Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/lFosLfBznZzCrfbrYYRmzInd9BU.roa
File: lFosLfBznZzCrfbrYYRmzInd9BU.roa (raw, json)
Hash identifier: MCjhCr3Jufp3LVyjxX6WTLc9VKvdiZOAztcMlIggGUk=
Subject key identifier: 94:5A:2C:2D:F0:73:9D:9C:C2:AD:F6:EB:61:84:66:CC:89:DD:F4:15
Certificate issuer: /CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Certificate serial: 01857328463169EA2AD6F44A641BEEB9DDB7
Authority key identifier: EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/lFosLfBznZzCrfbrYYRmzInd9BU.roa
Signing time: Mon 02 Jan 2023 15:44:57 +0000
ROA not before: Mon 02 Jan 2023 15:44:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44606
IP address blocks: 45.156.244.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:28:46:31:69:ea:2a:d6:f4:4a:64:1b:ee:b9:dd:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef9f1e38265410b3c2a922d3169c4f2995141a2d
Validity
Not Before: Jan 2 15:44:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=945a2c2df0739d9cc2adf6eb618466cc89ddf415
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:1e:bd:33:29:0f:63:6d:de:1e:c9:f9:3e:75:
c8:6f:d9:2a:4a:fd:43:3d:70:ab:08:d9:71:7d:85:
74:3f:79:9c:40:87:74:e7:4e:cb:9d:b0:89:b1:82:
5e:5f:a0:91:69:ac:04:10:33:c6:77:44:ae:d9:12:
b7:e8:c7:79:b3:2a:b0:82:d4:27:a1:15:1e:1e:77:
a6:1b:76:f7:d1:f9:a2:cd:b3:ab:45:0b:3e:eb:53:
bd:39:6c:b6:81:54:a1:5b:9e:09:49:35:e6:84:82:
5d:4a:7d:25:d1:30:23:25:22:c1:c3:f9:fb:39:3f:
95:f6:9f:68:0d:1b:76:45:74:e0:7d:35:53:72:d5:
01:2a:63:b8:ba:ad:97:32:93:8c:5c:a1:cb:06:10:
39:35:56:ab:3f:97:13:3a:2e:6b:e5:54:5f:ad:5c:
9c:a2:37:3e:12:e9:80:09:30:79:86:fe:3e:91:d9:
a7:ca:d6:e8:b9:bc:47:8b:04:ed:99:7f:c9:de:48:
9e:0b:c8:c9:73:24:2a:34:7a:ee:0c:f5:6b:7f:71:
d5:00:68:82:80:20:08:78:2e:56:3b:5d:7c:b8:9e:
ab:12:4e:e1:9c:ee:9c:30:04:80:af:17:30:51:ad:
d7:a2:85:6b:49:5c:ec:2c:6f:53:a6:55:c7:7a:6f:
8e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:5A:2C:2D:F0:73:9D:9C:C2:AD:F6:EB:61:84:66:CC:89:DD:F4:15
X509v3 Authority Key Identifier:
keyid:EF:9F:1E:38:26:54:10:B3:C2:A9:22:D3:16:9C:4F:29:95:14:1A:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/758eOCZUELPCqSLTFpxPKZUUGi0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/lFosLfBznZzCrfbrYYRmzInd9BU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/d6fb1c-95c3-4bff-8556-8057da754452/1/758eOCZUELPCqSLTFpxPKZUUGi0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.244.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:8e:15:01:ac:a7:69:56:f5:72:cf:07:8e:90:11:2b:24:4e:
