Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/LONTO-l790HROn8NPI0gBV2PIoA.roa
File: LONTO-l790HROn8NPI0gBV2PIoA.roa (raw, json)
Hash identifier: vjheziVeeu8juaqcB7qQyuFXvsUS6H++WPmYeEiiyEU=
Subject key identifier: 2C:E3:53:3B:E9:7B:F7:41:D1:3A:7F:0D:3C:8D:20:05:5D:8F:22:80
Certificate issuer: /CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
Certificate serial: 172B4871
Authority key identifier: C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/LONTO-l790HROn8NPI0gBV2PIoA.roa
Signing time: Sat 01 Jan 2022 05:00:42 +0000
ROA not before: Sat 01 Jan 2022 05:00:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31493
IP address blocks: 194.33.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 388712561 (0x172b4871)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c77ff58d19af10bda4fcb0cf31e58de094bbbb48
Validity
Not Before: Jan 1 05:00:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ce3533be97bf741d13a7f0d3c8d20055d8f2280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:12:f3:49:d3:6f:6d:00:08:ad:c6:b6:e7:9c:
f6:44:c8:fe:e6:f1:e0:e3:02:71:97:57:92:65:84:
f6:79:b9:fd:29:e9:c2:21:91:bf:73:a7:82:9c:a2:
34:be:49:45:e4:f3:7c:00:87:2b:db:04:0b:69:ca:
ac:49:1a:cd:5f:df:88:76:1b:8a:53:a1:9a:51:85:
e7:fb:bc:b7:eb:37:f2:33:de:01:b8:39:24:da:95:
ba:9e:ae:63:ea:04:06:e0:09:9c:39:2a:7c:30:ab:
76:fb:80:94:fd:7b:63:4d:5e:8f:7e:41:3c:4a:da:
a9:2c:ed:8b:be:e2:5e:f3:d2:f2:38:d5:3d:f2:53:
cd:2a:fb:b6:c3:0e:3e:df:05:da:e6:f0:a1:9f:2f:
5e:78:2d:e0:a1:f8:ff:47:ec:1f:ac:61:54:6b:aa:
56:5f:1d:cf:b1:22:48:96:e4:1d:94:43:ee:61:11:
4b:c5:52:52:a1:50:09:9a:78:a1:65:17:18:3c:75:
32:20:ac:57:54:dc:91:54:e5:54:38:2a:6c:c1:1d:
59:3a:eb:0c:4b:ce:a2:34:4d:15:73:38:78:fb:a3:
7d:de:3f:a2:40:e6:36:67:54:7e:57:b3:32:50:0a:
42:8b:e9:7a:38:44:8f:9a:e1:04:2b:5b:59:e9:78:
d8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:E3:53:3B:E9:7B:F7:41:D1:3A:7F:0D:3C:8D:20:05:5D:8F:22:80
X509v3 Authority Key Identifier:
keyid:C7:7F:F5:8D:19:AF:10:BD:A4:FC:B0:CF:31:E5:8D:E0:94:BB:BB:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3_1jRmvEL2k_LDPMeWN4JS7u0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/LONTO-l790HROn8NPI0gBV2PIoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/846607-00c8-401d-bcfe-0a6f8b1c654d/1/x3_1jRmvEL2k_LDPMeWN4JS7u0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.63.0/24
Signature Algorithm: sha256WithRSAEncryption
55:e8:5d:25:ca:44:b4:6f:46:a6:fc:33:1c:05:18:f5:62:46:
