Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/1-lbhSYhCOBuD3hLAAJBAV3id7Rg.roa
File: 1-lbhSYhCOBuD3hLAAJBAV3id7Rg.roa (raw, json)
Hash identifier: QdYsLIPFyBf5L3zc+btNTRqc8JOBx2WrXwtU5GWU5V4=
Subject key identifier: FA:56:E1:49:88:42:38:1B:83:DE:12:C0:00:90:40:57:78:9D:ED:18
Certificate issuer: /CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Certificate serial: 018AB6A98525A2EC63579F07135064B483D7
Authority key identifier: F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/1-lbhSYhCOBuD3hLAAJBAV3id7Rg.roa
Signing time: Thu 21 Sep 2023 07:34:37 +0000
ROA not before: Thu 21 Sep 2023 07:34:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50973
IP address blocks: 2a03:6947:100::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b6:a9:85:25:a2:ec:63:57:9f:07:13:50:64:b4:83:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f3b90781dbbebdb8ec42baf66488059ea5866aac
Validity
Not Before: Sep 21 07:34:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa56e1498842381b83de12c000904057789ded18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:36:c5:12:14:35:1f:98:58:99:3a:2f:51:19:
f8:66:fd:87:52:ef:25:70:73:af:ef:a3:09:e8:a0:
86:1d:0d:7e:72:5f:1e:17:0f:0c:07:39:c5:61:46:
c4:68:8e:89:b3:5a:9f:10:04:a8:f2:72:be:fb:01:
17:be:6d:74:38:4d:e5:10:06:6d:9d:3e:1d:51:7a:
0f:e9:f2:73:bd:77:34:56:6b:d6:24:7b:4f:05:74:
2a:23:88:e1:27:1a:7c:5d:ce:8d:f3:7f:92:3b:0b:
87:ab:17:7d:45:32:da:e3:30:44:70:e4:af:22:42:
5b:eb:85:bd:4b:16:b1:8c:23:85:d5:60:66:3f:e9:
ac:c0:f8:41:7e:1c:08:96:37:23:c1:8d:06:35:1a:
e4:e3:07:14:ae:72:10:96:b7:17:9c:bf:9c:b6:1d:
ab:ca:c1:00:85:01:43:12:bb:f2:1c:df:17:f4:d7:
b6:44:93:7a:d3:fa:f4:b3:ab:74:7d:13:ef:bd:a8:
72:47:d5:93:1d:ac:4e:4f:43:1b:15:af:dd:8e:0d:
c0:39:f7:96:c2:a0:2e:8b:93:e4:99:2b:ce:d2:29:
3b:9e:58:39:79:d9:c5:15:77:f6:8e:6a:61:e5:09:
39:a8:f0:b6:04:15:69:29:a0:1e:fd:78:d6:f9:61:
01:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:56:E1:49:88:42:38:1B:83:DE:12:C0:00:90:40:57:78:9D:ED:18
X509v3 Authority Key Identifier:
keyid:F3:B9:07:81:DB:BE:BD:B8:EC:42:BA:F6:64:88:05:9E:A5:86:6A:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/87kHgdu-vbjsQrr2ZIgFnqWGaqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/1-lbhSYhCOBuD3hLAAJBAV3id7Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/8c5808-3165-41dc-90a0-3ef5eb7c8598/1/87kHgdu-vbjsQrr2ZIgFnqWGaqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:6947:100::/40
Signature Algorithm: sha256WithRSAEncryption
