Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/lhLw5ok2cwqRzfeFRRy0KhYn16g.roa
File: lhLw5ok2cwqRzfeFRRy0KhYn16g.roa (raw, json)
Hash identifier: BJI02hoyl9zGUoHfgybSIxxrovMHhqbc9caDfLXLwOk=
Subject key identifier: 96:12:F0:E6:89:36:73:0A:91:CD:F7:85:45:1C:B4:2A:16:27:D7:A8
Certificate issuer: /CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Certificate serial: 018571B0D3934C07F8DC5C1F96F07A3C5E87
Authority key identifier: 39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/lhLw5ok2cwqRzfeFRRy0KhYn16g.roa
Signing time: Mon 02 Jan 2023 08:54:51 +0000
ROA not before: Mon 02 Jan 2023 08:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204717
IP address blocks: 91.132.7.0/24 maxlen: 24
91.132.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:d3:93:4c:07:f8:dc:5c:1f:96:f0:7a:3c:5e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391a0ecc2b9beaba9eb76d5519fe787b4033fc12
Validity
Not Before: Jan 2 08:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9612f0e68936730a91cdf785451cb42a1627d7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:78:f1:dc:9e:3e:b5:ef:f4:48:1a:4a:fc:bd:
0c:63:ea:35:80:dd:7a:78:3b:d5:ae:72:c2:06:6d:
f2:30:a1:ad:bb:62:ba:69:f2:3a:b7:b7:da:68:f7:
d9:b0:8b:4e:6e:0a:f0:e8:4c:db:b8:4d:51:5f:c7:
e3:74:d2:dd:83:44:4c:7f:e4:78:95:2f:18:5b:5f:
03:9c:41:5b:b8:d7:90:4a:99:85:fd:7c:2b:a6:33:
7d:a2:86:7a:32:29:10:07:6c:bb:db:d9:78:04:52:
b6:c1:06:a3:df:d3:91:b4:ea:c3:8a:77:0c:26:9d:
33:ad:51:d6:dd:47:e3:e4:f9:f0:85:58:db:fd:b9:
33:90:28:ff:ed:a6:6b:06:18:14:57:1d:81:96:a9:
e4:9b:25:f1:43:5f:cd:54:49:92:50:f5:e6:41:f9:
c1:b3:cd:1d:bb:67:b5:58:9e:d6:5f:96:34:c2:f2:
5e:65:81:ea:57:15:9d:b3:0d:86:a6:4f:46:76:66:
30:b8:6a:b8:5b:9b:81:17:d3:d5:c4:a4:54:bd:35:
c5:05:26:ed:90:da:2d:96:e2:48:ca:57:7d:d9:7c:
e8:0d:fa:3a:3d:bc:57:df:ff:34:f5:d5:b8:ea:2c:
a7:d9:42:f7:bf:16:43:2a:20:77:5e:c4:6e:32:a6:
e1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:12:F0:E6:89:36:73:0A:91:CD:F7:85:45:1C:B4:2A:16:27:D7:A8
X509v3 Authority Key Identifier:
keyid:39:1A:0E:CC:2B:9B:EA:BA:9E:B7:6D:55:19:FE:78:7B:40:33:FC:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORoOzCub6rqet21VGf54e0Az_BI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/lhLw5ok2cwqRzfeFRRy0KhYn16g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/c27cd1-570b-47d1-b256-1814223d92ce/1/ORoOzCub6rqet21VGf54e0Az_BI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.132.6.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:27:ec:9a:d3:af:69:e3:6a:4c:a7:e0:35:00:f4:19:c1:35:
