Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/LAdlb2W2DzsZNWJ5aeYdO_mMHxw.roa
File: LAdlb2W2DzsZNWJ5aeYdO_mMHxw.roa (raw, json)
Hash identifier: PHuZ/OaB3cwYPTcGOfU4pEqS0i0wcQhpt3s3LkJqyjg=
Subject key identifier: 2C:07:65:6F:65:B6:0F:3B:19:35:62:79:69:E6:1D:3B:F9:8C:1F:1C
Certificate issuer: /CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Certificate serial: 018AD84925FF11E9BFC373A173EE785321C5
Authority key identifier: 95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/LAdlb2W2DzsZNWJ5aeYdO_mMHxw.roa
Signing time: Wed 27 Sep 2023 20:16:27 +0000
ROA not before: Wed 27 Sep 2023 20:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39421
IP address blocks: 203.55.81.0/24 maxlen: 32
2a13:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d8:49:25:ff:11:e9:bf:c3:73:a1:73:ee:78:53:21:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9522ab67922ce0275e8c61abfa82d2a754af6dc4
Validity
Not Before: Sep 27 20:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c07656f65b60f3b1935627969e61d3bf98c1f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:62:d0:c8:9f:61:8c:36:33:2d:b6:cd:b8:7a:
e2:2d:df:b5:f0:e3:fa:2d:c8:03:da:ca:1c:c4:d5:
e3:08:07:1b:ba:c3:96:82:7a:9d:18:30:6d:d3:55:
7c:b2:6c:32:59:5e:9f:02:cf:89:9a:a9:bf:34:1b:
1a:52:da:d2:11:dc:4a:83:91:18:bf:f7:98:15:64:
92:11:fe:09:b3:23:f3:9b:78:5e:15:71:38:d0:32:
14:cf:94:a4:b9:88:92:21:2b:47:97:10:8f:7a:db:
51:8a:2c:77:f8:3e:b1:21:93:3c:71:6d:bf:0c:4f:
92:79:88:6d:14:8a:ca:97:be:92:42:91:2a:93:13:
44:d3:a7:4c:44:dd:bd:79:57:12:78:bb:4f:0b:f8:
c2:1b:ab:ea:1f:d5:3c:b8:49:1b:7a:b2:8c:e9:3b:
1e:bc:11:fb:65:e7:e3:b3:3c:e4:67:f4:92:34:73:
ca:9e:a0:74:60:95:1d:0c:10:f3:b7:11:de:17:82:
8e:aa:94:4d:a9:99:ce:da:22:35:ab:ca:7b:b0:37:
b0:9b:50:68:48:a1:0f:ed:3f:62:70:5d:cb:20:8a:
5f:9e:da:f0:af:3b:a8:c1:4a:8e:f4:5d:0f:8d:01:
50:b6:63:f8:29:79:09:62:29:22:ba:3e:a7:ea:d2:
52:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:07:65:6F:65:B6:0F:3B:19:35:62:79:69:E6:1D:3B:F9:8C:1F:1C
X509v3 Authority Key Identifier:
keyid:95:22:AB:67:92:2C:E0:27:5E:8C:61:AB:FA:82:D2:A7:54:AF:6D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/LAdlb2W2DzsZNWJ5aeYdO_mMHxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/68918e-e9da-406b-9931-e526a9409fb8/1/lSKrZ5Is4CdejGGr-oLSp1SvbcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.55.81.0/24
IPv6:
2a13:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