51:b3:c6:6d:b2:82:ab:ab:bf:59:9f:45:d3:d1:2a:de:b8:b0:
57:19:b9:9d:71:30:6f:ee:d8:13:da:88:01:4e:db:17:de:2e:
46:17:c3:1e:62:90:8b:55:a6:13:6e:9f:d4:89:0c:28:aa:42:
a3:9b:34:06:7a:7e:51:02:50:75:10:1d:0c:fd:48:83:1a:1e:
4b:4f:36:07:8e:d6:7e:11:94:b5:0f:53:83:3f:be:0a:cd:77:
ad:63:02:b4:0c:41:4e:20:ac:9f:9e:9f:85:45:ec:b6:7b:e4:
75:7a:1e:eb:78:dd:1d:98:59:b2:b7:bd:47:78:0d:c8:15:f1:
c5:dd:6e:41:0b:de:7f:56:17:55:9c:c2:f0:18:30:42:84:f6:
1f:e9:34:39:40:bf:a3:cd:65:e5:8e:3d:dc:4d:f1:95:a6:56:
0b:e0:a6:af:b1:30:03:97:04:d6:21:ad:43:bc:ab:ae:8e:27:
cb:83:04:b0:bf:ab:9e:b1:6d:a5:43:16:89:90:ed:75:33:64:
3e:e5:a6:b2:7f:79:cd:28:05:aa:70:f6:a2:a6:2b:66:63:c5:
73:f2:7b:cd:e2:7e:93:78:67:3e:ee:d8:59:13:04:bd:0e:e6:
89:6f:bb:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzKEYxaeoq1vRKZBvuud23MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmOWYxZTM4MjY1NDEwYjNjMmE5MjJkMzE2OWM0ZjI5OTUx
NDFhMmQwHhcNMjMwMTAyMTU0NDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDVhMmMyZGYwNzM5ZDljYzJhZGY2ZWI2MTg0NjZjYzg5ZGRmNDE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1x69MykPY23eHsn5PnXIb9kqSv1D
PXCrCNlxfYV0P3mcQId0507LnbCJsYJeX6CRaawEEDPGd0Su2RK36Md5syqwgtQn
oRUeHnemG3b30fmizbOrRQs+61O9OWy2gVShW54JSTXmhIJdSn0l0TAjJSLBw/n7
OT+V9p9oDRt2RXTgfTVTctUBKmO4uq2XMpOMXKHLBhA5NVarP5cTOi5r5VRfrVyc
ojc+EumACTB5hv4+kdmnytboubxHiwTtmX/J3kieC8jJcyQqNHruDPVrf3HVAGiC
gCAIeC5WO118uJ6rEk7hnO6cMASArxcwUa3XooVrSVzsLG9TplXHem+OtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJRaLC3wc52cwq3262GEZsyJ3fQVMB8GA1UdIwQY
MBaAFO+fHjgmVBCzwqki0xacTymVFBotMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzU4ZU9DWlVFTFBDcVNMVEZweFBLWlVVR2kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kNmZiMWMtOTVjMy00YmZmLTg1NTYt
ODA1N2RhNzU0NDUyLzEvbEZvc0xmQnpuWnpDcmZicllZUm16SW5kOUJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kNmZiMWMtOTVjMy00YmZmLTg1NTYtODA1N2RhNzU0NDUy
LzEvNzU4ZU9DWlVFTFBDcVNMVEZweFBLWlVVR2kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZz0MA0G
CSqGSIb3DQEBCwUAA4IBAQAsjhUBrKdpVvVyzweOkBErJE5Rs8ZtsoKrq79Zn0XT
0SreuLBXGbmdcTBv7tgT2ogBTtsX3i5GF8MeYpCLVaYTbp/UiQwoqkKjmzQGen5R
AlB1EB0M/UiDGh5LTzYHjtZ+EZS1D1ODP74KzXetYwK0DEFOIKyfnp+FRey2e+R1
eh7reN0dmFmyt71HeA3IFfHF3W5BC95/VhdVnMLwGDBChPYf6TQ5QL+jzWXljj3c
TfGVplYL4KavsTADlwTWIa1DvKuujifLgwSwv6uesW2lQxaJkO11M2Q+5aayf3nN
KAWqcPaipitmY8Vz8nvN4n6TeGc+7thZEwS9DuaJb7tr
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:01:15 2025 by rpki-client