Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/lMZJqEcrvK2CsyP83oBqAN5VZk8.roa
File: lMZJqEcrvK2CsyP83oBqAN5VZk8.roa (raw, json)
Hash identifier: H1rR+Hteo0aIJrexhinORbUy7FBmaezSoS6zs5NuVNM=
Subject key identifier: 94:C6:49:A8:47:2B:BC:AD:82:B3:23:FC:DE:80:6A:00:DE:55:66:4F
Certificate issuer: /CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Certificate serial: 01856EA6C0F6F6DE5642C849040679F48921
Authority key identifier: 2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/lMZJqEcrvK2CsyP83oBqAN5VZk8.roa
Signing time: Sun 01 Jan 2023 18:45:00 +0000
ROA not before: Sun 01 Jan 2023 18:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211254
IP address blocks: 78.159.80.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:a6:c0:f6:f6:de:56:42:c8:49:04:06:79:f4:89:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c3963ba2aae5abd38a6eed09da985611f1b5021
Validity
Not Before: Jan 1 18:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94c649a8472bbcad82b323fcde806a00de55664f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ab:b5:28:1d:ed:c5:17:4d:56:dc:2a:8c:e6:
46:fc:e3:60:cb:b2:4d:ab:ac:8b:95:ac:0c:5b:9e:
f9:5f:92:4a:54:f1:46:90:18:57:04:ab:88:6e:55:
b0:7e:0c:e9:13:4e:5a:ed:42:20:44:c3:21:65:85:
c6:1a:db:14:30:97:ff:1d:2c:c9:b4:5c:43:51:02:
73:7f:e2:2c:44:21:90:71:45:3b:f2:d8:b0:47:d4:
5c:91:33:56:ce:bb:50:aa:0e:cc:1c:a6:d7:06:c0:
bf:19:09:82:d1:4b:54:07:3b:03:a4:3d:58:91:59:
2b:9c:fa:2c:4a:14:87:08:81:1c:c0:e8:89:fe:ed:
ef:92:7d:ce:d7:d2:16:20:34:cc:81:40:e2:d5:db:
b1:73:63:68:8a:fa:55:54:fc:44:43:3c:f2:4c:04:
34:ac:7f:ba:c6:0c:2a:d7:d4:0e:ad:53:15:e5:bd:
1e:74:bc:af:3f:50:4b:53:e1:a0:55:0d:61:1d:a1:
12:50:c4:9b:6e:9d:21:2e:b0:0a:69:39:81:7a:0c:
8d:26:e7:7a:10:99:3b:e2:a7:61:4d:5d:d7:90:a2:
cd:58:a0:56:b4:65:ac:dc:64:cd:9d:1a:f7:0b:b9:
da:7f:b6:2d:10:f3:87:bd:56:b5:d6:ad:16:98:78:
bb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:C6:49:A8:47:2B:BC:AD:82:B3:23:FC:DE:80:6A:00:DE:55:66:4F
X509v3 Authority Key Identifier:
keyid:2C:39:63:BA:2A:AE:5A:BD:38:A6:EE:D0:9D:A9:85:61:1F:1B:50:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LDljuiquWr04pu7QnamFYR8bUCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/lMZJqEcrvK2CsyP83oBqAN5VZk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/381ecc-9d75-41ba-85f6-17693e7ea67a/1/LDljuiquWr04pu7QnamFYR8bUCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.80.0/24
