Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/laUk9E5OArCHLah5OsVx8pkWPQg.roa
File: laUk9E5OArCHLah5OsVx8pkWPQg.roa (raw, json)
Hash identifier: WDGGFPpDRrIM0bRN8JimZAp1jNXdEO1Wae9XmrPboyc=
Subject key identifier: 95:A5:24:F4:4E:4E:02:B0:87:2D:A8:79:3A:C5:71:F2:99:16:3D:08
Certificate issuer: /CN=ebdb225471f2d6e41060b34185725485481014b8
Certificate serial: 01856E2672524AB8B99384A72E7275615700
Authority key identifier: EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/laUk9E5OArCHLah5OsVx8pkWPQg.roa
Signing time: Sun 01 Jan 2023 16:24:51 +0000
ROA not before: Sun 01 Jan 2023 16:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12996
IP address blocks: 185.201.125.0/24 maxlen: 24
185.201.124.0/22 maxlen: 24
185.201.124.0/24 maxlen: 24
185.201.126.0/24 maxlen: 24
185.201.127.0/24 maxlen: 24
193.57.14.0/23 maxlen: 23
193.57.22.0/23 maxlen: 23
194.63.251.0/24 maxlen: 24
194.63.252.0/24 maxlen: 24
194.63.253.0/24 maxlen: 24
194.63.248.0/21 maxlen: 24
194.63.248.0/23 maxlen: 24
194.63.248.0/24 maxlen: 24
194.63.249.0/24 maxlen: 24
194.63.250.0/24 maxlen: 24
151.249.125.0/24 maxlen: 24
151.249.121.0/24 maxlen: 24
151.249.122.0/24 maxlen: 24
185.134.244.0/22 maxlen: 22
151.249.123.0/24 maxlen: 24
151.249.124.0/24 maxlen: 24
151.249.120.0/21 maxlen: 24
151.249.120.0/24 maxlen: 24
151.249.127.0/24 maxlen: 24
194.63.254.0/24 maxlen: 24
194.63.255.0/24 maxlen: 24
2a01:5b40::/48 maxlen: 48
2a01:5b40:5::/48 maxlen: 48
2a01:5b40::/32 maxlen: 48
2a0f:c180::/29 maxlen: 29
2a01:5b40:c::/48 maxlen: 48
2a01:5b40:ac2::/48 maxlen: 48
2a0a:c340::/32 maxlen: 32
2a01:5b40:ac1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:72:52:4a:b8:b9:93:84:a7:2e:72:75:61:57:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebdb225471f2d6e41060b34185725485481014b8
Validity
Not Before: Jan 1 16:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95a524f44e4e02b0872da8793ac571f299163d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:7b:5b:79:f1:6c:53:98:b7:c5:f6:28:41:5c:
6c:05:f0:17:1d:2e:76:ea:2d:bc:e7:39:da:7a:7c:
df:81:8d:18:97:c4:c9:cf:cc:e5:f6:57:89:d3:64:
b8:71:fd:c9:bb:a3:b9:78:e8:d6:a3:3b:4a:c7:c1:
03:a8:51:38:0b:b8:6c:6b:b5:86:8d:15:8a:84:a5:
57:1c:36:09:c6:cd:ad:3d:25:0c:ef:c7:66:a4:6d:
3f:4d:ac:5f:74:fe:93:20:f4:5b:88:18:36:25:1e:
4a:5a:58:75:32:9b:3f:ee:0c:bb:a0:1d:69:f4:67:
9b:52:bc:5b:e8:52:49:7c:53:c8:db:54:93:16:de:
f9:10:26:5f:95:91:c0:9b:0c:9b:18:a3:d1:ea:6d:
2f:ef:e7:2a:f0:18:7f:09:54:27:ec:b1:50:e0:ae:
36:73:b2:93:5f:11:d0:c8:b1:6c:74:21:86:04:b3:
7d:db:4e:e4:88:cc:c9:37:53:46:b7:2b:07:ff:93:
08:f5:46:61:37:6f:04:b8:17:6a:a5:bb:94:9f:f0:
14:15:8d:f5:1a:d3:65:68:89:d2:cb:b8:49:8e:b4:
f5:2f:38:5c:4a:34:24:20:91:15:18:06:c2:43:a1:
83:55:6d:07:bb:a1:24:21:96:8b:ff:e8:62:46:ea:
a2:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A5:24:F4:4E:4E:02:B0:87:2D:A8:79:3A:C5:71:F2:99:16:3D:08
X509v3 Authority Key Identifier:
