Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/tLohO5dCUrrxiQvsUTc_OjZ5JDk.roa
File: tLohO5dCUrrxiQvsUTc_OjZ5JDk.roa (raw, json)
Hash identifier: CWVmHKUMUkjwI1CRhZMoDIrk+Bt5E+chkKdwJjr0KkU=
Subject key identifier: B4:BA:21:3B:97:42:52:BA:F1:89:0B:EC:51:37:3F:3A:36:79:24:39
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018C11F5F932A9138D0ECE22EC507086AB67
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/tLohO5dCUrrxiQvsUTc_OjZ5JDk.roa
Signing time: Mon 27 Nov 2023 18:06:21 +0000
ROA not before: Mon 27 Nov 2023 18:06:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56971
IP address blocks: 45.156.24.0/22 maxlen: 22
45.156.20.0/22 maxlen: 22
45.156.20.0/24 maxlen: 32
45.156.21.0/24 maxlen: 32
45.156.22.0/24 maxlen: 32
45.156.23.0/24 maxlen: 32
45.156.24.0/24 maxlen: 32
45.156.27.0/24 maxlen: 32
45.156.25.0/24 maxlen: 32
45.156.26.0/24 maxlen: 32
194.120.116.0/24 maxlen: 32
193.176.179.0/24 maxlen: 32
194.36.170.0/24 maxlen: 32
194.36.171.0/24 maxlen: 32
193.176.153.0/24 maxlen: 32
194.36.208.0/24 maxlen: 32
194.36.209.0/24 maxlen: 32
193.176.158.0/24 maxlen: 32
194.116.214.0/24 maxlen: 32
194.116.215.0/24 maxlen: 32
194.116.216.0/24 maxlen: 32
194.116.217.0/24 maxlen: 32
194.116.216.0/23 maxlen: 23
194.120.24.0/24 maxlen: 32
2a13:7c00::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:11:f5:f9:32:a9:13:8d:0e:ce:22:ec:50:70:86:ab:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Nov 27 18:06:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b4ba213b974252baf1890bec51373f3a36792439
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:72:e4:7f:02:85:ee:84:eb:85:87:0f:7a:
70:c4:7f:f4:46:81:f5:82:ff:a0:0a:0b:e6:eb:e8:
20:7a:09:50:c9:a9:09:ef:07:11:c0:16:77:f8:c4:
30:eb:dc:a0:cd:b3:07:23:0f:b0:a3:14:42:fc:0a:
16:12:d9:ac:86:91:fc:08:24:5a:a3:d2:87:ae:40:
3b:1f:aa:ba:0c:f5:12:08:7d:1a:a0:05:67:52:da:
ff:f2:cf:fe:65:5a:68:d4:01:ec:0a:a8:1d:1d:1e:
7c:6d:03:01:77:4d:e5:f0:b6:b2:76:58:c9:47:fc:
0f:95:b7:93:45:93:67:13:f3:40:a1:71:4e:d1:94:
ba:85:8f:33:4d:44:e5:21:a5:5e:2b:45:a1:65:3d:
f6:6c:b2:20:b6:88:9d:46:24:f7:1b:37:34:d9:9c:
b1:db:eb:1a:f2:76:95:1f:39:eb:af:e0:47:db:32:
11:d4:7c:7f:ce:e8:f1:f0:2f:82:4f:e0:1d:42:02:
f1:9f:44:b4:20:3f:49:c4:87:6d:20:51:4f:1b:9f:
76:7b:d4:dc:de:18:5c:f0:17:8f:82:bb:d4:79:cd:
a8:14:fe:36:df:c2:ba:26:6d:cf:c0:fc:53:d8:f6:
b6:45:58:a4:d3:28:3b:2c:7b:fc:c0:52:27:9d:13:
aa:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:BA:21:3B:97:42:52:BA:F1:89:0B:EC:51:37:3F:3A:36:79:24:39
