Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/lsS3EiD_ZLYXoBKGXuWRMRu85AQ.roa
File: lsS3EiD_ZLYXoBKGXuWRMRu85AQ.roa (raw, json)
Hash identifier: VI+atJ7XKk0vQ+Fp+cY3QNLjHHXtAgnKtq8rWMS78Mk=
Subject key identifier: 96:C4:B7:12:20:FF:64:B6:17:A0:12:86:5E:E5:91:31:1B:BC:E4:04
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 08E7C3
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/lsS3EiD_ZLYXoBKGXuWRMRu85AQ.roa
Signing time: Wed 30 Mar 2022 16:36:16 +0000
ROA not before: Wed 30 Mar 2022 16:36:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16371
IP address blocks: 45.6.48.0/22 maxlen: 23
87.238.88.0/21 maxlen: 22
194.116.184.0/24 maxlen: 24
185.78.24.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 583619 (0x8e7c3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: Mar 30 16:36:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96c4b71220ff64b617a012865ee591311bbce404
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:8d:f4:a7:eb:93:a7:34:c6:0a:2e:f3:d6:e1:
d8:ca:85:d9:1a:2f:81:08:7c:07:1b:48:de:f2:57:
6e:d9:57:0f:fc:b0:b4:c2:66:ef:5c:c8:45:a4:36:
e3:e6:f6:56:2f:82:42:6f:4f:d7:f6:db:38:56:0b:
40:26:ee:39:e4:66:8b:7a:c0:ad:54:71:3d:e5:8f:
b1:a7:74:28:da:cf:35:a1:01:af:94:0e:03:03:de:
90:4d:21:ad:5f:ff:d2:87:e3:66:f9:24:ee:a8:91:
2c:e6:19:70:15:7e:fc:b5:0a:ed:08:72:1a:e1:94:
6b:d4:2f:8e:4e:2e:aa:a1:f0:60:dc:85:cf:2b:c9:
3d:40:eb:13:78:da:dd:e7:44:41:80:fb:4b:5e:bd:
2b:49:6a:dc:c7:3b:d5:6f:46:a5:bf:b3:59:74:fd:
a9:24:c7:1a:dd:e4:e9:76:16:4e:ba:12:1a:bb:d6:
7a:8e:bd:f5:5d:ea:a1:ee:a0:56:80:36:58:41:aa:
ec:52:9b:28:fc:aa:da:93:a1:7b:c9:c1:91:4e:8a:
23:d8:66:38:d8:22:d5:98:91:2f:63:46:db:7a:03:
0e:66:45:e4:f0:3b:58:e1:80:03:15:01:a3:ae:ee:
9d:68:00:27:20:7e:7c:56:f1:58:62:5b:83:76:05:
09:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:C4:B7:12:20:FF:64:B6:17:A0:12:86:5E:E5:91:31:1B:BC:E4:04
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/lsS3EiD_ZLYXoBKGXuWRMRu85AQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
87.238.88.0/21
185.78.24.0/22
194.116.184.0/24
Signature Algorithm: sha256WithRSAEncryption
28:0b:a2:0f:cb:06:40:9c:c5:56:f4:e7:00:99:19:51:5c:18:
45:2d:70:ac:65:8c:82:b7:f2:7a:9b:bd:77:8f:b2:71:38:16:
1f:63:34:1a:ee:32:44:56:ff:aa:57:14:0d:8a:04:a9:a1:ab:
23:ae:96:3e:2d:aa:bc:2d:47:44:e0:46:7a:20:7f:20:fc:f6:
b4:05:cb:f2:dc:6f:47:c7:85:ee:00:8f:75:4a:27:c9:c7:00:
2d:bd:8b:5e:b6:0b:03:3c:f9:12:c1:3c:71:c7:f5:fa:0d:9f:
23:56:2f:0e:3a:23:b5:87:25:f8:8b:5c:70:15:d5:a1:e3:bb:
d6:83:f8:8a:b0:c6:b0:f5:ae:62:1a:80:d1:1c:23:4b:fa:69:
23:18:e5:ca:e3:e2:d7:95:e0:c4:a3:ad:ae:d7:7e:b4:47:73:
1d:df:ca:3c:6b:3d:41:66:65:af:59:95:eb:7d:65:1a:77:44:
63:cc:c7:19:d8:f8:bc:95:15:22:b1:9f:b4:f3:ad:16:98:00:
a3:73:35:56:b6:29:14:f9:ee:01:4e:64:3b:fb:c6:4f:5e:a5:
fb:4a:ca:96:ea:5f:1a:ae:cf:b9:2d:41:7a:87:81:cf:c5:22:
19:ac:f6:f5:a5:f4:c4:5d:47:5d:6f:cf:b7:c5:89:1c:3d:67:
03:b3:c6:2f
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIDCOfDMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGQ4
ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjliNjlkZGMwHhcNMjIwMzMw
MTYzNjE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg5NmM0YjcxMjIwZmY2
NGI2MTdhMDEyODY1ZWU1OTEzMTFiYmNlNDA0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAz430p+uTpzTGCi7z1uHYyoXZGi+BCHwHG0je8ldu2VcP/LC0
wmbvXMhFpDbj5vZWL4JCb0/X9ts4VgtAJu455GaLesCtVHE95Y+xp3Qo2s81oQGv
lA4DA96QTSGtX//Sh+Nm+STuqJEs5hlwFX78tQrtCHIa4ZRr1C+OTi6qofBg3IXP
K8k9QOsTeNrd50RBgPtLXr0rSWrcxzvVb0alv7NZdP2pJMca3eTpdhZOuhIau9Z6
jr31Xeqh7qBWgDZYQarsUpso/Krak6F7ycGRTooj2GY42CLVmJEvY0bbegMOZkXk
8DtY4YADFQGjru6daAAnIH58VvFYYluDdgUJwQIDAQABo4ICGzCCAhcwHQYDVR0O
BBYEFJbEtxIg/2S2F6AShl7lkTEbvOQEMB8GA1UdIwQYMBaAFNj/cfKxqNYq9Eap
K6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
MlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEv
bHNTM0VpRF9aTFlYb0JLR1h1V1JNUnU4NUFRLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9l
YTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNhLzEvMlA5eDhyR28xaXIw
UnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLQYwAwQDV+5YAwQCuU4YAwQAwnS4
MA0GCSqGSIb3DQEBCwUAA4IBAQAoC6IPywZAnMVW9OcAmRlRXBhFLXCsZYyCt/J6
m713j7JxOBYfYzQa7jJEVv+qVxQNigSpoasjrpY+Laq8LUdE4EZ6IH8g/Pa0Bcvy
3G9Hx4XuAI91SifJxwAtvYtetgsDPPkSwTxxx/X6DZ8jVi8OOiO1hyX4i1xwFdWh
47vWg/iKsMaw9a5iGoDRHCNL+mkjGOXK4+LXleDEo62u1360R3Md38o8az1BZmWv
WZXrfWUad0RjzMcZ2Pi8lRUisZ+0860WmACjczVWtikU+e4BTmQ7+8ZPXqX7SsqW
6l8ars+5LUF6h4HPxSIZrPb1pfTEXUddb8+3xYkcPWcDs8Yv
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:11 2025 by rpki-client