Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/LzMV5FZAl2Xlw_afoiV4pfuk9R8.roa
File: LzMV5FZAl2Xlw_afoiV4pfuk9R8.roa (raw, json)
Hash identifier: 9TZLrHpd8xguDK5H7OFoENUMYJBR7InIzRE+gYghlpk=
Subject key identifier: 2F:33:15:E4:56:40:97:65:E5:C3:F6:9F:A2:25:78:A5:FB:A4:F5:1F
Certificate issuer: /CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Certificate serial: 018708832F1AB7543EB31EEF8EF24CCAD538
Authority key identifier: FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/LzMV5FZAl2Xlw_afoiV4pfuk9R8.roa
Signing time: Wed 22 Mar 2023 08:50:27 +0000
ROA not before: Wed 22 Mar 2023 08:50:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209689
IP address blocks: 212.87.210.0/23 maxlen: 24
212.87.208.0/23 maxlen: 24
185.174.149.0/24 maxlen: 24
185.174.150.0/24 maxlen: 24
185.174.151.0/24 maxlen: 24
185.174.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:08:83:2f:1a:b7:54:3e:b3:1e:ef:8e:f2:4c:ca:d5:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb782b78f20a6e4b70643052bd1a40af15a56338
Validity
Not Before: Mar 22 08:50:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f3315e456409765e5c3f69fa22578a5fba4f51f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cc:bb:a1:ef:63:71:4e:22:30:c4:10:09:7c:
1e:72:24:44:53:f6:66:49:b4:a1:86:94:77:5e:b6:
d7:5e:e2:ed:aa:70:91:c5:6f:61:47:6a:32:bb:87:
3b:07:91:ce:ab:1e:b2:ae:1f:6d:aa:77:f2:4e:aa:
10:59:24:3d:fb:1e:26:70:71:52:f5:74:3e:9b:8a:
9c:d7:f4:5f:be:a8:51:8e:1f:1d:97:4d:0a:58:7d:
63:fb:bc:ad:71:8a:05:0a:85:1e:8d:6a:1d:79:81:
25:6a:64:29:ca:63:14:51:e2:ec:2f:e1:0f:81:ba:
1d:d1:27:0a:97:da:a3:a1:fc:c9:1a:40:a5:09:64:
81:50:e3:8d:3f:a2:82:af:96:61:f4:fe:27:e7:7c:
c8:ab:80:cc:10:ff:a8:e2:45:87:17:8f:1f:16:6a:
7d:a3:a3:75:53:72:07:c8:7a:47:86:30:79:1f:b3:
02:af:a0:f1:3e:5d:d3:12:ba:f8:ee:78:d9:c7:92:
7d:38:ec:8d:1d:56:72:d5:39:c0:d1:98:b4:87:3a:
a1:b7:b8:72:f5:35:63:90:61:37:e7:1c:b2:50:31:
34:0e:40:0a:8a:bb:f5:ae:a2:87:b4:c0:10:70:ad:
81:b0:ea:21:ed:01:89:aa:86:83:fd:01:85:ac:9a:
1a:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:33:15:E4:56:40:97:65:E5:C3:F6:9F:A2:25:78:A5:FB:A4:F5:1F
X509v3 Authority Key Identifier:
keyid:FB:78:2B:78:F2:0A:6E:4B:70:64:30:52:BD:1A:40:AF:15:A5:63:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-3grePIKbktwZDBSvRpArxWlYzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/LzMV5FZAl2Xlw_afoiV4pfuk9R8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9dc933-5c0d-4461-a45d-8f7d5691c1be/1/1-3grePIKbktwZDBSvRpArxWlYzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.148.0/22
