Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/lVUr6BQr3TzVrzPRgbZ4ZVbKAQo.roa
File: lVUr6BQr3TzVrzPRgbZ4ZVbKAQo.roa (raw, json)
Hash identifier: /9waTxavjM/ZWTOHabyi4nuHVxuoT9s5jrgYDLvrPz4=
Subject key identifier: 95:55:2B:E8:14:2B:DD:3C:D5:AF:33:D1:81:B6:78:65:56:CA:01:0A
Certificate issuer: /CN=e0691dbafa3a8de070b07022de9adf74341fb4f2
Certificate serial: 0189C5074FEC3489F4C63BD064623C883263
Authority key identifier: E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/lVUr6BQr3TzVrzPRgbZ4ZVbKAQo.roa
Signing time: Sat 05 Aug 2023 09:28:57 +0000
ROA not before: Sat 05 Aug 2023 09:28:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210474
IP address blocks: 212.23.216.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:c5:07:4f:ec:34:89:f4:c6:3b:d0:64:62:3c:88:32:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0691dbafa3a8de070b07022de9adf74341fb4f2
Validity
Not Before: Aug 5 09:28:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95552be8142bdd3cd5af33d181b6786556ca010a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:aa:f7:18:0a:0a:c1:16:21:99:17:91:99:c4:
a6:e2:94:94:bc:85:62:45:c0:c4:40:7a:72:6f:47:
99:51:90:90:b9:72:96:97:d3:56:ac:05:c9:6b:90:
56:58:f2:61:56:21:eb:50:5d:b7:50:9d:50:98:7b:
27:26:12:7a:9e:26:f3:5b:2d:1d:a7:fb:e4:aa:73:
3f:87:00:68:aa:42:e7:9d:5c:c6:7a:d6:3f:22:76:
93:26:1e:55:b9:f4:6b:70:9b:4b:4d:82:a6:b3:c5:
a5:91:f7:ff:1f:aa:d2:87:85:1b:29:d6:1a:d4:2b:
bd:70:f1:e8:47:ca:29:47:0c:47:37:e2:d1:33:61:
b0:34:dd:7b:68:48:fc:19:aa:95:b2:38:56:46:ff:
f5:f7:3c:27:1c:3c:d6:6e:21:29:6c:0c:6d:60:87:
76:fe:cc:37:99:74:d4:f5:8a:d3:42:df:ea:da:bc:
11:f3:37:97:9b:73:5a:65:5d:b4:64:1c:83:8d:3a:
b1:ce:79:9d:6c:c5:2a:cf:1f:b0:f2:be:3b:0b:0e:
6d:b1:bf:d6:1f:c8:ee:28:7d:cf:f0:a5:bb:cd:61:
89:64:44:39:3e:4b:8a:ee:c6:7e:47:54:f2:aa:34:
ea:80:7d:c1:cb:15:52:55:d3:54:00:7a:fe:e8:60:
88:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:55:2B:E8:14:2B:DD:3C:D5:AF:33:D1:81:B6:78:65:56:CA:01:0A
X509v3 Authority Key Identifier:
keyid:E0:69:1D:BA:FA:3A:8D:E0:70:B0:70:22:DE:9A:DF:74:34:1F:B4:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Gkduvo6jeBwsHAi3prfdDQftPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/lVUr6BQr3TzVrzPRgbZ4ZVbKAQo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/f75c7d-e5b3-442f-a084-fd49eb3f19b1/1/4Gkduvo6jeBwsHAi3prfdDQftPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.23.216.0/24
