Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/0d3032-bda4-4c6b-81c9-92416007158e/1/lg3oo7lp0-mp3Wk5x-6SWe2w0mE.roa
File: lg3oo7lp0-mp3Wk5x-6SWe2w0mE.roa (raw, json)
Hash identifier: hahJx7bzZ6BWJqcVlSlx9Wg4ALA/khLrhTTZvQwG30E=
Subject key identifier: 96:0D:E8:A3:B9:69:D3:E9:A9:DD:69:39:C7:EE:92:59:ED:B0:D2:61
Certificate issuer: /CN=c5b1182d31796fa63ec3c1d9b97cb6aaac34fdd9
Certificate serial: 014AC4C4
Authority key identifier: C5:B1:18:2D:31:79:6F:A6:3E:C3:C1:D9:B9:7C:B6:AA:AC:34:FD:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xbEYLTF5b6Y-w8HZuXy2qqw0_dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/0d3032-bda4-4c6b-81c9-92416007158e/1/lg3oo7lp0-mp3Wk5x-6SWe2w0mE.roa
Signing time: Sat 01 Jan 2022 15:57:41 +0000
ROA not before: Sat 01 Jan 2022 15:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44085
IP address blocks: 91.199.23.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21677252 (0x14ac4c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5b1182d31796fa63ec3c1d9b97cb6aaac34fdd9
Validity
Not Before: Jan 1 15:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=960de8a3b969d3e9a9dd6939c7ee9259edb0d261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:98:88:49:97:f7:dc:e5:57:83:8c:93:3d:cf:
19:df:1c:7b:8f:4e:ed:f1:71:3f:82:8c:5d:91:66:
66:e5:bf:7e:58:49:bf:68:1f:4c:fa:8d:7a:d6:88:
bc:ba:77:a7:02:0e:d5:8f:0b:15:1b:f8:d4:d8:a2:
e2:fe:4d:b9:21:c5:eb:5c:46:c7:8d:1f:86:e2:80:
03:de:0e:ac:f3:ef:0f:bc:6f:b4:a1:65:35:2a:50:
53:20:1c:98:c5:0c:b1:33:39:04:07:07:4d:7d:ca:
ef:35:9b:18:90:f1:3d:cc:19:74:76:91:3e:77:d0:
3c:81:0b:5f:fb:b7:23:01:39:aa:46:94:19:17:ef:
f0:93:d3:64:ab:38:43:54:f3:2d:96:45:67:4e:d4:
6d:6d:81:b0:a1:51:e0:e7:d4:08:15:52:d5:fb:47:
af:7f:fd:b7:e3:7d:54:a7:b5:e3:02:e9:0e:9e:12:
4e:5a:e6:80:0d:e8:84:2e:16:ba:bf:f5:01:0f:e3:
49:6d:fc:fb:cd:dd:29:53:d1:13:2f:97:b2:8f:99:
7a:98:6f:81:07:a5:f2:9f:5f:49:7c:92:44:8b:94:
fb:5e:af:59:27:ed:ea:76:73:be:b1:0d:17:18:e9:
b4:0b:c6:04:1d:ea:25:58:8c:97:1c:ce:d4:5e:23:
6e:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0D:E8:A3:B9:69:D3:E9:A9:DD:69:39:C7:EE:92:59:ED:B0:D2:61
X509v3 Authority Key Identifier:
keyid:C5:B1:18:2D:31:79:6F:A6:3E:C3:C1:D9:B9:7C:B6:AA:AC:34:FD:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xbEYLTF5b6Y-w8HZuXy2qqw0_dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0d3032-bda4-4c6b-81c9-92416007158e/1/lg3oo7lp0-mp3Wk5x-6SWe2w0mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/0d3032-bda4-4c6b-81c9-92416007158e/1/xbEYLTF5b6Y-w8HZuXy2qqw0_dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:d4:d0:ba:fc:76:f6:d8:ac:dd:33:a4:60:15:c4:4d:53:91:
