Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/La91xEjp-HJS_VxypNf5jUpUmQI.roa
File: La91xEjp-HJS_VxypNf5jUpUmQI.roa (raw, json)
Hash identifier: 6CKfj2QZaLocN8a9zT3GGzcl1r30GF1ozzalihkBwFk=
Subject key identifier: 2D:AF:75:C4:48:E9:F8:72:52:FD:5C:72:A4:D7:F9:8D:4A:54:99:02
Certificate issuer: /CN=ab91d5262561a9dd713dfa39163dec849fee4636
Certificate serial: 3AFB024D
Authority key identifier: AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/La91xEjp-HJS_VxypNf5jUpUmQI.roa
Signing time: Sat 01 Jan 2022 05:02:03 +0000
ROA not before: Sat 01 Jan 2022 05:02:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200168
IP address blocks: 195.254.172.0/23 maxlen: 23
185.35.213.0/24 maxlen: 24
185.35.212.0/24 maxlen: 24
2a04:6543::/32 maxlen: 32
2a04:6540::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 989528653 (0x3afb024d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab91d5262561a9dd713dfa39163dec849fee4636
Validity
Not Before: Jan 1 05:02:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2daf75c448e9f87252fd5c72a4d7f98d4a549902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:8d:d3:aa:55:d9:b4:09:33:f5:8b:6a:ba:8f:
17:46:2f:6b:a7:36:af:fd:b1:14:c1:af:a1:30:2b:
e0:28:18:b3:fb:b7:d0:99:02:23:67:e3:cc:98:fb:
42:5d:a8:ac:03:c1:ee:94:39:ab:93:1c:89:bf:b3:
b6:43:9d:7b:14:b9:b3:a2:72:aa:52:ba:02:2d:1b:
61:93:79:f5:c1:9b:ef:a7:fa:01:9e:77:b0:96:0b:
4d:ed:d7:39:39:5c:53:21:a9:85:a0:e0:a5:43:d2:
a4:51:7c:29:fd:f6:b9:ab:11:ab:89:9a:92:4c:d7:
69:82:f8:c0:bc:88:4e:a0:fe:e7:c9:79:11:bb:49:
5b:90:8c:0c:75:32:3a:96:43:26:14:47:06:40:0d:
84:a0:81:bc:3d:ce:23:1b:f7:1a:60:c8:d3:a1:eb:
71:be:15:08:b0:4c:c6:0b:4a:4b:72:3f:77:5d:c0:
55:4e:f3:8d:af:52:78:bc:35:d3:43:7a:10:24:09:
29:e0:8d:42:55:2e:75:52:6c:8c:5c:bd:cf:6e:dd:
7d:36:3a:49:de:14:c4:5c:a5:5d:41:46:bf:59:f6:
d2:e7:30:b6:d0:6c:cb:05:45:98:a1:cd:4a:7f:09:
39:a0:fb:d1:21:7f:33:74:90:39:9f:ce:87:00:c1:
56:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:AF:75:C4:48:E9:F8:72:52:FD:5C:72:A4:D7:F9:8D:4A:54:99:02
X509v3 Authority Key Identifier:
keyid:AB:91:D5:26:25:61:A9:DD:71:3D:FA:39:16:3D:EC:84:9F:EE:46:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/La91xEjp-HJS_VxypNf5jUpUmQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/91e882-ba8a-44c5-9b0d-275242aa6775/1/q5HVJiVhqd1xPfo5Fj3shJ_uRjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.35.212.0/23
195.254.172.0/23
IPv6:
2a04:6540::/32
2a04:6543::/32
Signature Algorithm: sha256WithRSAEncryption
58:e5:ae:a0:d4:a7:3c:fb:3e:f1:a7:c8:ab:c3:81:61:42:d5:
