Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LFiUcBD7AEcGVOrMDB-wY258Jc8.roa
File: LFiUcBD7AEcGVOrMDB-wY258Jc8.roa (raw, json)
Hash identifier: r+OxZsWOVMitG0v5KlX224uIowQVrMRNu46Kd4JVKGI=
Subject key identifier: 2C:58:94:70:10:FB:00:47:06:54:EA:CC:0C:1F:B0:63:6E:7C:25:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01890CEB590265473720BFDA5FBAA02687BB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LFiUcBD7AEcGVOrMDB-wY258Jc8.roa
Signing time: Fri 30 Jun 2023 15:28:17 +0000
ROA not before: Fri 30 Jun 2023 15:28:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61138
IP address blocks: 82.152.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:eb:59:02:65:47:37:20:bf:da:5f:ba:a0:26:87:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 15:28:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c58947010fb00470654eacc0c1fb0636e7c25cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:87:bc:eb:bb:cb:ba:a5:0f:72:d7:b6:36:ba:
8b:d9:87:89:39:dd:f7:80:ab:db:e7:76:ef:27:81:
54:ea:f9:42:01:e5:c9:db:23:3c:ed:a7:50:dc:b5:
ae:d3:50:52:81:f0:4e:59:a5:cf:6e:22:13:a3:88:
61:b0:c6:66:75:00:c6:ce:9d:bd:5d:86:ca:39:e9:
33:73:a4:85:fd:1f:80:7b:d2:cc:29:6a:02:ae:ac:
fc:b0:98:84:ef:01:0e:5d:64:d5:84:6c:0e:e7:8e:
f9:01:48:68:02:57:96:5c:b0:7e:8d:ac:c0:a8:2b:
85:09:82:18:9a:d8:19:56:1b:97:00:c5:b0:31:ca:
9b:73:23:57:4e:9d:24:f5:00:b3:bf:57:c5:07:a9:
2a:b9:c0:93:e0:a7:74:32:9b:61:43:88:95:9e:36:
d8:50:85:6e:b5:bb:65:fd:1a:4f:b4:ed:cc:db:4e:
03:09:df:91:aa:56:e1:dd:2f:eb:0d:0a:7b:80:c8:
d3:27:78:40:ab:c0:3d:e7:7d:d5:c9:88:d7:7d:ae:
64:b6:9b:e6:75:e1:08:54:f3:21:f5:98:ac:40:24:
43:ca:e8:42:6f:d0:e9:55:30:77:e3:fb:4d:a3:f2:
ab:96:09:90:9b:52:3f:0c:32:38:e7:de:18:24:43:
41:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:58:94:70:10:FB:00:47:06:54:EA:CC:0C:1F:B0:63:6E:7C:25:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LFiUcBD7AEcGVOrMDB-wY258Jc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.111.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ab:ee:7f:15:27:82:0e:0b:30:69:3e:74:03:8c:0a:1d:96:
a4:d3:57:69:88:aa:b0:88:7f:d0:c6:83:6b:17:59:02:17:dc:
dc:d3:fd:04:8b:b2:14:1e:12:ac:ec:dc:d6:d0:9d:4d:40:8f:
6e:3b:64:16:20:59:e9:90:cc:f7:eb:51:4f:3a:37:ac:52:37:
45:fe:cf:72:19:a8:1f:6e:35:35:09:a4:3e:aa:3e:70:00:6b:
d5:65:23:05:1d:15:ca:f5:d6:8d:00:40:af:c5:be:5e:3c:6c:
67:15:d5:ce:92:d2:bf:e3:4a:01:46:bf:d3:b2:73:18:65:e4:
5c:4f:37:c5:28:86:1a:cb:62:b8:ea:9b:3f:7b:a7:3d:2c:c0:
04:a4:77:26:6c:8d:f1:a7:88:c4:5e:11:50:91:9e:8f:14:b6:
74:1c:9e:26:b9:3b:16:1c:98:b2:0e:31:5a:f2:d7:76:3c:d2:
8c:63:a3:93:2b:c7:35:2c:5e:bf:26:84:71:b9:03:ff:21:79:
91:74:82:3f:3a:fa:40:1a:9c:6c:19:05:5d:f3:44:01:00:19:
d7:a8:da:ee:14:bf:7f:5c:1b:08:5f:fa:47:0d:1d:cb:8d:03:
01:58:a4:cf:6b:cf:18:2f:29:03:21:2e:fd:fd:f9:e3:d9:e1:
be:9b:e5:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYkM61kCZUc3IL/aX7qgJoe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjMwMTUyODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzU4OTQ3MDEwZmIwMDQ3MDY1NGVhY2MwYzFmYjA2MzZlN2MyNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYe867vLuqUPcte2NrqL2YeJOd33
gKvb53bvJ4FU6vlCAeXJ2yM87adQ3LWu01BSgfBOWaXPbiITo4hhsMZmdQDGzp29
XYbKOekzc6SF/R+Ae9LMKWoCrqz8sJiE7wEOXWTVhGwO5475AUhoAleWXLB+jazA
qCuFCYIYmtgZVhuXAMWwMcqbcyNXTp0k9QCzv1fFB6kqucCT4Kd0MpthQ4iVnjbY
UIVutbtl/RpPtO3M204DCd+Rqlbh3S/rDQp7gMjTJ3hAq8A9533VyYjXfa5ktpvm
deEIVPMh9ZisQCRDyuhCb9DpVTB34/tNo/KrlgmQm1I/DDI4594YJENBQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCxYlHAQ+wBHBlTqzAwfsGNufCXPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTEZpVWNCRDdBRWNHVk9yTURCLXdZMjU4SmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUphvMA0G
CSqGSIb3DQEBCwUAA4IBAQAtq+5/FSeCDgswaT50A4wKHZak01dpiKqwiH/QxoNr
F1kCF9zc0/0Ei7IUHhKs7NzW0J1NQI9uO2QWIFnpkMz361FPOjesUjdF/s9yGagf
bjU1CaQ+qj5wAGvVZSMFHRXK9daNAECvxb5ePGxnFdXOktK/40oBRr/TsnMYZeRc
TzfFKIYay2K46ps/e6c9LMAEpHcmbI3xp4jEXhFQkZ6PFLZ0HJ4muTsWHJiyDjFa
8td2PNKMY6OTK8c1LF6/JoRxuQP/IXmRdII/OvpAGpxsGQVd80QBABnXqNruFL9/
XBsIX/pHDR3LjQMBWKTPa88YLykDIS79/fnj2eG+m+Vh
-----END CERTIFICATE-----
Generated at Sat May 17 02:21:29 2025 by rpki-client