Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lypnzHlRLWYSgw-FljT_fGfGzSg.roa
File: lypnzHlRLWYSgw-FljT_fGfGzSg.roa (raw, json)
Hash identifier: sQ2LHq6wrLQ7HELI0elpWru61M0AhxWZb+NNiDDafRw=
Subject key identifier: 97:2A:67:CC:79:51:2D:66:12:83:0F:85:96:34:FF:7C:67:C6:CD:28
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0188FC23B2C150469D7C21048D0383D66F1E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lypnzHlRLWYSgw-FljT_fGfGzSg.roa
Signing time: Tue 27 Jun 2023 09:16:17 +0000
ROA not before: Tue 27 Jun 2023 09:16:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 82.153.242.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:fc:23:b2:c1:50:46:9d:7c:21:04:8d:03:83:d6:6f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 27 09:16:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=972a67cc79512d6612830f859634ff7c67c6cd28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c5:0d:68:e7:d9:4c:24:b8:77:0b:fb:ff:9b:
90:77:b9:7b:23:f1:f6:b6:cd:0d:4c:3c:c4:f7:5b:
a2:9f:8c:a7:49:8d:8b:ce:ef:88:9d:1a:14:bd:26:
c4:4c:cb:bb:6d:23:7e:8f:72:fd:1b:77:cd:b0:d9:
24:75:e8:7e:b3:ff:84:be:3b:1c:ff:34:52:20:fe:
73:53:a8:ea:c0:a9:b8:57:a2:89:8a:35:70:23:3b:
51:b6:b7:46:1e:14:ea:4b:79:a6:3a:28:eb:af:19:
bb:fb:c7:5e:a6:71:d7:be:33:ea:ee:7a:b9:ef:84:
be:29:12:59:01:55:1c:e1:29:94:62:23:44:ec:18:
38:3f:a9:72:23:71:e1:98:d3:a1:c8:a6:4e:b4:1d:
21:4c:d1:b7:af:78:15:6e:66:72:14:ab:98:c4:14:
5f:21:4d:33:46:c8:06:50:e2:e1:d4:9a:e2:04:91:
7c:e2:81:30:8f:bc:10:4b:60:56:8a:38:55:17:77:
b3:2d:10:81:a7:52:7f:18:32:e3:97:df:e0:a7:e9:
22:8c:80:0c:0d:1d:e9:c7:6f:fc:e0:84:6b:26:20:
5d:61:b1:ab:b5:7f:e0:8c:e4:58:38:bf:46:c5:8d:
7d:20:59:d9:1b:e4:24:8e:41:2b:db:ee:a4:61:77:
c9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:2A:67:CC:79:51:2D:66:12:83:0F:85:96:34:FF:7C:67:C6:CD:28
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lypnzHlRLWYSgw-FljT_fGfGzSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.242.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:22:e0:06:c0:78:3c:8a:e9:46:be:de:6b:98:88:44:a7:44:
0c:91:01:43:c2:4a:93:13:0a:4e:09:4e:22:80:54:ff:e2:e1:
60:d6:30:26:1d:50:fb:48:4a:88:4c:43:4f:80:df:cc:0b:2b:
6b:0b:b3:b2:36:be:75:93:fa:e6:57:49:30:c1:2d:17:6e:83:
db:14:21:33:f1:70:bd:78:37:66:2e:b0:56:43:43:13:70:8c:
f8:7d:60:2a:b9:fb:51:f1:a7:0f:b5:96:7d:d9:43:48:21:aa:
59:e2:0b:c3:76:c3:5c:22:4e:ac:57:b5:42:e5:00:c0:c9:b8:
bd:05:00:9f:ab:9f:5d:3c:70:3f:e6:14:84:7b:a5:31:2e:83:
e8:60:f5:40:26:2b:25:ab:e3:83:11:a2:63:47:3f:d2:10:a6:
d0:07:5f:47:dd:94:bc:cc:0e:bb:8a:5c:9c:36:c1:68:0a:a4:
a5:5a:5e:2f:56:0b:81:dd:21:dc:27:17:fe:9d:b2:99:80:9a:
87:2e:67:8f:30:7f:8d:13:81:74:77:f3:0f:b7:f2:12:a9:04:
e1:e9:14:67:c0:fc:55:af:c8:1c:a6:d8:5f:98:5d:98:91:c6:
e7:66:71:73:a8:c8:8c:8e:0f:54:3c:77:0b:57:ab:7e:a6:69:
73:b4:e2:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYj8I7LBUEadfCEEjQOD1m8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwNjI3MDkxNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzJhNjdjYzc5NTEyZDY2MTI4MzBmODU5NjM0ZmY3YzY3YzZjZDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMUNaOfZTCS4dwv7/5uQd7l7I/H2
ts0NTDzE91uin4ynSY2Lzu+InRoUvSbETMu7bSN+j3L9G3fNsNkkdeh+s/+Evjsc
/zRSIP5zU6jqwKm4V6KJijVwIztRtrdGHhTqS3mmOijrrxm7+8depnHXvjPq7nq5
74S+KRJZAVUc4SmUYiNE7Bg4P6lyI3HhmNOhyKZOtB0hTNG3r3gVbmZyFKuYxBRf
IU0zRsgGUOLh1JriBJF84oEwj7wQS2BWijhVF3ezLRCBp1J/GDLjl9/gp+kijIAM
DR3px2/84IRrJiBdYbGrtX/gjORYOL9GxY19IFnZG+QkjkEr2+6kYXfJfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJcqZ8x5US1mEoMPhZY0/3xnxs0oMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbHlwbnpIbFJMV1lTZ3ctRmxqVF9mR2ZHelNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpnyMA0G
CSqGSIb3DQEBCwUAA4IBAQAqIuAGwHg8iulGvt5rmIhEp0QMkQFDwkqTEwpOCU4i
gFT/4uFg1jAmHVD7SEqITENPgN/MCytrC7OyNr51k/rmV0kwwS0XboPbFCEz8XC9
eDdmLrBWQ0MTcIz4fWAquftR8acPtZZ92UNIIapZ4gvDdsNcIk6sV7VC5QDAybi9
BQCfq59dPHA/5hSEe6UxLoPoYPVAJislq+ODEaJjRz/SEKbQB19H3ZS8zA67ilyc
NsFoCqSlWl4vVguB3SHcJxf+nbKZgJqHLmePMH+NE4F0d/MPt/ISqQTh6RRnwPxV
r8gcpthfmF2YkcbnZnFzqMiMjg9UPHcLV6t+pmlztOI3
-----END CERTIFICATE-----
Generated at Sat May 17 02:30:32 2025 by rpki-client