:65:1a:22:d9:
59:32:f3:d3:b5:2b:12:96:f6:e2:1c:73:7a:65:1c:5d:20:b4:
da:14:82:d5:75:ba:cc:d0:29:df:b9:76:c4:0f:ba:26:da:09:
2a:ca:cb:a7:96:1f:38:39:6f:d7:1c:b0:1c:c1:ce:c2:6c:5e:
e3:ca:08:76:4b:ee:66:0d:f3:1b:21:4f:ac:5f:26:6a:ca:67:
48:ab:30:e3:2e:46:1c:05:8a:9c:93:8a:f3:9e:c9:91:3f:de:
37:c6:41:41:26:17:48:c6:f4:71:85:2e:86:0a:e1:61:d0:63:
fe:59:7e:1c:61:d1:d9:83:85:9c:22:98:17:a3:92:df:b4:26:
fd:12:a9:09:48:78:94:70:54:55:a3:82:a3:76:23:a8:e2:6b:
46:80:dd:d7:67:8d:a5:9f:65:4a:88:ee:80:b9:4b:c3:01:80:
61:b9:a1:19:b5:19:2a:ad:a7:40:75:e1:56:d5:7b:fa:99:42:
21:c0:eb:a4:d8:fe:1c:80:8d:41:aa:d0:c9:5e:69:da:2a:b9:
85:7d:88:ef:e7:d5:98:1e:36:66:c0:28:a7:b4:c9:8e:9b:52:
7f:fc:df:62:3f:50:12:ff:9e:18:9f:5c:93:11:61:76:10:82:
7d:37:ff:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuL76nkmo5Oa7mtveq/ScqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZjcxYjIyNzNhYjM0ZWQ0YTU0ODExNzZlZjcwZmFkODY3
ZWYxNjYwHhcNMjMwMTAxMTYzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RkMTI4MjAyNTExYzFhMGYxMTdmZTk1OTU5OGI2YWU5YTZjZGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGrAx+IzE7r6iDgzCjHvhKqfcfR1
/c40cuLxY3vqnSLTmhNSgscmpSIPdvARw7gb6HZ//3Wc7tS2HbtSkyGxJyjkMl7p
4O2Aclt0UjXi10KQ9JNtpLB9XQFVBEiCWgke35Ar28KiDpZH+eCh72A97vYttwEC
EPoAwQNBZfbgB9LbpBaguMAhMsttwSfhqa36arW9LkFBv9lepFHkHYWlZofXko5s
sGk7OmTVtSZhTDfJT/sFvDkT762HuqVL6K8y1yW2WaCaCooC9ztIRl8gMnLJT4Y2
aYR/D4362j3WUyt5jdKfylKcinveHhnQU0TEQmjwu2YQrzO+ySEwh/AmtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAzdEoICURwaDxF/6VlZi2rpps23MB8GA1UdIwQY
MBaAFJb3GyJzqzTtSlSBF273D62GfvFmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAt
NDY5MzVmY2M4NTVlLzEvRE4wU2dnSlJIQm9QRVhfcFdWbUxhdW1temJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wN2FlOWUtM2QwNC00NWI2LTlkYjAtNDY5MzVmY2M4NTVl
LzEvbHZjYkluT3JOTzFLVklFWGJ2Y1ByWVotOFdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZhvMA0G
CSqGSIb3DQEBCwUAA4IBAQA4owgC/xfmgzMzfDde5WUaItlZMvPTtSsSlvbiHHN6
ZRxdILTaFILVdbrM0CnfuXbED7om2gkqysunlh84OW/XHLAcwc7CbF7jygh2S+5m
DfMbIU+sXyZqymdIqzDjLkYcBYqck4rznsmRP943xkFBJhdIxvRxhS6GCuFh0GP+
WX4cYdHZg4WcIpgXo5LftCb9EqkJSHiUcFRVo4KjdiOo4mtGgN3XZ42ln2VKiO6A
uUvDAYBhuaEZtRkqradAdeFW1Xv6mUIhwOuk2P4cgI1BqtDJXmnaKrmFfYjv59WY
HjZmwCintMmOm1J//N9iP1AS/54Yn1yTEWF2EIJ9N/8C
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:30:15 2025 by rpki-client