Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lmj7rDlmoZJQNaokNkn9KsNwGxI.roa
File: lmj7rDlmoZJQNaokNkn9KsNwGxI.roa (raw, json)
Hash identifier: 1JcyidimybsElbpHOWzdDytccBQx6Gl37FZbj+b5HeU=
Subject key identifier: 96:68:FB:AC:39:66:A1:92:50:35:AA:24:36:49:FD:2A:C3:70:1B:12
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01883354F13AC03393FCA0C1B486D343881E
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lmj7rDlmoZJQNaokNkn9KsNwGxI.roa
Signing time: Fri 19 May 2023 09:26:24 +0000
ROA not before: Fri 19 May 2023 09:26:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 135377
IP address blocks: 45.128.26.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:54:f1:3a:c0:33:93:fc:a0:c1:b4:86:d3:43:88:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 19 09:26:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9668fbac3966a1925035aa243649fd2ac3701b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:da:98:42:dc:a6:00:95:78:15:a8:81:fe:da:
01:d7:95:df:c3:dc:11:99:ef:14:2d:ff:a4:99:a1:
7d:b6:ba:d5:28:75:ca:45:83:03:01:78:8d:a7:dd:
a7:56:ec:f5:77:e0:0c:6f:cc:70:60:32:10:3c:23:
3b:e3:5d:2b:76:47:c4:83:a1:b1:35:16:c0:d7:a1:
a3:c4:c0:28:32:b3:8f:d4:90:f1:b1:d1:6e:b2:98:
3c:e7:a1:40:c9:8c:3a:ee:30:c0:b7:85:c2:5d:cc:
e4:ea:af:d0:b5:e4:7a:55:02:1f:25:bc:be:a1:d0:
a6:67:8a:af:0d:43:38:02:84:04:d2:02:86:10:8b:
30:13:d2:9d:e7:ff:2d:bf:eb:82:61:50:51:06:0f:
78:e4:d4:6f:4d:c9:47:f7:e4:81:8e:37:5b:c5:c4:
3c:63:1d:37:8b:40:80:0d:37:58:45:7c:38:d1:9e:
0c:51:1d:48:1b:46:34:99:a3:79:f5:47:52:c2:e9:
8d:de:18:74:30:e4:08:bf:03:6d:4c:94:88:98:bc:
cd:07:d0:2d:70:67:2f:da:d6:69:c3:42:b4:17:20:
d2:e1:98:21:09:3c:58:58:fd:5d:fb:fb:3e:ed:b9:
2c:76:af:ec:fb:7e:59:c1:00:72:6d:6c:f4:2c:fd:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:68:FB:AC:39:66:A1:92:50:35:AA:24:36:49:FD:2A:C3:70:1B:12
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/lmj7rDlmoZJQNaokNkn9KsNwGxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.26.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:39:78:b0:66:e4:53:d2:1b:89:d0:84:0a:a7:6c:3f:10:c5:
2b:52:21:de:d6:7d:22:76:61:de:b3:75:fd:8b:5f:e2:8f:3e:
c2:12:13:33:ff:0b:f8:4e:79:8a:7a:3e:a6:b3:2f:48:87:71:
35:4d:a7:1c:26:cf:1a:35:cd:ee:0a:ee:d1:ca:3f:ec:3e:f9:
64:5b:e9:0b:92:aa:dd:1e:d6:c4:14:0b:f0:23:5f:27:2b:13:
37:4e:75:d3:04:37:72:26:01:23:ea:47:4e:75:70:69:a7:c5:
72:72:d5:35:5c:51:c6:3c:b8:93:14:ba:64:f9:7e:e8:bd:08:
d6:41:c6:06:01:ed:0b:f1:95:f1:8d:21:48:f9:03:90:be:5a:
b6:28:7e:e9:13:2b:64:02:7e:3d:88:48:ed:45:ea:76:d0:04:
e5:27:24:59:af:2e:5a:b4:56:3d:9d:eb:46:f7:21:7b:e9:ef:
9e:e2:6f:c7:89:c4:fb:46:6b:fc:95:7f:5e:fb:4e:67:f6:d2:
1d:dc:e2:a8:4d:93:f3:82:32:e6:ae:d0:70:f4:7d:2e:f7:be:
71:9e:89:03:87:66:12:ba:5a:62:e7:db:65:3f:2e:13:5c:dd:
89:9e:ac:df:4b:e2:08:49:f8:38:db:d4:37:9d:04:b3:ee:dc:
42:99:1c:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgzVPE6wDOT/KDBtIbTQ4geMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwNTE5MDkyNjI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjY4ZmJhYzM5NjZhMTkyNTAzNWFhMjQzNjQ5ZmQyYWMzNzAxYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdqYQtymAJV4FaiB/toB15Xfw9wR
me8ULf+kmaF9trrVKHXKRYMDAXiNp92nVuz1d+AMb8xwYDIQPCM7410rdkfEg6Gx
NRbA16GjxMAoMrOP1JDxsdFuspg856FAyYw67jDAt4XCXczk6q/QteR6VQIfJby+
odCmZ4qvDUM4AoQE0gKGEIswE9Kd5/8tv+uCYVBRBg945NRvTclH9+SBjjdbxcQ8
Yx03i0CADTdYRXw40Z4MUR1IG0Y0maN59UdSwumN3hh0MOQIvwNtTJSImLzNB9At
cGcv2tZpw0K0FyDS4ZghCTxYWP1d+/s+7bksdq/s+35ZwQBybWz0LP0ZXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJZo+6w5ZqGSUDWqJDZJ/SrDcBsSMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvbG1qN3JEbG1vWkpRTmFva05rbjlLc053R3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYAaMA0G
CSqGSIb3DQEBCwUAA4IBAQCsOXiwZuRT0huJ0IQKp2w/EMUrUiHe1n0idmHes3X9
i1/ijz7CEhMz/wv4TnmKej6msy9Ih3E1TaccJs8aNc3uCu7Ryj/sPvlkW+kLkqrd
HtbEFAvwI18nKxM3TnXTBDdyJgEj6kdOdXBpp8VyctU1XFHGPLiTFLpk+X7ovQjW
QcYGAe0L8ZXxjSFI+QOQvlq2KH7pEytkAn49iEjtRep20ATlJyRZry5atFY9netG
9yF76e+e4m/HicT7Rmv8lX9e+05n9tId3OKoTZPzgjLmrtBw9H0u975xnokDh2YS
ulpi59tlPy4TXN2JnqzfS+IISfg429Q3nQSz7txCmRws
-----END CERTIFICATE-----
Generated at Sat May 10 06:58:28 2025 by rpki-client