Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JELiHMfFfH5IASX9gGJX25W_lac.roa
File: JELiHMfFfH5IASX9gGJX25W_lac.roa (raw, json)
Hash identifier: AQ3QmswkPbMt5hpaPafiG8Q1rxPJn1KOhzO6dxF3l4M=
Subject key identifier: 24:42:E2:1C:C7:C5:7C:7E:48:01:25:FD:80:62:57:DB:95:BF:95:A7
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0187A2E3F6D03C64F3670230C084462F87A2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JELiHMfFfH5IASX9gGJX25W_lac.roa
Signing time: Fri 21 Apr 2023 08:17:41 +0000
ROA not before: Fri 21 Apr 2023 08:17:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48011
IP address blocks: 45.135.38.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a2:e3:f6:d0:3c:64:f3:67:02:30:c0:84:46:2f:87:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 21 08:17:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2442e21cc7c57c7e480125fd806257db95bf95a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:4c:2b:3a:fa:48:ad:e5:e0:ce:60:01:42:97:
d5:df:00:05:25:1d:6f:07:ac:0e:c3:b3:aa:bc:9c:
2f:2e:ff:bd:2f:57:2d:1f:67:64:13:e0:46:84:d1:
85:05:51:c5:1d:08:df:0c:bb:63:82:3a:f9:3c:3c:
95:7b:24:97:5d:4a:3c:36:6f:a8:f1:87:e0:a5:4b:
9f:df:69:6f:b5:4f:a3:08:f4:e1:1a:f3:71:00:03:
c8:b6:b3:41:30:c6:fc:d2:74:c3:61:f3:7f:44:63:
d7:05:b7:bf:88:69:b8:11:1c:53:1e:13:a8:03:a9:
db:d5:74:88:7c:6d:03:a0:20:90:f2:24:8b:02:92:
16:83:b5:bb:a9:dd:18:6e:7c:a4:76:80:75:d6:9d:
27:78:be:7e:5f:fc:e6:52:89:19:08:14:4c:6a:da:
9d:ef:9b:42:87:f7:af:c8:2d:c0:6e:c5:e3:64:3f:
95:f5:d0:52:07:15:8b:db:c8:bc:f4:36:2d:2d:56:
d2:f5:b6:c2:3b:b2:42:45:bb:a9:b7:0e:c1:5c:77:
48:a4:15:32:64:63:03:d5:a9:57:2b:13:13:c4:01:
97:27:a8:6e:4c:4e:39:0a:23:94:50:60:57:d8:35:
cf:ef:9a:b1:ee:b4:c2:46:55:82:30:9d:78:84:3c:
32:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:42:E2:1C:C7:C5:7C:7E:48:01:25:FD:80:62:57:DB:95:BF:95:A7
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/JELiHMfFfH5IASX9gGJX25W_lac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.135.38.0/24
Signature Algorithm: sha256WithRSAEncryption
64:c9:e3:05:fb:bd:ef:2e:88:19:9d:ca:8f:82:62:d1:96:1f:
04:45:0c:b4:6b:b4:51:85:c2:d0:58:2f:2a:9e:de:15:56:79:
c9:15:c8:ac:76:ff:2b:0e:a5:8b:02:0c:1b:2e:5a:09:3b:a1:
db:c9:01:c5:ed:e2:80:dd:81:4e:80:1d:77:78:d2:10:29:91:
67:1e:fd:f2:3a:6b:2f:2b:be:49:7c:8c:4f:46:dd:38:3d:4e:
8f:70:11:5c:53:87:68:16:a5:ef:ae:79:9d:7a:bd:42:a4:97:
43:d4:57:a2:6c:b4:b4:2a:81:08:5c:e8:b4:93:03:67:fc:ce:
7a:75:91:a8:b8:4f:d6:94:b1:5a:11:77:af:21:a9:d3:a2:5c:
44:42:47:a5:f6:0a:39:a7:0b:30:20:ff:0c:36:cd:49:13:e4:
58:49:86:46:64:f6:4c:61:0b:e4:ed:ce:48:66:1a:76:ec:5c:
64:41:a5:e9:60:5b:6e:1c:19:b6:c3:cc:27:ba:c3:41:38:b6:
0f:79:c3:b6:77:7f:34:8f:e5:0f:b1:4a:f8:89:44:09:b7:9a:
bc:fd:78:31:3a:5c:44:a1:27:0b:e1:61:ea:70:a7:15:21:e8:
0b:a4:44:b6:53:b5:ab:23:14:f3:ea:3f:11:97:8a:32:64:95:
70:ae:c5:88
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYei4/bQPGTzZwIwwIRGL4eiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNDIxMDgxNzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDQyZTIxY2M3YzU3YzdlNDgwMTI1ZmQ4MDYyNTdkYjk1YmY5NWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0EwrOvpIreXgzmABQpfV3wAFJR1v
B6wOw7OqvJwvLv+9L1ctH2dkE+BGhNGFBVHFHQjfDLtjgjr5PDyVeySXXUo8Nm+o
8YfgpUuf32lvtU+jCPThGvNxAAPItrNBMMb80nTDYfN/RGPXBbe/iGm4ERxTHhOo
A6nb1XSIfG0DoCCQ8iSLApIWg7W7qd0YbnykdoB11p0neL5+X/zmUokZCBRMatqd
75tCh/evyC3AbsXjZD+V9dBSBxWL28i89DYtLVbS9bbCO7JCRbuptw7BXHdIpBUy
ZGMD1alXKxMTxAGXJ6huTE45CiOUUGBX2DXP75qx7rTCRlWCMJ14hDwyaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCRC4hzHxXx+SAEl/YBiV9uVv5WnMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvSkVMaUhNZkZmSDVJQVNYOWdHSlgyNVdfbGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYcmMA0G
CSqGSIb3DQEBCwUAA4IBAQBkyeMF+73vLogZncqPgmLRlh8ERQy0a7RRhcLQWC8q
nt4VVnnJFcisdv8rDqWLAgwbLloJO6HbyQHF7eKA3YFOgB13eNIQKZFnHv3yOmsv
K75JfIxPRt04PU6PcBFcU4doFqXvrnmder1CpJdD1FeibLS0KoEIXOi0kwNn/M56
dZGouE/WlLFaEXevIanTolxEQkel9go5pwswIP8MNs1JE+RYSYZGZPZMYQvk7c5I
Zhp27FxkQaXpYFtuHBm2w8wnusNBOLYPecO2d380j+UPsUr4iUQJt5q8/XgxOlxE
oScL4WHqcKcVIegLpES2U7WrIxTz6j8Rl4oyZJVwrsWI
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:59 2025 by rpki-client