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/tLohO5dCUrrxiQvsUTc_OjZ5JDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.20.0-45.156.27.255
193.176.153.0/24
193.176.158.0/24
193.176.179.0/24
194.36.170.0/23
194.36.208.0/23
194.116.214.0-194.116.217.255
194.120.24.0/24
194.120.116.0/24
IPv6:
2a13:7c00::/32
Signature Algorithm: sha256WithRSAEncryption
34:62:7a:5d:54:81:61:32:fc:2e:a1:34:8f:9f:31:98:a2:fd:
56:0c:ff:52:5b:66:4f:1d:96:38:8c:c9:66:4b:5c:78:64:f4:
53:21:2e:c3:99:e6:ef:d5:50:bc:d3:09:d8:19:c9:36:a2:30:
6f:90:a8:a1:cd:13:d4:38:bb:39:db:33:2a:f0:c9:e0:87:00:
07:a5:a0:a9:cc:ee:45:71:82:ba:be:22:e8:bf:23:43:53:f8:
85:b2:03:f6:1b:bf:13:e7:28:ae:23:8c:3d:57:b1:e4:65:51:
e2:5a:37:0e:df:a6:a9:0b:6c:48:15:20:68:38:a4:a9:fb:a0:
fa:d7:51:e4:ac:5d:2d:e7:7b:56:c7:04:95:bb:f9:fe:81:2b:
d5:ce:c4:7e:27:3e:32:54:4a:69:f4:14:45:41:69:d1:4e:f7:
69:55:b3:d9:f9:dc:8d:20:13:1c:0c:26:c3:0f:c8:a8:63:55:
1e:1a:14:59:72:ed:98:95:e7:d8:5e:ef:fe:1d:ec:ea:8c:39:
67:6e:14:95:38:26:fb:55:c5:ca:08:26:ea:7e:d5:d6:54:e6:
5b:7b:e4:7e:bc:5a:c4:19:1e:67:7f:d3:6e:30:64:b1:40:82:
98:82:ff:2f:ad:50:2b:be:a0:de:75:dd:71:b5:99:81:59:a6:
94:75:ab:96
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAYwR9fkyqRONDs4i7FBwhqtnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMxMTI3MTgwNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGJhMjEzYjk3NDI1MmJhZjE4OTBiZWM1MTM3M2YzYTM2NzkyNDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm5y5H8Che6E64WHD3pwxH/0RoH1
gv+gCgvm6+ggeglQyakJ7wcRwBZ3+MQw69ygzbMHIw+woxRC/AoWEtmshpH8CCRa
o9KHrkA7H6q6DPUSCH0aoAVnUtr/8s/+ZVpo1AHsCqgdHR58bQMBd03l8LaydljJ
R/wPlbeTRZNnE/NAoXFO0ZS6hY8zTUTlIaVeK0WhZT32bLIgtoidRiT3Gzc02Zyx
2+sa8naVHznrr+BH2zIR1Hx/zujx8C+CT+AdQgLxn0S0ID9JxIdtIFFPG592e9Tc
3hhc8BePgrvUec2oFP4238K6Jm3PwPxT2Pa2RVik0yg7LHv8wFInnROqDQIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFLS6ITuXQlK68YkL7FE3Pzo2eSQ5MB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvdExvaE81ZENVcnJ4aVF2c1VUY19Palo1SkRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTBMBAIAATBGMAwDBAItnBQD
BAItnBgDBADBsJkDBADBsJ4DBADBsLMDBAHCJKoDBAHCJNAwDAMEAcJ01gMEAcJ0
2AMEAMJ4GAMEAMJ4dDANBAIAAjAHAwUAKhN8ADANBgkqhkiG9w0BAQsFAAOCAQEA
NGJ6XVSBYTL8LqE0j58xmKL9Vgz/UltmTx2WOIzJZktceGT0UyEuw5nm79VQvNMJ
2BnJNqIwb5Cooc0T1Di7OdszKvDJ4IcAB6WgqczuRXGCur4i6L8jQ1P4hbID9hu/
E+coriOMPVex5GVR4lo3Dt+mqQtsSBUgaDikqfug+tdR5KxdLed7VscElbv5/oEr
1c7Efic+MlRKafQURUFp0U73aVWz2fncjSATHAwmww/IqGNVHhoUWXLtmJXn2F7v
/h3s6ow5Z24UlTgm+1XFyggm6n7V1lTmW3vkfrxaxBkeZ3/TbjBksUCCmIL/L61Q
K76g3nXdcbWZgVmmlHWrlg==
-----END CERTIFICATE-----
Generated at Sun Apr 27 13:00:16 2025 by rpki-client