78:55:c7:d0:50:82:f4:56:b9:c8:b6:97:82:35:dd:71:2a:45:
43:92:6c:57:f9:e8:7b:7a:79:f3:73:b0:8e:a2:96:ff:1d:fc:
25:d6:98:9e:d4:d7:c3:e8:0e:20:c9:fc:fa:83:67:d1:30:87:
fb:1f:a7:d0:1e:48:2d:58:74:51:2d:d0:42:c7:e3:37:b1:18:
58:70:2c:59:64:30:40:b5:3b:e8:aa:12:22:f8:6a:95:3e:b3:
72:c5:f1:68:42:bf:50:32:ba:46:21:5c:e0:80:f7:26:2f:06:
a0:0b:70:13:b8:9a:11:23:7b:aa:c0:3d:4d:9c:d4:5a:1b:8d:
7b:1d:06:21:83:48:2b:67:70:32:19:69:c2:f1:ce:01:0d:4d:
1c:b1:74:6b:2e:5f:17:5c:b8:3a:a1:a5:78:35:fa:f9:48:13:
b4:dd:a8:ed:08:bf:91:ca:6a:e3:c4:91:56:1e:d8:f9:2c:4e:
3b:f7:f0:1f:d2:cd:67:a5:94:e1:5a:db:9f:3b:cb:12:77:1b:
87:e9:cd:4d:aa:45:87:7d:45:e2:f5:45:62:57:2c:ff:16:9c:
9f:ed:6b:74:ca:55:da:99:d8:73:9f:7f:70:c7:99:f1:6d:0c:
71:94:99:31
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAUrExDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWIxMTgyZDMxNzk2ZmE2M2VjM2MxZDliOTdjYjZhYWFjMzRmZGQ5MB4XDTIyMDEw
MTE1NTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTYwZGU4YTNiOTY5
ZDNlOWE5ZGQ2OTM5YzdlZTkyNTllZGIwZDI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKiYiEmX99zlV4OMkz3PGd8ce49O7fFxP4KMXZFmZuW/flhJ
v2gfTPqNetaIvLp3pwIO1Y8LFRv41Nii4v5NuSHF61xGx40fhuKAA94OrPPvD7xv
tKFlNSpQUyAcmMUMsTM5BAcHTX3K7zWbGJDxPcwZdHaRPnfQPIELX/u3IwE5qkaU
GRfv8JPTZKs4Q1TzLZZFZ07UbW2BsKFR4OfUCBVS1ftHr3/9t+N9VKe14wLpDp4S
TlrmgA3ohC4Wur/1AQ/jSW38+83dKVPREy+Xso+ZephvgQel8p9fSXySRIuU+16v
WSft6nZzvrENFxjptAvGBB3qJViMlxzO1F4jbhUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSWDeijuWnT6andaTnH7pJZ7bDSYTAfBgNVHSMEGDAWgBTFsRgtMXlvpj7D
wdm5fLaqrDT92TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hiRVlMVEY1YjZZLXc4SFp1WHkycXF3MF9kay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTIvMGQzMDMyLWJkYTQtNGM2Yi04MWM5LTkyNDE2MDA3MTU4ZS8x
L2xnM29vN2xwMC1tcDNXazV4LTZTV2UydzBtRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTIv
MGQzMDMyLWJkYTQtNGM2Yi04MWM5LTkyNDE2MDA3MTU4ZS8xL3hiRVlMVEY1YjZZ
LXc4SFp1WHkycXF3MF9kay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvHFzANBgkqhkiG9w0BAQsFAAOC
AQEAHtTQuvx29tis3TOkYBXETVOReFXH0FCC9Fa5yLaXgjXdcSpFQ5JsV/noe3p5
83OwjqKW/x38JdaYntTXw+gOIMn8+oNn0TCH+x+n0B5ILVh0US3QQsfjN7EYWHAs
WWQwQLU76KoSIvhqlT6zcsXxaEK/UDK6RiFc4ID3Ji8GoAtwE7iaESN7qsA9TZzU
WhuNex0GIYNIK2dwMhlpwvHOAQ1NHLF0ay5fF1y4OqGleDX6+UgTtN2o7Qi/kcpq
48SRVh7Y+SxOO/fwH9LNZ6WU4VrbnzvLEncbh+nNTapFh31F4vVFYlcs/xacn+1r
dMpV2pnYc59/cMeZ8W0McZSZMQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:04 2024 by rpki-client on console-fra.rpki-client.org