9f:5b:a5:1a:60:e3:29:da:98:a0:88:5f:d8:8a:01:f8:78:f0:
56:ea:8f:43:3c:8d:91:7a:34:b3:5f:a1:cd:f8:27:23:17:d7:
80:20:71:7d:a9:c5:55:6b:64:24:e8:22:5d:18:dd:8f:3e:9e:
19:77:57:61:8c:fc:53:04:01:9f:71:88:b5:b6:dd:86:74:c5:
40:ff:8b:cb:f0:d3:49:e8:96:01:82:cf:a3:19:ec:2d:a0:d3:
ee:56:a9:24:88:3a:c4:6e:c2:9b:8c:a8:11:f4:f9:da:70:35:
0c:2f:00:07:1c:8e:4e:b6:51:d7:49:3b:06:6e:ec:89:83:9c:
65:1e:1e:50:99:e7:79:a1:d8:f7:a4:07:14:d3:c9:96:99:25:
da:bc:62:a1:4c:b8:42:d8:43:e4:af:2f:c6:33:e4:16:99:a4:
90:84:42:ef:fe:46:63:e5:80:d6:1c:a7:9c:ef:e4:48:e0:50:
fb:31:da:ca:0c:48:fb:ed:a9:8d:07:f7:ed:0b:84:40:4a:d8:
15:bd:e0:5d:d8:d2:0e:f9:46:d9:3d:36:ba:3a:1a:0e:d1:14:
7e:03:3c:ab:01:80:a0:18:72:cd:eb:2c:93:34:6a:d9:cd:b4:
91:50:61:0c:ea:15:5b:f3:4c:8b:ed:49:b1:0f:ff:aa:fc:45:
6f:52:46:80
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYq2qYUlouxjV58HE1BktIPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzYjkwNzgxZGJiZWJkYjhlYzQyYmFmNjY0ODgwNTllYTU4
NjZhYWMwHhcNMjMwOTIxMDczNDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTU2ZTE0OTg4NDIzODFiODNkZTEyYzAwMDkwNDA1Nzc4OWRlZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTbFEhQ1H5hYmTovURn4Zv2HUu8l
cHOv76MJ6KCGHQ1+cl8eFw8MBznFYUbEaI6Js1qfEASo8nK++wEXvm10OE3lEAZt
nT4dUXoP6fJzvXc0VmvWJHtPBXQqI4jhJxp8Xc6N83+SOwuHqxd9RTLa4zBEcOSv
IkJb64W9SxaxjCOF1WBmP+mswPhBfhwIljcjwY0GNRrk4wcUrnIQlrcXnL+cth2r
ysEAhQFDErvyHN8X9Ne2RJN60/r0s6t0fRPvvahyR9WTHaxOT0MbFa/djg3AOfeW
wqAui5PkmSvO0ik7nlg5ednFFXf2jmph5Qk5qPC2BBVpKaAe/XjW+WEBqQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPpW4UmIQjgbg94SwACQQFd4ne0YMB8GA1UdIwQY
MBaAFPO5B4Hbvr247EK69mSIBZ6lhmqsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvODdrSGdkdS12YmpzUXJyMlpJZ0ZucVdHYXF3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi84YzU4MDgtMzE2NS00MWRjLTkwYTAt
M2VmNWViN2M4NTk4LzEvMS1sYmhTWWhDT0J1RDNoTEFBSkJBVjNpZDdSZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTIvOGM1ODA4LTMxNjUtNDFkYy05MGEwLTNlZjVlYjdjODU5
OC8xLzg3a0hnZHUtdmJqc1FycjJaSWdGbnFXR2Fxdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoDaUcB
MA0GCSqGSIb3DQEBCwUAA4IBAQCfW6UaYOMp2pigiF/YigH4ePBW6o9DPI2RejSz
X6HN+CcjF9eAIHF9qcVVa2Qk6CJdGN2PPp4Zd1dhjPxTBAGfcYi1tt2GdMVA/4vL
8NNJ6JYBgs+jGewtoNPuVqkkiDrEbsKbjKgR9PnacDUMLwAHHI5OtlHXSTsGbuyJ
g5xlHh5Qmed5odj3pAcU08mWmSXavGKhTLhC2EPkry/GM+QWmaSQhELv/kZj5YDW
HKec7+RI4FD7MdrKDEj77amNB/ftC4RAStgVveBd2NIO+UbZPTa6OhoO0RR+Azyr
AYCgGHLN6yyTNGrZzbSRUGEM6hVb80yL7UmxD/+q/EVvUkaA
-----END CERTIFICATE-----
Generated at Tue Apr 8 12:55:15 2025 by rpki-client