Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/LZq7ulxXOlIUlUET95E09JljbGw.roa
File: LZq7ulxXOlIUlUET95E09JljbGw.roa (raw, json)
Hash identifier: CzFHIsvMhRGr8PfqC4RMG7gRagy4D3DTR/eVDL8Oetc=
Subject key identifier: 2D:9A:BB:BA:5C:57:3A:52:14:95:41:13:F7:91:34:F4:99:63:6C:6C
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 01846BC3C69F816B8B6B1FEDE9BD3E551F2C
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/LZq7ulxXOlIUlUET95E09JljbGw.roa
Signing time: Sat 12 Nov 2022 12:15:03 +0000
ROA not before: Sat 12 Nov 2022 12:15:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 64080
IP address blocks: 155.254.32.0/19 maxlen: 24
45.43.64.0/19 maxlen: 24
107.181.128.0/19 maxlen: 24
198.105.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:6b:c3:c6:9f:81:6b:8b:6b:1f:ed:e9:bd:3e:55:1f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Nov 12 12:15:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d9abbba5c573a5214954113f79134f499636c6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:bc:6d:96:58:85:73:76:33:b4:49:5e:38:aa:
fe:dc:fe:36:5d:46:7f:2c:8e:ee:8a:78:03:fb:3d:
d4:f7:97:c7:4d:dc:64:16:67:39:c0:c3:43:5d:49:
a9:b7:0d:d5:ad:8a:7f:3f:57:55:84:b8:64:1d:ed:
5c:e4:a1:66:97:5b:ac:7c:23:74:67:43:fb:61:b1:
d1:a6:25:59:f8:c5:09:de:1b:86:58:a0:13:bd:67:
08:d8:35:ac:e3:2c:7d:d7:ff:94:c2:d5:aa:b8:94:
39:8b:2e:70:de:e1:e3:7c:86:10:51:69:c2:50:e3:
83:2f:36:07:fe:26:94:d5:9c:c4:11:21:c8:c8:62:
4e:fe:9d:3d:b5:65:a5:20:19:8d:41:61:31:d6:cd:
58:3b:33:cf:d5:e0:0c:1b:a2:c3:96:ba:c4:d5:33:
93:70:98:dc:86:fb:00:46:bb:6e:ef:d1:a8:fa:20:
24:73:a7:09:03:d3:d9:27:6f:51:16:09:41:40:da:
66:0a:8e:66:cd:ec:8a:c3:88:ba:06:45:68:34:5d:
c3:c5:94:8f:d3:b8:38:d9:88:f8:52:fc:87:9e:25:
36:aa:f5:9f:50:30:de:50:2d:7b:80:35:c8:ff:2d:
29:8e:eb:f2:bf:ac:17:8b:1b:39:aa:4b:f2:a2:57:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9A:BB:BA:5C:57:3A:52:14:95:41:13:F7:91:34:F4:99:63:6C:6C
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/LZq7ulxXOlIUlUET95E09JljbGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.64.0/19
107.181.128.0/19
155.254.32.0/19
198.105.96.0/19
Signature Algorithm: sha256WithRSAEncryption
87:47:fa:a6:16:08:d5:27:b4:cb:d4:64:9a:2d:46:cb:e0:ca:
ac:6b:4e:55:6d:31:ef:20:1c:84:fa:c3:a0:14:93:64:74:c6:
fd:a6:ff:36:35:75:07:d5:66:86:4a:92:2b:d9:1e:1b:94:a4:
90:ea:1b:81:ba:e0:cd:59:a1:28:fb:75:40:e8:0b:92:d3:56:
8e:fa:9f:ab:dc:9b:cb:22:4d:a9:80:ae:8b:c9:07:22:df:e0:
14:f1:f5:84:17:d6:37:54:4b:de:3f:f4:e2:07:6f:f3:9f:94:
61:c6:25:83:57:dd:ab:4c:6a:b4:5f:6b:95:8c:c9:dd:0d:3d:
c2:26:da:1e:16:a4:ff:fb:60:0d:46:a4:f4:48:d8:67:e0:0f:
19:b9:58:3e:3a:54:e2:60:c8:0c:c9:7a:64:18:e2:43:5e:00:
b5:5b:c4:a0:9a:e2:15:8c:e3:f2:49:d3:16:da:5f:6e:8e:bd:
bb:83:e9:66:5f:25:6a:d6:a3:41:c9:1e:1c:e1:7e:eb:49:63:
1e:0c:90:70:d6:4f:86:cf:bb:a2:19:e9:11:a0:0f:7c:e0:86:
a7:ba:b5:93:b1:93:d3:80:bd:64:f0:03:75:05:de:c0:7d:82:
31:bd:65:38:46:58:ea:1e:8c:1d:ea:63:b8:64:6d:05:06:27:
51:c3:3a:7f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRrw8afgWuLax/t6b0+VR8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIxMTEyMTIxNTAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDlhYmJiYTVjNTczYTUyMTQ5NTQxMTNmNzkxMzRmNDk5NjM2YzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7xtlliFc3YztEleOKr+3P42XUZ/
LI7uingD+z3U95fHTdxkFmc5wMNDXUmptw3VrYp/P1dVhLhkHe1c5KFml1usfCN0
Z0P7YbHRpiVZ+MUJ3huGWKATvWcI2DWs4yx91/+UwtWquJQ5iy5w3uHjfIYQUWnC
UOODLzYH/iaU1ZzEESHIyGJO/p09tWWlIBmNQWEx1s1YOzPP1eAMG6LDlrrE1TOT
cJjchvsARrtu79Go+iAkc6cJA9PZJ29RFglBQNpmCo5mzeyKw4i6BkVoNF3DxZSP
07g42Yj4UvyHniU2qvWfUDDeUC17gDXI/y0pjuvyv6wXixs5qkvyoleOLQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFC2au7pcVzpSFJVBE/eRNPSZY2xsMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvTFpxN3VseFhPbElVbFVFVDk1RTA5SmxqYkd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFLStAAwQF
a7WAAwQFm/4gAwQFxmlgMA0GCSqGSIb3DQEBCwUAA4IBAQCHR/qmFgjVJ7TL1GSa
LUbL4Mqsa05VbTHvIByE+sOgFJNkdMb9pv82NXUH1WaGSpIr2R4blKSQ6huBuuDN
WaEo+3VA6AuS01aO+p+r3JvLIk2pgK6LyQci3+AU8fWEF9Y3VEveP/TiB2/zn5Rh
xiWDV92rTGq0X2uVjMndDT3CJtoeFqT/+2ANRqT0SNhn4A8ZuVg+OlTiYMgMyXpk
GOJDXgC1W8SgmuIVjOPySdMW2l9ujr27g+lmXyVq1qNByR4c4X7rSWMeDJBw1k+G
z7uiGekRoA984IanurWTsZPTgL1k8AN1Bd7AfYIxvWU4RljqHowd6mO4ZG0FBidR
wzp/
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:40:19 2025 by rpki-client