Signature Algorithm: sha256WithRSAEncryption
52:7a:d6:36:9b:64:11:b3:8c:1f:de:f1:85:34:42:42:44:72:
b3:de:92:2b:c8:a8:11:33:60:0a:81:24:2c:ed:f1:23:19:1c:
64:ee:7d:3a:ce:63:4c:ae:ec:8a:b0:11:75:f5:58:03:d5:b7:
0d:79:5b:14:58:87:b1:65:91:79:00:24:c3:66:ad:73:cc:ad:
b2:1a:df:ab:c1:91:ac:3e:55:a8:68:21:63:60:ec:bb:17:bb:
f0:28:3c:10:d6:d3:b6:af:ac:21:a6:fa:ca:37:9e:15:fb:41:
82:ee:fd:f5:2d:5b:07:aa:d8:6f:95:00:e4:e8:ef:92:98:3a:
c4:87:07:cb:f2:32:51:57:bb:de:8c:7f:b1:94:8c:ab:1e:28:
2d:49:3a:b1:57:f0:89:e1:d3:57:e7:65:03:28:30:7d:34:8c:
07:fe:9d:71:7b:86:05:d0:26:bf:b7:60:5e:ff:19:bf:99:7b:
84:6a:17:36:a4:a8:fd:94:6a:2e:db:85:b0:5a:e8:76:9a:0a:
6e:0d:2a:dd:f3:9d:8c:76:ca:74:12:7c:13:94:72:e6:8d:2c:
22:38:c9:01:6c:95:02:70:97:ac:56:b3:03:7c:bf:0c:98:15:
a1:28:64:7d:75:77:ca:15:f7:41:77:38:d8:09:6c:38:f2:cf:
3d:4b:7e:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVupsD29t5WQshJBAZ59IkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjMzk2M2JhMmFhZTVhYmQzOGE2ZWVkMDlkYTk4NTYxMWYx
YjUwMjEwHhcNMjMwMTAxMTg0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGM2NDlhODQ3MmJiY2FkODJiMzIzZmNkZTgwNmEwMGRlNTU2NjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApqu1KB3txRdNVtwqjOZG/ONgy7JN
q6yLlawMW575X5JKVPFGkBhXBKuIblWwfgzpE05a7UIgRMMhZYXGGtsUMJf/HSzJ
tFxDUQJzf+IsRCGQcUU78tiwR9RckTNWzrtQqg7MHKbXBsC/GQmC0UtUBzsDpD1Y
kVkrnPosShSHCIEcwOiJ/u3vkn3O19IWIDTMgUDi1duxc2NoivpVVPxEQzzyTAQ0
rH+6xgwq19QOrVMV5b0edLyvP1BLU+GgVQ1hHaESUMSbbp0hLrAKaTmBegyNJud6
EJk74qdhTV3XkKLNWKBWtGWs3GTNnRr3C7naf7YtEPOHvVa11q0WmHi74QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJTGSahHK7ytgrMj/N6AagDeVWZPMB8GA1UdIwQY
MBaAFCw5Y7oqrlq9OKbu0J2phWEfG1AhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYt
MTc2OTNlN2VhNjdhLzEvbE1aSnFFY3J2SzJDc3lQODNvQnFBTjVWWms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8zODFlY2MtOWQ3NS00MWJhLTg1ZjYtMTc2OTNlN2VhNjdh
LzEvTERsanVpcXVXcjA0cHU3UW5hbUZZUjhiVUNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATp9QMA0G
CSqGSIb3DQEBCwUAA4IBAQBSetY2m2QRs4wf3vGFNEJCRHKz3pIryKgRM2AKgSQs
7fEjGRxk7n06zmNMruyKsBF19VgD1bcNeVsUWIexZZF5ACTDZq1zzK2yGt+rwZGs
PlWoaCFjYOy7F7vwKDwQ1tO2r6whpvrKN54V+0GC7v31LVsHqthvlQDk6O+SmDrE
hwfL8jJRV7vejH+xlIyrHigtSTqxV/CJ4dNX52UDKDB9NIwH/p1xe4YF0Ca/t2Be
/xm/mXuEahc2pKj9lGou24WwWuh2mgpuDSrd852Mdsp0EnwTlHLmjSwiOMkBbJUC
cJesVrMDfL8MmBWhKGR9dXfKFfdBdzjYCWw48s89S34t
-----END CERTIFICATE-----
Generated at Wed Apr 23 13:07:34 2025 by rpki-client