5b:c1:50:c7:c1:31:a3:f5:48:7e:fa:e6:d6:b7:8a:75:8f:6d:
a4:bb:f9:e7:ca:1c:ff:05:a2:ce:9e:d8:0d:e0:4c:c0:78:7e:
42:26:49:03:7b:f1:27:b4:ea:66:b0:b9:b9:a1:cb:c9:09:c6:
ee:03:ce:37:7d:04:51:25:82:a4:22:8f:98:4f:5b:32:69:ac:
c9:4f:8e:76:d0:1f:36:c0:2c:08:5d:c2:52:a5:b6:b5:d0:7e:
89:d1:6e:08:f1:56:23:a5:22:26:de:1a:4c:5a:3c:4e:6c:ed:
ee:fa:20:42:56:e2:66:9d:2f:e0:fc:95:98:2f:f7:28:8c:d7:
42:7d:d3:5a:74:62:cf:42:8e:1f:a2:2a:54:35:c5:a0:b5:f8:
02:f0:cb:d2:a6:48:37:c1:a3:38:8d:e4:c9:e8:cc:72:a0:51:
f6:91:40:6b:82:4e:a7:3d:c9:c6:22:54:67:a2:3c:59:8c:1d:
b1:d8:52:00:d1:9e:c7:a5:c5:a3:4b:b5:90:b0:5c:f0:7b:49:
f0:bb:62:d4:c7:6a:5a:96:b7:35:8f:6a:6f:c1:0b:88:63:20:
92:46:83:4e:f7:45:dc:c7:c4:b9:e3:c0:a8:cc:93:f6:6e:8c:
62:47:18:33:8d:ce:42:f2:48:1c:8b:dc:e8:de:f9:84:d9:ab:
6b:30:d2:b3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYrYSSX/Eem/w3Ohc+54UyHFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MjJhYjY3OTIyY2UwMjc1ZThjNjFhYmZhODJkMmE3NTRh
ZjZkYzQwHhcNMjMwOTI3MjAxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzA3NjU2ZjY1YjYwZjNiMTkzNTYyNzk2OWU2MWQzYmY5OGMxZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2LQyJ9hjDYzLbbNuHriLd+18OP6
LcgD2socxNXjCAcbusOWgnqdGDBt01V8smwyWV6fAs+Jmqm/NBsaUtrSEdxKg5EY
v/eYFWSSEf4JsyPzm3heFXE40DIUz5SkuYiSIStHlxCPettRiix3+D6xIZM8cW2/
DE+SeYhtFIrKl76SQpEqkxNE06dMRN29eVcSeLtPC/jCG6vqH9U8uEkberKM6Tse
vBH7ZefjszzkZ/SSNHPKnqB0YJUdDBDztxHeF4KOqpRNqZnO2iI1q8p7sDewm1Bo
SKEP7T9icF3LIIpfntrwrzuowUqO9F0PjQFQtmP4KXkJYikiuj6n6tJS4QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCwHZW9ltg87GTVieWnmHTv5jB8cMB8GA1UdIwQY
MBaAFJUiq2eSLOAnXoxhq/qC0qdUr23EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEt
ZTUyNmE5NDA5ZmI4LzEvTEFkbGIyVzJEenNaTldKNWFlWWRPX21NSHh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy82ODkxOGUtZTlkYS00MDZiLTk5MzEtZTUyNmE5NDA5ZmI4
LzEvbFNLclo1SXM0Q2RlakdHci1vTFNwMVN2YmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAyzdRMA0E
AgACMAcDBQAqE8fAMA0GCSqGSIb3DQEBCwUAA4IBAQBbwVDHwTGj9Uh++ubWt4p1
j22ku/nnyhz/BaLOntgN4EzAeH5CJkkDe/EntOpmsLm5ocvJCcbuA843fQRRJYKk
Io+YT1syaazJT4520B82wCwIXcJSpba10H6J0W4I8VYjpSIm3hpMWjxObO3u+iBC
VuJmnS/g/JWYL/cojNdCfdNadGLPQo4foipUNcWgtfgC8MvSpkg3waM4jeTJ6Mxy
oFH2kUBrgk6nPcnGIlRnojxZjB2x2FIA0Z7HpcWjS7WQsFzwe0nwu2LUx2palrc1
j2pvwQuIYyCSRoNO90Xcx8S548CozJP2boxiRxgzjc5C8kgci9zo3vmE2atrMNKz
-----END CERTIFICATE-----
Generated at Wed Apr 16 07:27:39 2025 by rpki-client