86:00:a6:b1:f7:63:2a:1c:c0:41:cb:23:9d:ff:ee:dc:f6:2e:
cf:68:51:63:3e:b9:22:76:de:08:07:14:91:6f:2c:17:3a:ff:
9d:f3:6c:1d:fb:4b:ea:b7:b4:e6:a0:5c:38:21:fe:8d:d8:a1:
8e:78:b4:cd:87:36:93:82:4f:fb:35:c7:22:5e:d8:1d:96:a2:
02:bd:20:c6:03:41:c0:72:34:52:88:f1:8d:e8:23:95:52:09:
44:9f:b1:7d:cf:a0:32:01:17:2d:d0:6a:54:f4:d4:3a:ac:6f:
66:fa:23:e7:d7:d5:75:e6:ff:f2:99:31:96:fb:f6:07:96:ad:
d2:18:95:1f:59:40:08:a8:39:c2:9c:b4:80:be:2a:04:c5:dc:
e0:2b:75:36:60:43:49:8c:52:0b:50:e6:c0:75:b1:94:20:9c:
e1:f1:b8:4c:b0:36:db:3c:2a:ea:cf:c5:de:19:90:4f:ca:e7:
0c:6a:8f:39:0e:b0:50:f0:8e:a5:d4:47:a9:be:d0:10:79:f4:
02:81:b3:ed:66:9b:c3:02:6a:9d:c4:18:4b:33:27:b6:90:86:
d8:d6:83:82:6f:c0:f0:93:76:b6:f7:3e:6d:93:c2:c6:a8:3f:
89:2d:fd:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFytIcTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NzdmZjU4ZDE5YWYxMGJkYTRmY2IwY2YzMWU1OGRlMDk0YmJiYjQ4MB4XDTIyMDEw
MTA1MDA0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmNlMzUzM2JlOTdi
Zjc0MWQxM2E3ZjBkM2M4ZDIwMDU1ZDhmMjI4MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4S80nTb20ACK3Gtuec9kTI/ubx4OMCcZdXkmWE9nm5/Snp
wiGRv3OngpyiNL5JReTzfACHK9sEC2nKrEkazV/fiHYbilOhmlGF5/u8t+s38jPe
Abg5JNqVup6uY+oEBuAJnDkqfDCrdvuAlP17Y01ej35BPEraqSzti77iXvPS8jjV
PfJTzSr7tsMOPt8F2ubwoZ8vXngt4KH4/0fsH6xhVGuqVl8dz7EiSJbkHZRD7mER
S8VSUqFQCZp4oWUXGDx1MiCsV1TckVTlVDgqbMEdWTrrDEvOojRNFXM4ePujfd4/
okDmNmdUflezMlAKQovpejhEj5rhBCtbWel42IUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQs41M76Xv3QdE6fw08jSAFXY8igDAfBgNVHSMEGDAWgBTHf/WNGa8QvaT8
sM8x5Y3glLu7SDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3gzXzFqUm12RUwya19MRFBNZVdONEpTN3UwZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGIvODQ2NjA3LTAwYzgtNDAxZC1iY2ZlLTBhNmY4YjFjNjU0ZC8x
L0xPTlRPLWw3OTBIUk9uOE5QSTBnQlYyUElvQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGIv
ODQ2NjA3LTAwYzgtNDAxZC1iY2ZlLTBhNmY4YjFjNjU0ZC8xL3gzXzFqUm12RUwy
a19MRFBNZVdONEpTN3UwZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIhPzANBgkqhkiG9w0BAQsFAAOC
AQEAVehdJcpEtG9GpvwzHAUY9WJGhgCmsfdjKhzAQcsjnf/u3PYuz2hRYz65Inbe
CAcUkW8sFzr/nfNsHftL6re05qBcOCH+jdihjni0zYc2k4JP+zXHIl7YHZaiAr0g
xgNBwHI0UojxjegjlVIJRJ+xfc+gMgEXLdBqVPTUOqxvZvoj59fVdeb/8pkxlvv2
B5at0hiVH1lACKg5wpy0gL4qBMXc4Ct1NmBDSYxSC1DmwHWxlCCc4fG4TLA22zwq
6s/F3hmQT8rnDGqPOQ6wUPCOpdRHqb7QEHn0AoGz7WabwwJqncQYSzMntpCG2NaD
gm/A8JN2tvc+bZPCxqg/iS39lA==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:36:13 2025 by rpki-client