keyid:EB:DB:22:54:71:F2:D6:E4:10:60:B3:41:85:72:54:85:48:10:14:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/69siVHHy1uQQYLNBhXJUhUgQFLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/laUk9E5OArCHLah5OsVx8pkWPQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/376853-2abf-4232-91ff-09a5e8d960dd/1/69siVHHy1uQQYLNBhXJUhUgQFLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.249.120.0/21
185.134.244.0/22
185.201.124.0/22
193.57.14.0/23
193.57.22.0/23
194.63.248.0/21
IPv6:
2a01:5b40::/32
2a0a:c340::/32
2a0f:c180::/29
Signature Algorithm: sha256WithRSAEncryption
01:84:3c:d6:64:69:74:60:ba:a0:00:ee:8c:61:8c:da:86:ec:
ac:6c:f6:ab:a4:d8:72:a2:45:71:a7:45:a0:28:bb:81:9a:0c:
7d:6f:fd:90:ba:2d:79:fb:10:d5:be:49:32:85:fa:f2:d1:b6:
5f:b5:dc:56:4f:93:61:ca:59:9b:34:8e:b2:9e:37:f0:a3:90:
97:2b:c9:b6:de:89:23:99:99:54:40:38:f9:14:08:02:2e:35:
1f:dd:a4:2c:ba:6c:cf:8c:ae:27:55:dc:e6:1a:8e:80:76:7d:
40:cb:aa:cc:03:d6:11:d8:d0:57:ac:42:61:fb:9c:9c:b4:b0:
d1:bd:2e:93:54:13:44:07:b5:6f:06:eb:65:2b:40:3a:8c:b8:
e0:9b:34:e0:7e:13:58:d4:de:08:5c:ff:de:db:44:98:6f:1d:
93:bd:db:8f:67:b3:8c:3d:af:df:df:f3:5d:0c:62:d8:05:5f:
13:68:c4:8b:8a:09:92:9a:47:5b:8f:16:7f:bd:86:3b:18:03:
7b:dc:1d:80:26:f3:19:ed:18:49:01:31:3c:de:9a:e4:57:c9:
f4:17:15:0d:dd:a0:00:d4:49:fb:89:ae:0a:e6:7a:d5:9c:c7:
a0:1b:a9:86:4b:0a:36:1c:d5:f5:31:be:6a:50:ba:24:3c:f7:
37:f3:75:33
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVuJnJSSri5k4SnLnJ1YVcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZGIyMjU0NzFmMmQ2ZTQxMDYwYjM0MTg1NzI1NDg1NDgx
MDE0YjgwHhcNMjMwMTAxMTYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWE1MjRmNDRlNGUwMmIwODcyZGE4NzkzYWM1NzFmMjk5MTYzZDA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjntbefFsU5i3xfYoQVxsBfAXHS52
6i285znaenzfgY0Yl8TJz8zl9leJ02S4cf3Ju6O5eOjWoztKx8EDqFE4C7hsa7WG
jRWKhKVXHDYJxs2tPSUM78dmpG0/TaxfdP6TIPRbiBg2JR5KWlh1Mps/7gy7oB1p
9GebUrxb6FJJfFPI21STFt75ECZflZHAmwybGKPR6m0v7+cq8Bh/CVQn7LFQ4K42
c7KTXxHQyLFsdCGGBLN9207kiMzJN1NGtysH/5MI9UZhN28EuBdqpbuUn/AUFY31
GtNlaInSy7hJjrT1LzhcSjQkIJEVGAbCQ6GDVW0Hu6EkIZaL/+hiRuqikQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJWlJPROTgKwhy2oeTrFcfKZFj0IMB8GA1UdIwQY
MBaAFOvbIlRx8tbkEGCzQYVyVIVIEBS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYt
MDlhNWU4ZDk2MGRkLzEvbGFVazlFNU9BckNITGFoNU9zVng4cGtXUFFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zNzY4NTMtMmFiZi00MjMyLTkxZmYtMDlhNWU4ZDk2MGRk
LzEvNjlzaVZISHkxdVFRWUxOQmhYSlVoVWdRRkxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQDl/l4AwQC
uYb0AwQCucl8AwQBwTkOAwQBwTkWAwQDwj/4MBsEAgACMBUDBQAqAVtAAwUAKgrD
QAMFAyoPwYAwDQYJKoZIhvcNAQELBQADggEBAAGEPNZkaXRguqAA7oxhjNqG7Kxs
9quk2HKiRXGnRaAou4GaDH1v/ZC6LXn7ENW+STKF+vLRtl+13FZPk2HKWZs0jrKe
N/CjkJcrybbeiSOZmVRAOPkUCAIuNR/dpCy6bM+MridV3OYajoB2fUDLqswD1hHY
0FesQmH7nJy0sNG9LpNUE0QHtW8G62UrQDqMuOCbNOB+E1jU3ghc/97bRJhvHZO9
249ns4w9r9/f810MYtgFXxNoxIuKCZKaR1uPFn+9hjsYA3vcHYAm8xntGEkBMTze
muRXyfQXFQ3doADUSfuJrgrmetWcx6AbqYZLCjYc1fUxvmpQuiQ89zfzdTM=
-----END CERTIFICATE-----
Generated at Tue Apr 22 04:28:14 2025 by rpki-client