Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/lHaUJytBGRgr4J1zqlTWYP5UlwE.roa
File: lHaUJytBGRgr4J1zqlTWYP5UlwE.roa (raw, json)
Hash identifier: 4ddHIaremYJTP2UnqAFlSgIjO4PvzFGjddvOmjrEhb0=
Subject key identifier: 94:76:94:27:2B:41:19:18:2B:E0:9D:73:AA:54:D6:60:FE:54:97:01
Certificate issuer: /CN=7238fbfea5768479c86300906e74eb254dcb5c69
Certificate serial: 0187EC16A7F0D519B49118B834E0E665E1B5
Authority key identifier: 72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/lHaUJytBGRgr4J1zqlTWYP5UlwE.roa
Signing time: Fri 05 May 2023 13:25:20 +0000
ROA not before: Fri 05 May 2023 13:25:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210333
IP address blocks: 185.202.98.0/23 maxlen: 23
185.202.96.0/23 maxlen: 23
213.109.144.0/24 maxlen: 24
2a11:6a40:fff::/48 maxlen: 48
2a11:6a40:100::/40 maxlen: 48
2a11:6a40::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:16:a7:f0:d5:19:b4:91:18:b8:34:e0:e6:65:e1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7238fbfea5768479c86300906e74eb254dcb5c69
Validity
Not Before: May 5 13:25:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=947694272b4119182be09d73aa54d660fe549701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e9:bc:71:a3:32:40:cb:cb:44:21:97:0d:92:
4f:d6:05:c6:00:8f:f9:b5:d9:8c:9c:0b:8e:0b:1c:
17:9b:fc:76:5c:d2:eb:b1:d2:fa:fe:1e:38:ac:f4:
b5:00:b5:5c:50:01:9d:e8:03:26:c9:4c:2b:4d:bf:
cb:cf:8d:87:6b:ec:5d:4f:93:48:be:7d:30:d0:b0:
8b:27:5b:5c:4d:00:73:b2:dc:53:80:28:30:da:58:
eb:4d:a2:da:78:3b:56:26:f2:1d:ed:c6:fe:de:89:
bb:e7:8e:2a:22:8d:92:00:4d:30:e4:66:1d:86:fe:
4c:86:aa:ce:71:58:ee:79:e5:d8:1c:7e:0b:f4:bb:
b7:8a:8d:b1:b5:4d:af:68:14:f5:b5:e0:a9:a0:eb:
b3:90:f8:1f:75:e8:a8:bb:23:69:c0:0d:89:32:35:
ef:e4:59:bc:c6:46:f4:2f:c0:7b:5b:f0:d5:56:a0:
c9:1f:e7:b0:0e:d1:b3:03:7c:d2:0c:77:15:f4:6c:
97:96:00:51:82:49:77:18:97:e2:cb:81:69:e9:67:
6a:6d:0b:d9:87:99:bf:b4:6c:6d:7f:05:b1:04:a9:
2f:ea:be:2c:b9:12:dd:7e:43:1b:8d:6c:e0:86:c9:
10:a5:c5:9c:b7:06:0c:00:87:b8:97:33:5b:93:2c:
c1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:76:94:27:2B:41:19:18:2B:E0:9D:73:AA:54:D6:60:FE:54:97:01
X509v3 Authority Key Identifier:
keyid:72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/lHaUJytBGRgr4J1zqlTWYP5UlwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/cjj7_qV2hHnIYwCQbnTrJU3LXGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.96.0/22
213.109.144.0/24
IPv6:
2a11:6a40::/39
2a11:6a40:fff::/48
