Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aLowHgBw8LuvTlZ08K7yLUrKWTQ.roa
File: aLowHgBw8LuvTlZ08K7yLUrKWTQ.roa (raw, json)
Hash identifier: C4f1v//Gf6qYFC4YZfl8gEb4blgpY+ZtzhSSJ3Rn5sU=
Subject key identifier: 68:BA:30:1E:00:70:F0:BB:AF:4E:56:74:F0:AE:F2:2D:4A:CA:59:34
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188819F7A4DB1F58E4C8C21DEB41B6D233E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aLowHgBw8LuvTlZ08K7yLUrKWTQ.roa
Signing time: Sat 03 Jun 2023 14:18:12 +0000
ROA not before: Sat 03 Jun 2023 14:18:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60117
IP address blocks: 188.241.136.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:81:9f:7a:4d:b1:f5:8e:4c:8c:21:de:b4:1b:6d:23:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 3 14:18:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68ba301e0070f0bbaf4e5674f0aef22d4aca5934
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:cf:d3:66:ab:aa:ab:6f:d8:f8:70:cb:ac:21:
57:89:1e:31:bc:6a:0d:ab:08:d7:7f:b4:0d:90:15:
bd:85:4a:e2:01:90:89:b2:55:c9:9c:55:8d:b8:f0:
d4:ef:00:68:dd:0d:42:25:8f:a8:6b:bf:41:8c:4c:
17:49:e4:65:c1:99:9c:4a:2d:92:cb:38:66:85:25:
c9:5c:34:12:15:a6:6d:60:a0:a1:16:0f:16:bc:13:
a8:06:66:e7:06:b5:42:92:f1:71:79:57:c6:79:36:
45:5f:2d:e3:e0:9e:91:cc:65:0c:cc:91:5a:9c:b9:
cb:a9:f4:18:42:45:d3:12:9c:3f:4b:ec:39:02:19:
e3:78:95:e3:2c:52:7c:01:e0:14:7e:1f:87:84:b6:
34:be:49:32:c6:5d:0d:c1:03:53:20:69:8d:08:97:
31:02:aa:17:28:27:4d:04:ff:17:66:e8:2f:f0:50:
88:f1:90:b6:b8:91:7e:90:73:ce:31:84:fb:91:18:
30:a8:fe:47:aa:01:47:68:0e:e2:8f:72:a7:1d:e5:
84:e3:82:70:83:cf:a1:16:0d:1b:f4:cc:40:e1:27:
c2:62:1f:5a:6c:2f:dc:9d:94:eb:e3:2e:f3:d5:78:
fa:2d:07:73:10:86:4c:46:0c:fa:5d:8a:f1:57:1b:
55:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:BA:30:1E:00:70:F0:BB:AF:4E:56:74:F0:AE:F2:2D:4A:CA:59:34
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aLowHgBw8LuvTlZ08K7yLUrKWTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.129.0/24
188.241.136.0/24
Signature Algorithm: sha256WithRSAEncryption
37:54:c8:46:20:92:e0:ab:1b:44:e4:45:80:56:b3:01:52:50:
be:39:88:bc:4b:d5:64:e4:59:e6:f1:e6:a7:e0:0b:05:d5:01:
12:cf:ba:29:16:7e:bb:97:c0:09:c2:2d:b6:88:de:75:02:16:
09:3e:4f:15:f1:33:77:ca:ae:77:c7:58:d3:7c:bd:f6:23:bb:
d1:35:07:2f:42:c8:0c:f4:e1:b3:f0:f9:3a:a9:fc:4f:f3:cb:
16:35:61:f8:e8:a4:e5:b2:e9:8d:4b:6b:3f:ed:d0:b2:0f:d3:
bd:ae:11:5e:66:62:f9:b0:62:d8:7d:ab:e9:29:bd:fe:47:1c:
f9:26:e4:94:9d:48:84:03:8f:5a:98:c1:04:cb:8a:b7:e1:1d:
df:e7:83:1f:64:75:b1:7a:e5:9e:a6:72:2f:14:21:80:1f:cd:
37:92:f3:0a:05:cc:d4:bd:4a:b2:9b:c1:d7:04:c7:77:bd:36:
4d:39:f3:1f:24:a1:83:94:86:79:da:63:5e:c5:6f:c4:b8:3e:
bf:a6:95:09:e3:b6:09:47:9c:0f:0f:16:90:ee:f4:0a:3e:6b:
7b:5b:d4:60:bf:99:3e:91:04:71:9b:3b:aa:cc:4c:c1:20:cf:
43:d0:d4:a6:e6:f0:80:d1:d4:89:49:c7:34:9d:b0:9d:ac:47:
e9:7e:91:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYiBn3pNsfWOTIwh3rQbbSM+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjAzMTQxODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGJhMzAxZTAwNzBmMGJiYWY0ZTU2NzRmMGFlZjIyZDRhY2E1OTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8/TZquqq2/Y+HDLrCFXiR4xvGoN
qwjXf7QNkBW9hUriAZCJslXJnFWNuPDU7wBo3Q1CJY+oa79BjEwXSeRlwZmcSi2S
yzhmhSXJXDQSFaZtYKChFg8WvBOoBmbnBrVCkvFxeVfGeTZFXy3j4J6RzGUMzJFa
nLnLqfQYQkXTEpw/S+w5AhnjeJXjLFJ8AeAUfh+HhLY0vkkyxl0NwQNTIGmNCJcx
AqoXKCdNBP8XZugv8FCI8ZC2uJF+kHPOMYT7kRgwqP5HqgFHaA7ij3KnHeWE44Jw
g8+hFg0b9MxA4SfCYh9abC/cnZTr4y7z1Xj6LQdzEIZMRgz6XYrxVxtVTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGi6MB4AcPC7r05WdPCu8i1Kylk0MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYUxvd0hnQnc4THV2VGxaMDhLN3lMVXJLV1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSOBAwQA
vPGIMA0GCSqGSIb3DQEBCwUAA4IBAQA3VMhGIJLgqxtE5EWAVrMBUlC+OYi8S9Vk
5Fnm8ean4AsF1QESz7opFn67l8AJwi22iN51AhYJPk8V8TN3yq53x1jTfL32I7vR
NQcvQsgM9OGz8Pk6qfxP88sWNWH46KTlsumNS2s/7dCyD9O9rhFeZmL5sGLYfavp
Kb3+Rxz5JuSUnUiEA49amMEEy4q34R3f54MfZHWxeuWepnIvFCGAH803kvMKBczU
vUqym8HXBMd3vTZNOfMfJKGDlIZ52mNexW/EuD6/ppUJ47YJR5wPDxaQ7vQKPmt7
W9Rgv5k+kQRxmzuqzEzBIM9D0NSm5vCA0dSJScc0nbCdrEfpfpES
-----END CERTIFICATE-----
Generated at Sat May 10 22:14:07 2025 by rpki-client