c4:b2:8b:51:5d:6d:52:9e:2b:20:60:8f:fb:8e:23:cf:85:8f:
21:51:db:70:86:2b:8f:32:90:7d:d8:72:94:0f:64:9b:30:fb:
3b:d4:56:39:d3:3d:f7:16:79:64:78:99:18:36:59:9f:7a:32:
79:2c:1c:63:64:85:f7:36:69:af:a0:bd:a7:20:8d:55:06:28:
eb:eb:c9:43:f1:99:5f:cc:fa:e5:fc:21:8b:1d:06:8e:b7:6b:
80:41:09:83:8a:10:b8:7c:dd:0a:f7:a5:3d:47:df:19:54:87:
f4:cb:66:e3:89:14:19:0b:49:a0:d4:9e:49:4e:36:74:d0:24:
41:4e:51:7a:7f:30:fc:8e:07:62:29:47:45:28:4b:ca:0d:b3:
3d:6b:24:21:47:3f:78:84:70:8a:d8:b4:61:fe:da:e4:50:f5:
2c:85:d8:07:c6:d6:73:7e:c3:50:cb:1c:c9:51:51:e8:a3:4e:
67:c6:26:4a:f5:79:01:bb:a0:1e:9a:f9:9b:0a:cb:09:e7:f4:
f8:fe:ad:eb:c0:55:e0:d7:53:f4:9f:8b:6a:59:66:e6:99:19:
1a:2b:6d:a1:19:63:8f:46:3b:95:2e:9e:38:3e:a9:27:1a:ac:
a8:36:2a:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsNOTTAf43FwflvB6PF6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWEwZWNjMmI5YmVhYmE5ZWI3NmQ1NTE5ZmU3ODdiNDAz
M2ZjMTIwHhcNMjMwMTAyMDg1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjEyZjBlNjg5MzY3MzBhOTFjZGY3ODU0NTFjYjQyYTE2MjdkN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3jx3J4+te/0SBpK/L0MY+o1gN16
eDvVrnLCBm3yMKGtu2K6afI6t7faaPfZsItObgrw6EzbuE1RX8fjdNLdg0RMf+R4
lS8YW18DnEFbuNeQSpmF/XwrpjN9ooZ6MikQB2y729l4BFK2wQaj39ORtOrDincM
Jp0zrVHW3Ufj5PnwhVjb/bkzkCj/7aZrBhgUVx2BlqnkmyXxQ1/NVEmSUPXmQfnB
s80du2e1WJ7WX5Y0wvJeZYHqVxWdsw2Gpk9GdmYwuGq4W5uBF9PVxKRUvTXFBSbt
kNotluJIyld92XzoDfo6PbxX3/809dW46iyn2UL3vxZDKiB3XsRuMqbhlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYS8OaJNnMKkc33hUUctCoWJ9eoMB8GA1UdIwQY
MBaAFDkaDswrm+q6nrdtVRn+eHtAM/wSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYt
MTgxNDIyM2Q5MmNlLzEvbGhMdzVvazJjd3FSemZlRlJSeTBLaFluMTZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9jMjdjZDEtNTcwYi00N2QxLWIyNTYtMTgxNDIyM2Q5MmNl
LzEvT1JvT3pDdWI2cnFldDIxVkdmNTRlMEF6X0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW4QGMA0G
CSqGSIb3DQEBCwUAA4IBAQAsJ+ya069p42pMp+A1APQZwTXEsotRXW1SnisgYI/7
jiPPhY8hUdtwhiuPMpB92HKUD2SbMPs71FY50z33FnlkeJkYNlmfejJ5LBxjZIX3
NmmvoL2nII1VBijr68lD8ZlfzPrl/CGLHQaOt2uAQQmDihC4fN0K96U9R98ZVIf0
y2bjiRQZC0mg1J5JTjZ00CRBTlF6fzD8jgdiKUdFKEvKDbM9ayQhRz94hHCK2LRh
/trkUPUshdgHxtZzfsNQyxzJUVHoo05nxiZK9XkBu6AemvmbCssJ5/T4/q3rwFXg
11P0n4tqWWbmmRkaK22hGWOPRjuVLp44PqknGqyoNipl
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:09 2025 by rpki-client