Signature Algorithm: sha256WithRSAEncryption
22:ac:a9:2c:31:1b:9a:1d:4b:cc:e3:58:8c:51:bf:71:df:de:
fe:00:48:f7:8a:f2:98:2a:35:c8:7e:36:38:aa:58:7d:33:28:
50:ea:2a:0f:63:ae:f1:9e:34:51:5a:f5:f6:a6:3e:c9:03:18:
ce:d4:06:5b:5c:6b:2b:73:a7:b3:f5:bf:c2:b7:85:f8:59:42:
3a:c8:31:e8:f8:ad:00:a5:89:94:fe:54:4f:30:e8:f7:35:25:
05:7d:ea:52:81:ca:15:e8:da:a3:2b:43:82:85:3d:b2:3e:be:
98:12:a4:45:07:b2:c8:11:15:26:1c:4c:37:b4:f4:e9:f8:bd:
24:69:ed:0d:ea:b6:43:be:4a:f7:58:d9:38:78:e1:3b:da:81:
c5:fe:e8:45:d4:a7:e4:68:d8:a1:4c:bd:d6:f6:44:9a:0b:db:
d3:89:0a:49:29:41:f1:3d:d3:e7:b1:fd:7a:a5:39:ec:4f:e6:
ec:4b:f3:8d:84:b0:fb:5d:5c:48:47:66:b7:41:2b:fc:58:76:
90:4b:d3:ac:e2:5c:04:7b:8f:db:8d:d2:9c:eb:0c:f9:38:c8:
a5:a6:44:23:41:60:28:e3:af:a6:dc:83:1b:4c:d0:10:3b:6b:
bf:38:0a:2b:5a:d2:a6:39:ba:b2:e1:24:4d:f0:9c:c0:7c:3b:
35:95:a1:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnFB0/sNIn0xjvQZGI8iDJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNjkxZGJhZmEzYThkZTA3MGIwNzAyMmRlOWFkZjc0MzQx
ZmI0ZjIwHhcNMjMwODA1MDkyODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTU1MmJlODE0MmJkZDNjZDVhZjMzZDE4MWI2Nzg2NTU2Y2EwMTBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ar3GAoKwRYhmReRmcSm4pSUvIVi
RcDEQHpyb0eZUZCQuXKWl9NWrAXJa5BWWPJhViHrUF23UJ1QmHsnJhJ6nibzWy0d
p/vkqnM/hwBoqkLnnVzGetY/InaTJh5VufRrcJtLTYKms8Wlkff/H6rSh4UbKdYa
1Cu9cPHoR8opRwxHN+LRM2GwNN17aEj8GaqVsjhWRv/19zwnHDzWbiEpbAxtYId2
/sw3mXTU9YrTQt/q2rwR8zeXm3NaZV20ZByDjTqxznmdbMUqzx+w8r47Cw5tsb/W
H8juKH3P8KW7zWGJZEQ5PkuK7sZ+R1TyqjTqgH3ByxVSVdNUAHr+6GCIHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJVVK+gUK9081a8z0YG2eGVWygEKMB8GA1UdIwQY
MBaAFOBpHbr6Oo3gcLBwIt6a33Q0H7TyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQt
ZmQ0OWViM2YxOWIxLzEvbFZVcjZCUXIzVHpWcnpQUmdiWjRaVmJLQVFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9mNzVjN2QtZTViMy00NDJmLWEwODQtZmQ0OWViM2YxOWIx
LzEvNEdrZHV2bzZqZUJ3c0hBaTNwcmZkRFFmdFBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1BfYMA0G
CSqGSIb3DQEBCwUAA4IBAQAirKksMRuaHUvM41iMUb9x397+AEj3ivKYKjXIfjY4
qlh9MyhQ6ioPY67xnjRRWvX2pj7JAxjO1AZbXGsrc6ez9b/Ct4X4WUI6yDHo+K0A
pYmU/lRPMOj3NSUFfepSgcoV6NqjK0OChT2yPr6YEqRFB7LIERUmHEw3tPTp+L0k
ae0N6rZDvkr3WNk4eOE72oHF/uhF1KfkaNihTL3W9kSaC9vTiQpJKUHxPdPnsf16
pTnsT+bsS/ONhLD7XVxIR2a3QSv8WHaQS9Os4lwEe4/bjdKc6wz5OMilpkQjQWAo
46+m3IMbTNAQO2u/OAorWtKmObqy4SRN8JzAfDs1laHg
-----END CERTIFICATE-----
Generated at Thu May 8 05:44:24 2025 by rpki-client