212.87.208.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:7a:93:0a:86:81:f6:2f:25:67:86:35:fc:7e:8b:23:8e:de:
b8:49:f4:73:b3:60:04:93:b8:10:b8:7c:d2:bd:f4:bd:78:cd:
39:d9:2e:e5:4b:c7:b2:c8:21:67:27:50:93:de:a5:6f:56:36:
93:9a:07:57:9c:84:ac:65:12:2a:b2:37:ae:a8:2f:b2:61:d6:
6b:b2:63:0c:c7:54:7f:bc:c6:4f:1c:75:a1:52:7a:4e:03:85:
41:07:4c:bf:b1:47:27:4c:17:06:0f:01:d6:33:0a:c6:c7:2d:
cd:21:45:82:ff:5d:46:71:08:ad:ad:2a:b1:68:db:e0:7c:77:
cc:7b:2c:3d:42:ec:09:e9:63:a6:c2:a9:26:ff:f2:98:c3:cf:
5a:ed:1e:05:82:a1:ce:a4:00:98:6a:45:36:15:48:3c:27:99:
1f:c0:b8:5d:6b:39:90:6e:5c:76:86:4a:54:d6:b4:e4:fe:46:
1a:a2:5b:83:86:32:c0:6f:80:0d:fc:f8:44:2e:0c:94:0a:32:
d7:95:d7:ed:4e:93:4c:84:9b:46:3a:29:c9:3a:17:3b:f7:bf:
98:e2:e5:23:51:bf:91:80:12:74:83:35:a1:45:6c:67:5d:5a:
fe:7b:63:f5:7a:4b:aa:63:bd:78:11:4d:de:10:eb:b6:13:0f:
5b:26:a2:5f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYcIgy8at1Q+sx7vjvJMytU4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNzgyYjc4ZjIwYTZlNGI3MDY0MzA1MmJkMWE0MGFmMTVh
NTYzMzgwHhcNMjMwMzIyMDg1MDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjMzMTVlNDU2NDA5NzY1ZTVjM2Y2OWZhMjI1NzhhNWZiYTRmNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMy7oe9jcU4iMMQQCXweciREU/Zm
SbShhpR3XrbXXuLtqnCRxW9hR2oyu4c7B5HOqx6yrh9tqnfyTqoQWSQ9+x4mcHFS
9XQ+m4qc1/RfvqhRjh8dl00KWH1j+7ytcYoFCoUejWodeYElamQpymMUUeLsL+EP
gbod0ScKl9qjofzJGkClCWSBUOONP6KCr5Zh9P4n53zIq4DMEP+o4kWHF48fFmp9
o6N1U3IHyHpHhjB5H7MCr6DxPl3TErr47njZx5J9OOyNHVZy1TnA0Zi0hzqht7hy
9TVjkGE35xyyUDE0DkAKirv1rqKHtMAQcK2BsOoh7QGJqoaD/QGFrJoaxQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC8zFeRWQJdl5cP2n6IleKX7pPUfMB8GA1UdIwQY
MBaAFPt4K3jyCm5LcGQwUr0aQK8VpWM4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0zZ3JlUElLYmt0d1pEQlN2UnBBcnhXbFl6Zy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVk
LThmN2Q1NjkxYzFiZS8xL0x6TVY1RlpBbDJYbHdfYWZvaVY0cGZ1azlSOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZTMvOWRjOTMzLTVjMGQtNDQ2MS1hNDVkLThmN2Q1NjkxYzFi
ZS8xLzEtM2dyZVBJS2JrdHdaREJTdlJwQXJ4V2xZemcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5rpQD
BALUV9AwDQYJKoZIhvcNAQELBQADggEBAF56kwqGgfYvJWeGNfx+iyOO3rhJ9HOz
YASTuBC4fNK99L14zTnZLuVLx7LIIWcnUJPepW9WNpOaB1echKxlEiqyN66oL7Jh
1muyYwzHVH+8xk8cdaFSek4DhUEHTL+xRydMFwYPAdYzCsbHLc0hRYL/XUZxCK2t
KrFo2+B8d8x7LD1C7AnpY6bCqSb/8pjDz1rtHgWCoc6kAJhqRTYVSDwnmR/AuF1r
OZBuXHaGSlTWtOT+RhqiW4OGMsBvgA38+EQuDJQKMteV1+1Ok0yEm0Y6Kck6Fzv3
v5ji5SNRv5GAEnSDNaFFbGddWv57Y/V6S6pjvXgRTd4Q67YTD1smol8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:15 2025 by rpki-client