Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LBjnRQPvwkG7OUwSCwNmumWrPkA.roa
File: LBjnRQPvwkG7OUwSCwNmumWrPkA.roa (raw, json)
Hash identifier: eyR/q5cEUrQTS4A726IYJGjhyLxXvv35h0GhKEMtspQ=
Subject key identifier: 2C:18:E7:45:03:EF:C2:41:BB:39:4C:12:0B:03:66:BA:65:AB:3E:40
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01868226A98638FDB427B8B833880B1F6E41
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LBjnRQPvwkG7OUwSCwNmumWrPkA.roa
Signing time: Fri 24 Feb 2023 06:40:17 +0000
ROA not before: Fri 24 Feb 2023 06:40:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.196.0/22 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
85.209.160.0/22 maxlen: 24
85.209.163.0/24 maxlen: 24
5.180.48.0/22 maxlen: 24
85.208.112.0/22 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/22 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:26:a9:86:38:fd:b4:27:b8:b8:33:88:0b:1f:6e:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Feb 24 06:40:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2c18e74503efc241bb394c120b0366ba65ab3e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8e:fe:92:52:f7:0d:82:c5:0d:c0:20:e1:f7:
99:28:45:0c:ec:89:3c:ae:1c:8d:9f:de:7a:bc:ca:
b3:ee:4b:41:92:72:cc:51:a2:14:17:37:11:b8:5a:
82:e2:f3:52:49:47:10:55:02:42:4a:7f:2c:25:19:
c2:07:60:0a:6a:cc:36:e4:a3:34:e7:4d:6c:cb:b0:
64:db:1c:ea:65:09:22:f7:60:18:b6:02:e2:6d:96:
98:c2:70:ba:23:63:a7:bb:27:e7:53:85:f5:1e:30:
9e:f0:94:5b:9b:ad:a1:ad:c3:67:79:9d:a8:8e:c7:
6c:f2:2f:29:78:21:dd:e3:35:00:ca:18:a1:cb:ff:
94:ec:0a:62:66:04:e0:1a:47:35:4d:f6:e1:ff:3b:
e0:dc:86:9e:ce:df:d2:e6:5a:07:a0:2d:93:d9:8d:
4c:02:d0:e2:c8:d7:88:c4:5a:35:2a:81:c5:be:bd:
ea:d8:cc:42:d4:a5:b1:3a:9e:cd:93:89:55:e0:8f:
29:f2:ee:db:43:e2:8e:a3:2f:89:36:68:90:9d:22:
95:3a:f7:d5:cb:47:8f:44:c2:38:4d:61:3b:c9:18:
19:70:a9:0f:60:6f:08:1f:f8:3b:a1:b9:2a:8a:8d:
38:9f:75:b6:41:8b:ea:b0:89:4e:95:b4:5b:7f:e0:
5b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:18:E7:45:03:EF:C2:41:BB:39:4C:12:0B:03:66:BA:65:AB:3E:40
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/LBjnRQPvwkG7OUwSCwNmumWrPkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/22
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.199.255
45.8.203.0/24
45.8.252.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0/22
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
11:64:04:3a:05:0f:16:bd:3a:e4:80:72:4c:3f:bb:7a:60:b4:
a4:01:5b:d0:e3:4e:73:d2:e2:a0:2f:51:88:d8:27:81:59:4f:
a0:38:0c:ff:61:92:dd:50:3d:40:15:83:48:9f:27:b0:08:96:
db:62:9f:1a:95:fc:7f:5f:ff:53:c9:26:12:02:fa:68:5d:27:
e3:ce:89:1e:49:28:81:bd:af:8d:ed:5e:18:d9:f1:65:d8:aa:
02:f6:8c:16:5a:5b:de:e9:27:b0:9d:f9:16:dd:f9:2c:46:e4:
43:96:cd:fc:db:61:d1:79:cf:5c:6e:f4:6d:5f:0f:73:13:c1:
c3:e7:c3:dc:b7:5b:c4:56:e5:a7:97:09:0a:73:1a:6f:c9:55:
bb:7c:5d:89:d0:d2:62:ad:1a:8e:2d:0a:de:65:98:e7:8e:27:
5d:c5:ac:c4:bc:4d:a3:e3:a0:a5:88:3f:68:24:7d:90:b4:6f:
97:0a:fa:a9:c9:d1:58:65:01:8e:63:c2:6f:7b:2e:24:33:d1:
2a:9a:82:3d:74:c8:8e:ea:57:20:fe:4e:b5:0f:58:3f:76:b4:
7f:21:e8:57:05:4d:2a:d4:a8:04:d6:fe:a0:04:a5:13:df:4e:
52:15:7d:47:e6:39:5e:ae:66:a9:99:4b:5e:d6:95:af:fe:b1:
29:98:a3:4f
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAYaCJqmGOP20J7i4M4gLH25BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwMjI0MDY0MDE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYzE4ZTc0NTAzZWZjMjQxYmIzOTRjMTIwYjAzNjZiYTY1YWIzZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI7+klL3DYLFDcAg4feZKEUM7Ik8
rhyNn956vMqz7ktBknLMUaIUFzcRuFqC4vNSSUcQVQJCSn8sJRnCB2AKasw25KM0
501sy7Bk2xzqZQki92AYtgLibZaYwnC6I2OnuyfnU4X1HjCe8JRbm62hrcNneZ2o
jsds8i8peCHd4zUAyhihy/+U7ApiZgTgGkc1Tfbh/zvg3Iaezt/S5loHoC2T2Y1M
AtDiyNeIxFo1KoHFvr3q2MxC1KWxOp7Nk4lV4I8p8u7bQ+KOoy+JNmiQnSKVOvfV
y0ePRMI4TWE7yRgZcKkPYG8IH/g7obkqio04n3W2QYvqsIlOlbRbf+BbuQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFCwY50UD78JBuzlMEgsDZrplqz5AMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvTEJqblJRUHZ3a0c3T1V3U0N3Tm11bVdyUGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAgW0IAME
AgW0MAMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQDLQi4AwQDLQjA
AwQALQjLMAwDBAItCPwDBAMtCQADBAItQpgDBABV0GkDBAJV0HADBAJV0aADBALB
qNAwDQYJKoZIhvcNAQELBQADggEBABFkBDoFDxa9OuSAckw/u3pgtKQBW9DjTnPS
4qAvUYjYJ4FZT6A4DP9hkt1QPUAVg0ifJ7AIlttinxqV/H9f/1PJJhIC+mhdJ+PO
iR5JKIG9r43tXhjZ8WXYqgL2jBZaW97pJ7Cd+Rbd+SxG5EOWzfzbYdF5z1xu9G1f
D3MTwcPnw9y3W8RW5aeXCQpzGm/JVbt8XYnQ0mKtGo4tCt5lmOeOJ13FrMS8TaPj
oKWIP2gkfZC0b5cK+qnJ0VhlAY5jwm97LiQz0Sqagj10yI7qVyD+TrUPWD92tH8h
6FcFTSrUqATW/qAEpRPfTlIVfUfmOV6uZqmZS17Wla/+sSmYo08=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:37 2025 by rpki-client