Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/LTxd5dkimwvc03ZYEUNmSObsp9g.roa
File: LTxd5dkimwvc03ZYEUNmSObsp9g.roa (raw, json)
Hash identifier: hgqOfYEhBkUGXNBHzHXBN+eQBSbPpoXPxfqYjIEzjbQ=
Subject key identifier: 2D:3C:5D:E5:D9:22:9B:0B:DC:D3:76:58:11:43:66:48:E6:EC:A7:D8
Certificate issuer: /CN=325a8b688deadbb91efbe0772308bac9f304a533
Certificate serial: 01824006CAA27BAE073E7D8195DCCD4C50A5
Authority key identifier: 32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/LTxd5dkimwvc03ZYEUNmSObsp9g.roa
Signing time: Wed 27 Jul 2022 14:19:23 +0000
ROA not before: Wed 27 Jul 2022 14:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204901
IP address blocks: 2a0b:6647:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:40:06:ca:a2:7b:ae:07:3e:7d:81:95:dc:cd:4c:50:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=325a8b688deadbb91efbe0772308bac9f304a533
Validity
Not Before: Jul 27 14:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d3c5de5d9229b0bdcd3765811436648e6eca7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7a:a9:ea:c7:f6:91:ae:27:4c:32:1a:64:9d:
75:17:e2:2e:a4:07:f1:6b:ee:3a:0b:e1:a0:c0:6b:
db:08:7e:e6:e3:0f:12:54:20:f8:2d:39:d8:99:5f:
82:61:8b:b6:da:a7:ff:74:9a:33:e7:62:4a:f9:c9:
fb:1b:8b:f7:ea:9e:11:f7:2e:5a:d4:4d:3b:90:88:
9d:9c:e4:3d:7d:31:2c:cd:d2:2d:fd:8e:7a:cc:bf:
b7:e1:c6:d3:9f:c8:bf:58:d6:76:75:90:43:30:73:
f7:c7:94:d4:c3:69:d9:82:bf:db:66:f0:0d:bf:9e:
88:08:05:37:0f:84:6a:8c:0d:bd:4e:dc:82:1a:7c:
b1:3c:ea:3a:85:d6:19:66:32:1c:e4:75:fa:33:a5:
ac:1f:d2:84:fd:6a:3b:48:28:37:e8:54:54:eb:c2:
de:f7:76:24:62:61:c4:1e:ba:b3:79:eb:e6:b3:1d:
d4:02:b0:53:55:0b:f6:72:64:8c:7e:d7:33:19:02:
e5:7e:08:ef:c1:6b:87:07:d0:f6:7f:5f:47:47:b5:
1e:9d:d0:20:7e:10:28:98:00:7e:fb:30:1f:ca:33:
0c:42:fb:1d:ef:f6:b9:42:e6:41:aa:cc:cf:6c:ab:
23:83:13:08:72:5f:a7:e6:f8:f9:6a:7c:74:ad:49:
1c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:3C:5D:E5:D9:22:9B:0B:DC:D3:76:58:11:43:66:48:E6:EC:A7:D8
X509v3 Authority Key Identifier:
keyid:32:5A:8B:68:8D:EA:DB:B9:1E:FB:E0:77:23:08:BA:C9:F3:04:A5:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlqLaI3q27ke--B3Iwi6yfMEpTM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/LTxd5dkimwvc03ZYEUNmSObsp9g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a35bc9-72e6-4979-b462-bb4a8672cc0c/1/MlqLaI3q27ke--B3Iwi6yfMEpTM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:6647:b000::/40