Signature Algorithm: sha256WithRSAEncryption
56:13:4e:7b:55:ac:e8:9f:b1:af:ee:31:d0:82:e3:6f:3d:88:
58:7f:49:4e:5b:c8:d0:68:a9:ac:b4:72:6d:41:57:a2:4f:b1:
b0:33:47:14:33:ee:2a:68:98:91:df:a7:c1:b3:25:70:8d:13:
b5:85:fe:50:e5:96:1f:ac:5f:59:26:48:79:72:cc:70:74:bd:
48:29:10:dc:46:ee:96:6d:54:42:7c:65:5c:49:3f:b7:15:8d:
93:c9:bb:a1:a5:22:91:fb:8b:64:fb:41:18:94:4d:ba:09:5a:
8d:c3:aa:18:2a:97:89:ca:72:c1:04:99:a8:a2:45:72:c0:b9:
5d:b3:9c:dc:97:3d:3a:4d:17:56:56:f2:49:15:55:c5:11:29:
dc:47:21:d8:14:ab:3c:5b:b1:df:7d:be:09:a4:63:89:55:8e:
bc:d2:80:14:a3:69:5e:53:8f:67:8c:59:27:00:41:09:a8:76:
a7:ad:b7:bb:a4:c0:51:a1:05:18:25:ac:8c:96:9d:c8:e7:14:
e1:c5:c3:6a:b1:2b:47:1d:dd:cd:38:76:bc:f5:8b:1e:04:79:
e8:2d:79:2d:43:11:1c:76:8e:95:97:cb:89:4e:29:5d:cc:e7:
71:f7:25:04:22:7f:ab:46:44:38:1a:83:87:b8:0a:b3:c0:b4:
7d:ec:d2:e7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYfsFqfw1Rm0kRi4NODmZeG1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzhmYmZlYTU3Njg0NzljODYzMDA5MDZlNzRlYjI1NGRj
YjVjNjkwHhcNMjMwNTA1MTMyNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDc2OTQyNzJiNDExOTE4MmJlMDlkNzNhYTU0ZDY2MGZlNTQ5NzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+m8caMyQMvLRCGXDZJP1gXGAI/5
tdmMnAuOCxwXm/x2XNLrsdL6/h44rPS1ALVcUAGd6AMmyUwrTb/Lz42Ha+xdT5NI
vn0w0LCLJ1tcTQBzstxTgCgw2ljrTaLaeDtWJvId7cb+3om7544qIo2SAE0w5GYd
hv5MhqrOcVjueeXYHH4L9Lu3io2xtU2vaBT1teCpoOuzkPgfdeiouyNpwA2JMjXv
5Fm8xkb0L8B7W/DVVqDJH+ewDtGzA3zSDHcV9GyXlgBRgkl3GJfiy4Fp6WdqbQvZ
h5m/tGxtfwWxBKkv6r4suRLdfkMbjWzghskQpcWctwYMAIe4lzNbkyzBuQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFJR2lCcrQRkYK+Cdc6pU1mD+VJcBMB8GA1UdIwQY
MBaAFHI4+/6ldoR5yGMAkG506yVNy1xpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEt
YmUxMGU4YjRhMDBlLzEvbEhhVUp5dEJHUmdyNEoxenFsVFdZUDVVbHdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEtYmUxMGU4YjRhMDBl
LzEvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTASBAIAATAMAwQCucpgAwQA
1W2QMBcEAgACMBEDBgEqEWpAAAMHACoRakAP/zANBgkqhkiG9w0BAQsFAAOCAQEA
VhNOe1Ws6J+xr+4x0ILjbz2IWH9JTlvI0GiprLRybUFXok+xsDNHFDPuKmiYkd+n
wbMlcI0TtYX+UOWWH6xfWSZIeXLMcHS9SCkQ3Ebulm1UQnxlXEk/txWNk8m7oaUi
kfuLZPtBGJRNuglajcOqGCqXicpywQSZqKJFcsC5XbOc3Jc9Ok0XVlbySRVVxREp
3Ech2BSrPFux332+CaRjiVWOvNKAFKNpXlOPZ4xZJwBBCah2p623u6TAUaEFGCWs
jJadyOcU4cXDarErRx3dzTh2vPWLHgR56C15LUMRHHaOlZfLiU4pXczncfclBCJ/
q0ZEOBqDh7gKs8C0fezS5w==
-----END CERTIFICATE-----
Generated at Wed Apr 23 05:33:05 2025 by rpki-client