Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/LpRX1TjBY-1TWHZdoLjBpZhFpog.roa
File: LpRX1TjBY-1TWHZdoLjBpZhFpog.roa (raw, json)
Hash identifier: BWV5IXQGfe1W85fZV9c8E/c38K4H/+E+1XEa4+xs08Q=
Subject key identifier: 2E:94:57:D5:38:C1:63:ED:53:58:76:5D:A0:B8:C1:A5:98:45:A6:88
Certificate issuer: /CN=91045c57996c9a3c9e6277a4326b1183215d5b6a
Certificate serial: 01856D53DC28773928AA2D434D5416D8FCAC
Authority key identifier: 91:04:5C:57:99:6C:9A:3C:9E:62:77:A4:32:6B:11:83:21:5D:5B:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kQRcV5lsmjyeYnekMmsRgyFdW2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/LpRX1TjBY-1TWHZdoLjBpZhFpog.roa
Signing time: Sun 01 Jan 2023 12:34:50 +0000
ROA not before: Sun 01 Jan 2023 12:34:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15822
IP address blocks: 194.176.112.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:dc:28:77:39:28:aa:2d:43:4d:54:16:d8:fc:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91045c57996c9a3c9e6277a4326b1183215d5b6a
Validity
Not Before: Jan 1 12:34:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e9457d538c163ed5358765da0b8c1a59845a688
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:af:e3:bb:97:6f:1e:f9:98:0e:91:a6:5e:
33:39:c6:5e:11:c4:86:61:4b:70:bf:4d:f9:4a:e5:
85:00:04:6b:8c:89:db:ed:7e:27:23:70:7a:98:5f:
8e:76:f6:e7:fc:c5:3f:60:c0:5d:3f:be:e9:bd:cc:
46:85:79:a5:d2:d4:15:89:de:b7:53:85:f2:d5:6b:
a3:1e:49:44:70:1e:c7:f9:b0:1a:f7:40:4c:6f:48:
7b:3a:59:15:5a:41:4c:76:d1:94:15:0d:b8:f2:a3:
07:b8:62:5e:cd:4b:f3:a9:09:cd:ba:89:0d:8d:3e:
f8:70:36:27:30:c8:bf:bf:56:7f:e6:f5:51:58:e8:
8d:02:16:e2:3d:0d:8f:c0:e9:bf:b7:ed:55:9d:ff:
b3:ef:55:72:56:65:89:a4:e1:45:a6:a8:8c:00:41:
74:5f:06:45:a5:8c:dd:d8:21:af:d1:65:a0:15:ef:
5f:a0:40:62:cd:60:07:a0:7f:4c:e4:dd:18:98:d5:
99:76:fc:42:d4:32:7c:b8:13:96:de:f4:97:67:cd:
16:9e:cf:3f:b3:5f:59:1a:8e:ac:cc:d2:dc:d2:93:
d1:13:41:26:9f:db:b2:bb:59:0a:00:83:48:d4:45:
a1:2e:c9:47:f3:a7:81:88:4c:02:ea:c7:df:c7:e9:
a0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:94:57:D5:38:C1:63:ED:53:58:76:5D:A0:B8:C1:A5:98:45:A6:88
X509v3 Authority Key Identifier:
keyid:91:04:5C:57:99:6C:9A:3C:9E:62:77:A4:32:6B:11:83:21:5D:5B:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kQRcV5lsmjyeYnekMmsRgyFdW2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/LpRX1TjBY-1TWHZdoLjBpZhFpog.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/5fa681-2566-40ee-9f04-5df44295b4c9/1/kQRcV5lsmjyeYnekMmsRgyFdW2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.112.0/24