Signature Algorithm: sha256WithRSAEncryption
62:58:c1:27:fd:63:6f:9c:af:34:28:a9:aa:dd:8b:5c:3f:84:
73:dc:89:4f:03:ea:f5:fe:fb:8e:2b:13:22:1e:a6:26:ca:cd:
9c:a8:da:73:19:cd:14:3d:0c:32:7e:96:1a:84:49:71:26:24:
f7:a4:8a:9f:45:22:aa:bd:6e:58:73:b1:52:ee:4b:01:83:ae:
02:ff:07:bc:bf:48:a2:df:44:a3:b4:2a:ad:cb:9b:d6:39:05:
30:ca:cd:1e:99:08:9c:17:5e:95:c1:f3:3a:db:98:06:74:f6:
e1:fa:66:be:79:1e:95:4f:60:c8:0a:6d:0f:42:4a:db:d2:b3:
18:6b:86:74:96:9d:43:06:32:84:f7:b0:08:4a:11:47:b7:60:
a6:7b:88:c7:f2:d2:81:5f:66:fb:08:38:50:51:b1:9a:49:f4:
d0:56:a1:a7:63:3d:5e:50:b1:6b:a7:b0:a7:29:08:81:fa:04:
d8:e4:43:30:f3:09:d5:20:67:3b:05:f5:0d:cb:6e:ad:fe:d7:
82:a2:4e:58:6f:a1:90:d7:b9:ee:c7:1e:a5:31:18:f2:4e:bc:
3f:3d:a1:59:48:c9:a1:f0:15:ea:33:58:fb:d2:4b:96:cb:43:
01:a5:73:14:8f:4b:f6:a2:01:64:cb:fb:9f:81:0b:f7:49:01:
db:db:7f:11
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYJABsqie64HPn2BldzNTFClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNWE4YjY4OGRlYWRiYjkxZWZiZTA3NzIzMDhiYWM5ZjMw
NGE1MzMwHhcNMjIwNzI3MTQxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDNjNWRlNWQ5MjI5YjBiZGNkMzc2NTgxMTQzNjY0OGU2ZWNhN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHqp6sf2ka4nTDIaZJ11F+IupAfx
a+46C+GgwGvbCH7m4w8SVCD4LTnYmV+CYYu22qf/dJoz52JK+cn7G4v36p4R9y5a
1E07kIidnOQ9fTEszdIt/Y56zL+34cbTn8i/WNZ2dZBDMHP3x5TUw2nZgr/bZvAN
v56ICAU3D4RqjA29TtyCGnyxPOo6hdYZZjIc5HX6M6WsH9KE/Wo7SCg36FRU68Le
93YkYmHEHrqzeevmsx3UArBTVQv2cmSMftczGQLlfgjvwWuHB9D2f19HR7UendAg
fhAomAB++zAfyjMMQvsd7/a5QuZBqszPbKsjgxMIcl+n5vj5anx0rUkcQQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFC08XeXZIpsL3NN2WBFDZkjm7KfYMB8GA1UdIwQY
MBaAFDJai2iN6tu5HvvgdyMIusnzBKUzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjIt
YmI0YTg2NzJjYzBjLzEvTFR4ZDVka2ltd3ZjMDNaWUVVTm1TT2JzcDlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hMzViYzktNzJlNi00OTc5LWI0NjItYmI0YTg2NzJjYzBj
LzEvTWxxTGFJM3EyN2tlLS1CM0l3aTZ5Zk1FcFRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgtmR7Aw
DQYJKoZIhvcNAQELBQADggEBAGJYwSf9Y2+crzQoqardi1w/hHPciU8D6vX++44r
EyIepibKzZyo2nMZzRQ9DDJ+lhqESXEmJPekip9FIqq9blhzsVLuSwGDrgL/B7y/
SKLfRKO0Kq3Lm9Y5BTDKzR6ZCJwXXpXB8zrbmAZ09uH6Zr55HpVPYMgKbQ9CStvS
sxhrhnSWnUMGMoT3sAhKEUe3YKZ7iMfy0oFfZvsIOFBRsZpJ9NBWoadjPV5QsWun
sKcpCIH6BNjkQzDzCdUgZzsF9Q3Lbq3+14KiTlhvoZDXue7HHqUxGPJOvD89oVlI
yaHwFeozWPvSS5bLQwGlcxSPS/aiAWTL+5+BC/dJAdvbfxE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:11 2025 by rpki-client