4a:85:b1:aa:a9:ae:d4:ad:5a:db:4f:b8:33:01:f1:a9:79:9a:
91:92:6b:77:0a:17:76:f1:04:c9:a9:89:b3:a4:48:15:73:33:
25:b1:27:69:9e:1c:81:89:c4:4b:26:71:aa:7b:32:61:83:8f:
b8:f7:ff:20:1b:f5:56:50:df:86:0b:51:0c:83:de:4b:35:d4:
c3:82:0c:5f:ff:d8:62:0d:f8:f0:a3:b5:51:cb:49:52:20:f2:
41:9a:42:b2:87:c8:5c:8e:0b:b2:34:5d:6e:8f:ef:61:78:8e:
aa:66:bb:52:95:72:f3:86:ef:68:69:59:41:a1:e8:d2:bf:fd:
e5:46:f9:e8:32:8a:94:a9:cd:20:42:61:31:df:e5:cd:d6:cd:
ef:e1:e7:d4:3b:4a:4f:32:ac:67:36:04:84:2b:aa:be:27:fc:
f4:b8:dd:40:ca:2b:c9:d4:84:1b:10:27:4e:55:94:05:91:06:
df:07:5a:bb:86:8d:c9:29:fd:02:1b:d8:2a:c7:ad:ca:6b:13:
68:8b:a9:f8:4d:6d:e0:26:0a:6b:e6:29:38:3f:38:60:09:84:
ac:d9:f7:a6:51:62:c5:cd:9a:15:e7:4d:85:a4:74:3d:02:0d:
bc:71:51:24
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEOvsCTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjkxZDUyNjI1NjFhOWRkNzEzZGZhMzkxNjNkZWM4NDlmZWU0NjM2MB4XDTIyMDEw
MTA1MDIwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmRhZjc1YzQ0OGU5
Zjg3MjUyZmQ1YzcyYTRkN2Y5OGQ0YTU0OTkwMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKeN06pV2bQJM/WLarqPF0Yva6c2r/2xFMGvoTAr4CgYs/u3
0JkCI2fjzJj7Ql2orAPB7pQ5q5Mcib+ztkOdexS5s6JyqlK6Ai0bYZN59cGb76f6
AZ53sJYLTe3XOTlcUyGphaDgpUPSpFF8Kf32uasRq4makkzXaYL4wLyITqD+58l5
EbtJW5CMDHUyOpZDJhRHBkANhKCBvD3OIxv3GmDI06Hrcb4VCLBMxgtKS3I/d13A
VU7zja9SeLw100N6ECQJKeCNQlUudVJsjFy9z27dfTY6Sd4UxFylXUFGv1n20ucw
ttBsywVFmKHNSn8JOaD70SF/M3SQOZ/OhwDBVtECAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQtr3XESOn4clL9XHKk1/mNSlSZAjAfBgNVHSMEGDAWgBSrkdUmJWGp3XE9
+jkWPeyEn+5GNjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E1SFZKaVZocWQxeFBmbzVGajNzaEpfdVJqWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjIvOTFlODgyLWJhOGEtNDRjNS05YjBkLTI3NTI0MmFhNjc3NS8x
L0xhOTF4RWpwLUhKU19WeHlwTmY1alVwVW1RSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIv
OTFlODgyLWJhOGEtNDRjNS05YjBkLTI3NTI0MmFhNjc3NS8xL3E1SFZKaVZocWQx
eFBmbzVGajNzaEpfdVJqWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEAbkj1AMEAcP+rDAUBAIAAjAOAwUA
KgRlQAMFACoEZUMwDQYJKoZIhvcNAQELBQADggEBAFjlrqDUpzz7PvGnyKvDgWFC
1UqFsaqprtStWttPuDMB8al5mpGSa3cKF3bxBMmpibOkSBVzMyWxJ2meHIGJxEsm
cap7MmGDj7j3/yAb9VZQ34YLUQyD3ks11MOCDF//2GIN+PCjtVHLSVIg8kGaQrKH
yFyOC7I0XW6P72F4jqpmu1KVcvOG72hpWUGh6NK//eVG+egyipSpzSBCYTHf5c3W
ze/h59Q7Sk8yrGc2BIQrqr4n/PS43UDKK8nUhBsQJ05VlAWRBt8HWruGjckp/QIb
2CrHrcprE2iLqfhNbeAmCmvmKTg/OGAJhKzZ96ZRYsXNmhXnTYWkdD0CDbxxUSQ=
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:50:07 2025 by rpki-client