Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/Loh4GAsWwMB2UOBzCLPn0I1UcnQ.roa
File: Loh4GAsWwMB2UOBzCLPn0I1UcnQ.roa (raw, json)
Hash identifier: UKrcL0J+aBLL7Ep9N6zZmH4i7fNacB5B4A/oqQGV12Y=
Subject key identifier: 2E:88:78:18:0B:16:C0:C0:76:50:E0:73:08:B3:E7:D0:8D:54:72:74
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018C63871530B6F380B417058A0B90E6E853
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/Loh4GAsWwMB2UOBzCLPn0I1UcnQ.roa
Signing time: Wed 13 Dec 2023 14:14:06 +0000
ROA not before: Wed 13 Dec 2023 14:14:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8648
IP address blocks: 5.11.48.0/21 maxlen: 24
91.206.142.0/23 maxlen: 24
82.141.0.0/18 maxlen: 24
91.220.49.0/24 maxlen: 24
212.110.96.0/19 maxlen: 24
213.146.96.0/19 maxlen: 24
93.190.64.0/21 maxlen: 24
45.87.136.0/22 maxlen: 24
94.154.148.0/22 maxlen: 24
91.203.108.0/22 maxlen: 24
93.90.176.0/20 maxlen: 24
91.203.212.0/22 maxlen: 24
37.218.248.0/21 maxlen: 24
195.62.96.0/19 maxlen: 24
185.117.248.0/22 maxlen: 24
185.84.80.0/23 maxlen: 24
185.84.82.0/24 maxlen: 24
84.254.120.0/24 maxlen: 24
192.162.84.0/22 maxlen: 24
91.226.88.0/22 maxlen: 24
31.47.240.0/20 maxlen: 24
46.243.88.0/21 maxlen: 24
81.88.16.0/20 maxlen: 24
89.22.96.0/19 maxlen: 24
81.88.27.0/24 maxlen: 24
81.88.32.0/20 maxlen: 24
5.44.96.0/20 maxlen: 24
2a02:248::/32 maxlen: 48
2001:880::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:63:87:15:30:b6:f3:80:b4:17:05:8a:0b:90:e6:e8:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Dec 13 14:14:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e8878180b16c0c07650e07308b3e7d08d547274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:1f:a3:f0:72:8d:f8:b5:99:6a:f8:ec:f3:e8:
2c:e8:39:39:09:ee:84:f3:c5:b3:b5:ee:8b:86:2d:
72:4a:3b:bc:93:ae:5e:77:6d:14:f1:3b:51:fc:7f:
c5:78:9f:a7:75:d6:9b:3b:b8:24:6a:fa:8d:91:2c:
1a:cb:b9:34:67:2c:8c:7a:33:1e:d3:c9:72:0b:42:
00:58:4a:bb:18:f0:9a:bb:9b:e0:25:ff:51:70:8e:
c4:3d:1e:25:b1:1f:9a:40:8a:39:51:d1:a9:b2:87:
ad:6e:e6:eb:c1:e6:b7:62:f2:00:e5:3d:68:b9:e2:
c1:e5:e2:af:27:99:ee:9f:2f:92:fe:fa:4d:be:8e:
39:8c:52:68:1f:1c:58:08:80:36:64:40:ca:d1:98:
46:34:07:11:34:0b:eb:84:73:84:50:ea:c3:b1:ba:
2f:b5:f3:e0:ce:9c:67:ae:80:78:21:dd:8e:f9:04:
82:08:d1:8a:6a:2e:ce:d4:10:9a:4a:5c:9e:6c:2a:
07:ff:01:45:cc:33:65:67:74:8f:cf:8d:37:06:e5:
50:48:46:f6:8f:a1:dc:b9:4a:f8:a8:02:57:6c:ff:
fa:99:de:3e:59:e9:24:36:b2:3d:e1:e5:01:94:91:
a7:86:db:f7:22:d7:78:97:f4:49:7a:7f:5b:1e:82:
85:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:88:78:18:0B:16:C0:C0:76:50:E0:73:08:B3:E7:D0:8D:54:72:74
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/Loh4GAsWwMB2UOBzCLPn0I1UcnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.48.0/21
5.44.96.0/20
31.47.240.0/20
37.218.248.0/21
45.87.136.0/22
