Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7LZoosuvSNoSZrh0VsR5Mp73XSc.roa
File: 7LZoosuvSNoSZrh0VsR5Mp73XSc.roa (raw, json)
Hash identifier: 8cSVUzNbL7NhVo7wRgLryueUHYbONruvwkLtmA1oQ8Q=
Subject key identifier: EC:B6:68:A2:CB:AF:48:DA:12:66:B8:74:56:C4:79:32:9E:F7:5D:27
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 018262FDE759B0AA768DDCC3E34C3B8D06A3
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7LZoosuvSNoSZrh0VsR5Mp73XSc.roa
Signing time: Wed 03 Aug 2022 09:16:23 +0000
ROA not before: Wed 03 Aug 2022 09:16:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.92.40.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:62:fd:e7:59:b0:aa:76:8d:dc:c3:e3:4c:3b:8d:06:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Aug 3 09:16:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ecb668a2cbaf48da1266b87456c479329ef75d27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:41:52:a3:99:dd:67:8f:5e:b0:4d:8f:b0:68:
0a:6f:fe:21:fc:23:b1:23:1d:c6:0e:fa:8b:c2:d9:
f2:52:06:57:83:4d:a6:2a:38:64:61:c1:6c:ee:e4:
1a:4c:45:9b:5f:aa:3b:5c:e6:88:f1:d4:99:63:ce:
3b:68:97:4f:e2:ad:24:fa:68:ab:12:67:c6:65:16:
02:ec:7e:71:5a:b7:72:2a:22:bc:0f:6a:20:3b:1e:
ce:82:2a:a0:79:be:10:b4:46:7d:23:4b:d4:3c:79:
59:83:4e:ea:bb:80:e7:3c:7e:86:c9:85:62:0f:82:
d0:12:2e:9f:02:25:20:f4:ac:6b:74:1e:12:70:c4:
b2:3b:5f:78:b0:06:5e:e2:ab:f7:62:5a:19:df:76:
52:27:5e:30:2b:50:59:98:75:1a:82:55:ef:e2:6f:
16:44:f3:f8:5b:da:ab:37:ab:7d:c8:fe:08:92:be:
81:75:26:26:eb:b5:b2:75:09:80:24:e5:05:74:e1:
42:88:79:de:c1:f7:98:d5:28:5c:17:f4:62:3e:74:
ca:f7:37:f1:e1:63:7f:f5:dc:71:e3:16:f8:01:80:
51:83:56:08:48:7b:2b:cf:0b:4a:e7:6f:da:51:c7:
ff:46:f6:b7:0d:1c:24:6f:4a:31:d0:47:df:f4:a3:
26:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:B6:68:A2:CB:AF:48:DA:12:66:B8:74:56:C4:79:32:9E:F7:5D:27
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/7LZoosuvSNoSZrh0VsR5Mp73XSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.40.0/22
Signature Algorithm: sha256WithRSAEncryption
1a:2e:e9:bc:c4:90:23:2b:03:8b:34:57:f5:22:ed:d8:3b:e7:
9b:4a:ee:c1:14:ad:6f:04:bc:26:c8:65:27:8c:b9:97:46:a9:
6f:34:eb:87:de:db:09:5b:95:d1:c6:56:8d:d8:ef:f3:c6:1e:
db:3f:ce:c0:56:d7:31:70:0a:68:4c:dc:dd:06:e7:59:2f:2d:
aa:f8:d0:50:8b:25:57:ac:0c:79:af:ce:85:93:83:51:18:fa:
b6:0d:58:31:fa:c2:f1:93:31:06:85:31:f0:0b:3c:34:82:3a:
66:8a:da:78:3e:68:83:98:74:71:71:05:9f:a1:87:cd:57:6f:
02:36:d2:81:2c:33:d9:99:38:66:9c:9a:9b:cd:ab:09:56:b6:
b8:89:31:c0:16:98:c2:3b:b3:12:95:69:36:4f:4c:e8:58:5e:
49:55:2c:75:0b:d6:e2:77:59:0f:48:34:bf:11:d0:76:8b:c0:
da:7a:1e:37:b1:8b:f9:c3:43:76:ee:6b:df:81:a4:07:1c:f1:
1a:b2:1f:10:8f:0f:76:21:bd:02:55:66:6a:12:3f:0f:87:aa:
e3:39:f8:5e:86:29:0e:cb:14:39:2f:e9:7d:fb:15:23:74:68:
4b:b4:e1:78:4e:7a:1a:ca:a1:04:fb:26:12:21:e7:21:7e:1f:
bb:7c:8f:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJi/edZsKp2jdzD40w7jQajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjIwODAzMDkxNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2I2NjhhMmNiYWY0OGRhMTI2NmI4NzQ1NmM0NzkzMjllZjc1ZDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkFSo5ndZ49esE2PsGgKb/4h/COx
Ix3GDvqLwtnyUgZXg02mKjhkYcFs7uQaTEWbX6o7XOaI8dSZY847aJdP4q0k+mir
EmfGZRYC7H5xWrdyKiK8D2ogOx7Ogiqgeb4QtEZ9I0vUPHlZg07qu4DnPH6GyYVi
D4LQEi6fAiUg9KxrdB4ScMSyO194sAZe4qv3YloZ33ZSJ14wK1BZmHUaglXv4m8W
RPP4W9qrN6t9yP4Ikr6BdSYm67WydQmAJOUFdOFCiHnewfeY1ShcF/RiPnTK9zfx
4WN/9dxx4xb4AYBRg1YISHsrzwtK52/aUcf/Rva3DRwkb0ox0Eff9KMmAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOy2aKLLr0jaEma4dFbEeTKe910nMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvN0xab29zdXZTTm9TWnJoMFZzUjVNcDczWFNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW1woMA0G
CSqGSIb3DQEBCwUAA4IBAQAaLum8xJAjKwOLNFf1Iu3YO+ebSu7BFK1vBLwmyGUn
jLmXRqlvNOuH3tsJW5XRxlaN2O/zxh7bP87AVtcxcApoTNzdBudZLy2q+NBQiyVX
rAx5r86Fk4NRGPq2DVgx+sLxkzEGhTHwCzw0gjpmitp4PmiDmHRxcQWfoYfNV28C
NtKBLDPZmThmnJqbzasJVra4iTHAFpjCO7MSlWk2T0zoWF5JVSx1C9bid1kPSDS/
EdB2i8Daeh43sYv5w0N27mvfgaQHHPEash8Qjw92Ib0CVWZqEj8Ph6rjOfhehikO
yxQ5L+l9+xUjdGhLtOF4TnoayqEE+yYSIechfh+7fI/C
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:54:11 2025 by rpki-client