Signature Algorithm: sha256WithRSAEncryption
39:93:c9:2f:b0:18:93:29:64:f6:b6:2b:ad:00:6a:e9:ca:77:
52:86:ac:08:81:d0:67:d3:ad:89:9a:bd:6f:c3:6f:60:5c:4d:
ef:a0:e3:5e:94:6d:ed:19:2b:48:58:d3:b0:43:d9:f9:13:56:
fb:a5:91:aa:ee:08:d5:cf:40:76:d7:73:5f:31:2e:ac:b4:37:
88:29:78:b8:8f:44:1b:3e:91:fb:66:a3:2e:1f:a7:fe:b0:0d:
95:81:eb:10:65:7f:88:fb:4e:a4:5a:18:56:4b:89:45:a4:b8:
9f:32:5e:e3:d9:c6:35:a8:0f:2f:56:c4:bd:67:42:cd:be:b3:
08:fe:14:6e:d2:f5:fc:e3:29:6f:4a:8e:80:82:bd:84:2c:8d:
27:9f:12:1c:65:fd:f5:4f:03:3a:c0:7c:85:e5:27:0d:5a:0f:
60:e9:e5:9f:be:9f:d3:50:3a:a7:0a:4c:d6:fb:08:b1:b2:1d:
91:e1:2d:52:79:ee:0f:2f:ac:13:64:b8:64:2b:a3:b4:1a:c3:
83:44:98:a1:e3:d4:59:bc:33:4a:2b:f6:29:6d:98:65:aa:d3:
9c:9f:7b:c1:df:cc:db:a1:1d:08:39:60:5e:10:08:00:46:27:
b9:28:29:e9:b9:0d:9f:cc:f0:41:de:53:d2:7d:23:64:ba:ae:
ab:d6:55:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtU9wodzkoqi1DTVQW2PysMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMDQ1YzU3OTk2YzlhM2M5ZTYyNzdhNDMyNmIxMTgzMjE1
ZDViNmEwHhcNMjMwMTAxMTIzNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTk0NTdkNTM4YzE2M2VkNTM1ODc2NWRhMGI4YzFhNTk4NDVhNjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruqv47uXbx75mA6Rpl4zOcZeEcSG
YUtwv035SuWFAARrjInb7X4nI3B6mF+Odvbn/MU/YMBdP77pvcxGhXml0tQVid63
U4Xy1WujHklEcB7H+bAa90BMb0h7OlkVWkFMdtGUFQ248qMHuGJezUvzqQnNuokN
jT74cDYnMMi/v1Z/5vVRWOiNAhbiPQ2PwOm/t+1Vnf+z71VyVmWJpOFFpqiMAEF0
XwZFpYzd2CGv0WWgFe9foEBizWAHoH9M5N0YmNWZdvxC1DJ8uBOW3vSXZ80Wns8/
s19ZGo6szNLc0pPRE0Emn9uyu1kKAINI1EWhLslH86eBiEwC6sffx+mgNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC6UV9U4wWPtU1h2XaC4waWYRaaIMB8GA1UdIwQY
MBaAFJEEXFeZbJo8nmJ3pDJrEYMhXVtqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1FSY1Y1bHNtanllWW5la01tc1JneUZkVzJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81ZmE2ODEtMjU2Ni00MGVlLTlmMDQt
NWRmNDQyOTViNGM5LzEvTHBSWDFUakJZLTFUV0haZG9MakJwWmhGcG9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81ZmE2ODEtMjU2Ni00MGVlLTlmMDQtNWRmNDQyOTViNGM5
LzEva1FSY1Y1bHNtanllWW5la01tc1JneUZkVzJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrBwMA0G
CSqGSIb3DQEBCwUAA4IBAQA5k8kvsBiTKWT2tiutAGrpyndShqwIgdBn062Jmr1v
w29gXE3voONelG3tGStIWNOwQ9n5E1b7pZGq7gjVz0B213NfMS6stDeIKXi4j0Qb
PpH7ZqMuH6f+sA2VgesQZX+I+06kWhhWS4lFpLifMl7j2cY1qA8vVsS9Z0LNvrMI
/hRu0vX84ylvSo6Agr2ELI0nnxIcZf31TwM6wHyF5ScNWg9g6eWfvp/TUDqnCkzW
+wixsh2R4S1See4PL6wTZLhkK6O0GsODRJih49RZvDNKK/YpbZhlqtOcn3vB38zb
oR0IOWBeEAgARie5KCnpuQ2fzPBB3lPSfSNkuq6r1lXW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:52 2025 by rpki-client