46.243.88.0/21
81.88.16.0-81.88.47.255
82.141.0.0/18
84.254.120.0/24
89.22.96.0/19
91.203.108.0/22
91.203.212.0/22
91.206.142.0/23
91.220.49.0/24
91.226.88.0/22
93.90.176.0/20
93.190.64.0/21
94.154.148.0/22
185.84.80.0-185.84.82.255
185.117.248.0/22
192.162.84.0/22
195.62.96.0/19
212.110.96.0/19
213.146.96.0/19
IPv6:
2001:880::/32
2a02:248::/32
Signature Algorithm: sha256WithRSAEncryption
52:ec:ab:c9:a7:6e:c8:e8:a2:51:04:e5:8d:f6:50:a4:d1:60:
36:a4:67:5b:1f:8e:78:30:30:11:63:ab:78:74:25:8f:71:d4:
cc:d9:f3:b3:c4:cc:73:e1:4a:d5:00:42:1a:83:a3:4f:90:8e:
e2:d2:f4:4e:b2:35:eb:50:82:42:68:66:bc:3b:5c:e0:75:9c:
e7:8a:d1:c9:60:d5:cc:f2:15:09:fb:d0:ed:a7:5d:f3:f2:84:
f5:b3:91:53:f0:48:27:ae:0f:91:00:d1:d9:d3:77:87:68:21:
4a:dd:61:2c:5e:f7:19:6f:c3:a0:66:93:b3:38:d6:c5:6d:71:
1b:16:11:e0:28:ac:24:db:7b:c3:6f:bc:5c:78:fb:17:66:81:
7e:3e:3e:39:d6:b3:fe:cd:b7:e9:ce:37:34:63:1f:70:a2:f5:
5b:a3:0d:e4:3d:ad:fa:0e:1d:c7:ac:55:f8:52:de:17:f5:f7:
ad:d0:06:04:e2:98:f2:1e:ae:05:6a:ba:0e:26:98:78:3d:7a:
f6:8a:dc:65:b8:86:57:1e:88:e4:ae:6b:cc:04:38:a4:90:5c:
3e:83:52:32:bc:5c:dd:bc:bd:a1:79:1e:72:8c:af:9a:ea:31:
25:1e:f8:b1:17:ee:ff:1a:00:e0:da:f8:9c:9a:18:31:79:4c:
22:37:e8:08
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAYxjhxUwtvOAtBcFiguQ5uhTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMxMjEzMTQxNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg4NzgxODBiMTZjMGMwNzY1MGUwNzMwOGIzZTdkMDhkNTQ3Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgR+j8HKN+LWZavjs8+gs6Dk5Ce6E
88Wzte6Lhi1ySju8k65ed20U8TtR/H/FeJ+nddabO7gkavqNkSway7k0ZyyMejMe
08lyC0IAWEq7GPCau5vgJf9RcI7EPR4lsR+aQIo5UdGpsoetbubrwea3YvIA5T1o
ueLB5eKvJ5nuny+S/vpNvo45jFJoHxxYCIA2ZEDK0ZhGNAcRNAvrhHOEUOrDsbov
tfPgzpxnroB4Id2O+QSCCNGKai7O1BCaSlyebCoH/wFFzDNlZ3SPz403BuVQSEb2
j6HcuUr4qAJXbP/6md4+WekkNrI94eUBlJGnhtv3Itd4l/RJen9bHoKFUQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFC6IeBgLFsDAdlDgcwiz59CNVHJ0MB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvTG9oNEdBc1d3TUIyVU9CekNMUG4wSTFVY25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBpwQCAAEwgaADBAMF
CzADBAQFLGADBAQfL/ADBAMl2vgDBAItV4gDBAMu81gwDAMEBFFYEAMEBFFYIAME
BlKNAAMEAFT+eAMEBVkWYAMEAlvLbAMEAlvL1AMEAVvOjgMEAFvcMQMEAlviWAME
BF1asAMEA12+QAMEAl6alDAMAwQEuVRQAwQAuVRSAwQCuXX4AwQCwKJUAwQFwz5g
AwQF1G5gAwQF1ZJgMBQEAgACMA4DBQAgAQiAAwUAKgICSDANBgkqhkiG9w0BAQsF
AAOCAQEAUuyryaduyOiiUQTljfZQpNFgNqRnWx+OeDAwEWOreHQlj3HUzNnzs8TM
c+FK1QBCGoOjT5CO4tL0TrI161CCQmhmvDtc4HWc54rRyWDVzPIVCfvQ7add8/KE
9bORU/BIJ64PkQDR2dN3h2ghSt1hLF73GW/DoGaTszjWxW1xGxYR4CisJNt7w2+8
XHj7F2aBfj4+Odaz/s236c43NGMfcKL1W6MN5D2t+g4dx6xV+FLeF/X3rdAGBOKY
8h6uBWq6DiaYeD169orcZbiGVx6I5K5rzAQ4pJBcPoNSMrxc3by9oXkecoyvmuox
JR74sRfu/xoA4Nr4nJoYMXlMIjfoCA==
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:50:03 2025 by rpki-client