
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/lAz9itc_jxqDEB3ppp9AXa4-SCk.roa
File: lAz9itc_jxqDEB3ppp9AXa4-SCk.roa (raw, json)
Hash identifier: DeuvdG6/FI83BWfSGmqiltL4G0FAgxbCLIVZCr7/FKU=
Subject key identifier: 94:0C:FD:8A:D7:3F:8F:1A:83:10:1D:E9:A6:9F:40:5D:AE:3E:48:29
Certificate issuer: /CN=6299cfdfc01dae67fa6ee3179480770c452bac22
Certificate serial: 01857383AA14B81CFEE4987BF2EEFD9A1876
Authority key identifier: 62:99:CF:DF:C0:1D:AE:67:FA:6E:E3:17:94:80:77:0C:45:2B:AC:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YpnP38Adrmf6buMXlIB3DEUrrCI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/lAz9itc_jxqDEB3ppp9AXa4-SCk.roa
Signing time: Mon 02 Jan 2023 17:24:46 +0000
ROA not before: Mon 02 Jan 2023 17:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51459
IP address blocks: 91.217.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:83:aa:14:b8:1c:fe:e4:98:7b:f2:ee:fd:9a:18:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6299cfdfc01dae67fa6ee3179480770c452bac22
Validity
Not Before: Jan 2 17:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=940cfd8ad73f8f1a83101de9a69f405dae3e4829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cb:c9:1b:fb:37:e3:c7:69:f5:89:af:3e:6b:
60:10:f9:22:9e:89:f1:04:16:96:75:4f:78:e3:89:
61:cb:1c:75:ff:d8:ef:04:7d:18:50:6f:7e:bb:ba:
4c:8a:3c:14:8a:c4:2d:25:70:b7:6f:f7:cc:34:9b:
a3:27:63:84:ce:fd:6b:8f:52:b3:05:c6:6b:41:09:
f5:5a:57:9b:bf:5a:97:4b:39:cb:04:5c:fc:23:f4:
77:8d:5d:6f:9c:5e:26:21:e6:a6:97:42:bb:ba:e6:
16:80:50:d7:0f:23:b9:95:fc:ae:3a:c2:a1:26:74:
6d:e7:6d:30:4b:ca:95:d0:41:95:61:f5:10:96:bd:
f8:95:1c:3c:81:0f:62:ea:28:42:e3:c7:e3:e3:f5:
91:91:3d:2b:c5:92:51:ea:cb:6a:63:20:c1:4b:b3:
53:f2:0b:ed:47:fd:7e:c9:1c:1c:a7:f8:39:f5:fa:
8a:9c:38:29:c5:a3:41:2b:2e:65:83:01:f5:66:12:
ff:5e:44:f1:f6:97:1c:a4:0d:7b:ec:b8:cb:bf:b8:
dd:0c:ac:17:36:5f:7e:d2:9a:2d:5a:96:66:fe:c1:
ea:8a:90:ca:ac:9d:95:7d:d9:7d:66:f9:41:ab:64:
fe:ef:ae:bf:2c:f1:b4:be:bf:2e:6a:41:a8:10:6a:
de:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:0C:FD:8A:D7:3F:8F:1A:83:10:1D:E9:A6:9F:40:5D:AE:3E:48:29
X509v3 Authority Key Identifier:
keyid:62:99:CF:DF:C0:1D:AE:67:FA:6E:E3:17:94:80:77:0C:45:2B:AC:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YpnP38Adrmf6buMXlIB3DEUrrCI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/lAz9itc_jxqDEB3ppp9AXa4-SCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c8bfb8-f47e-430e-ae3e-68a14ce42fa6/1/YpnP38Adrmf6buMXlIB3DEUrrCI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.172.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a4:79:df:b5:6a:1f:6f:97:18:f7:d7:5b:90:27:0b:2b:18:
b8:20:00:83:92:a0:f7:d1:cf:1c:3a:3a:ce:7f:06:43:77:21:
8b:78:e8:ac:1b:f6:67:00:bb:04:c0:69:b8:15:04:f3:06:b7:
59:40:e6:88:15:c8:3a:fa:f5:09:a5:38:e8:ac:de:32:cf:50:
1e:aa:80:30:3a:3e:9d:a2:57:4b:99:7f:5b:a1:cb:96:f3:6e:
2f:db:db:6a:76:bf:49:7a:04:64:b6:79:e8:0c:35:1a:83:20:
d1:98:cc:fd:eb:ea:eb:dc:a4:6b:5e:56:ae:0e:36:88:46:32:
72:d6:07:24:30:cb:57:3c:eb:9a:d9:e7:16:82:35:07:ba:da:
42:07:c0:9a:9f:b2:f7:38:41:35:76:3c:62:25:88:af:ca:34:
17:71:a1:74:4e:85:b7:65:e6:93:8e:41:9b:f7:0e:08:23:96:
0d:40:08:cc:73:79:31:83:41:03:6a:a9:de:b8:a1:60:f2:e6:
fb:c2:15:47:02:3f:43:2f:4b:25:8d:86:0b:6a:81:21:61:af:
c3:ed:2c:88:05:f6:09:1a:da:74:37:dc:a9:de:bb:7f:2d:a8:
06:9c:36:2c:91:a0:39:de:9f:d3:2e:ff:59:c1:ab:9f:49:a6:
20:84:65:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzg6oUuBz+5Jh78u79mhh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyOTljZmRmYzAxZGFlNjdmYTZlZTMxNzk0ODA3NzBjNDUy
YmFjMjIwHhcNMjMwMTAyMTcyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDBjZmQ4YWQ3M2Y4ZjFhODMxMDFkZTlhNjlmNDA1ZGFlM2U0ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgcvJG/s348dp9YmvPmtgEPkinonx
BBaWdU9444lhyxx1/9jvBH0YUG9+u7pMijwUisQtJXC3b/fMNJujJ2OEzv1rj1Kz
BcZrQQn1Wlebv1qXSznLBFz8I/R3jV1vnF4mIeaml0K7uuYWgFDXDyO5lfyuOsKh
JnRt520wS8qV0EGVYfUQlr34lRw8gQ9i6ihC48fj4/WRkT0rxZJR6stqYyDBS7NT
8gvtR/1+yRwcp/g59fqKnDgpxaNBKy5lgwH1ZhL/XkTx9pccpA177LjLv7jdDKwX
Nl9+0potWpZm/sHqipDKrJ2Vfdl9ZvlBq2T+766/LPG0vr8uakGoEGrepwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQM/YrXP48agxAd6aafQF2uPkgpMB8GA1UdIwQY
MBaAFGKZz9/AHa5n+m7jF5SAdwxFK6wiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXBuUDM4QWRybWY2YnVNWGxJQjNERVVyckNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jOGJmYjgtZjQ3ZS00MzBlLWFlM2Ut
NjhhMTRjZTQyZmE2LzEvbEF6OWl0Y19qeHFERUIzcHBwOUFYYTQtU0NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jOGJmYjgtZjQ3ZS00MzBlLWFlM2UtNjhhMTRjZTQyZmE2
LzEvWXBuUDM4QWRybWY2YnVNWGxJQjNERVVyckNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9msMA0G
CSqGSIb3DQEBCwUAA4IBAQBipHnftWofb5cY99dbkCcLKxi4IACDkqD30c8cOjrO
fwZDdyGLeOisG/ZnALsEwGm4FQTzBrdZQOaIFcg6+vUJpTjorN4yz1AeqoAwOj6d
oldLmX9bocuW824v29tqdr9JegRktnnoDDUagyDRmMz96+rr3KRrXlauDjaIRjJy
1gckMMtXPOua2ecWgjUHutpCB8Can7L3OEE1djxiJYivyjQXcaF0ToW3ZeaTjkGb
9w4II5YNQAjMc3kxg0EDaqneuKFg8ub7whVHAj9DL0sljYYLaoEhYa/D7SyIBfYJ
Gtp0N9yp3rt/LagGnDYskaA53p/TLv9ZwaufSaYghGUW
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:45:03 2025 by rpki-client