Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/15ffeHxWhoIafY75z-hx3SMkBY0.roa
File: 15ffeHxWhoIafY75z-hx3SMkBY0.roa (raw, json)
Hash identifier: JkAAI0aiamOFNSTLac8o022uot/VfJzyMab4341jM0I=
Subject key identifier: D7:97:DF:78:7C:56:86:82:1A:7D:8E:F9:CF:E8:71:DD:23:24:05:8D
Certificate issuer: /CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Certificate serial: 0A90F415
Authority key identifier: 2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/15ffeHxWhoIafY75z-hx3SMkBY0.roa
Signing time: Sat 01 Jan 2022 05:52:30 +0000
ROA not before: Sat 01 Jan 2022 05:52:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 4002
IP address blocks: 2a02:970:2006::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177271829 (0xa90f415)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f0342e0d23ef7e06b1dff5cc6ee4fa17af8bd98
Validity
Not Before: Jan 1 05:52:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d797df787c5686821a7d8ef9cfe871dd2324058d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:73:34:8e:90:ff:57:a4:b8:0b:2d:38:8e:1a:
6b:9b:17:df:15:b2:bc:9f:3c:e6:cb:49:b5:35:29:
59:19:18:3f:3b:03:f9:44:c5:c6:2c:ea:6c:db:f8:
ba:7b:ae:b1:6b:87:4f:ea:38:5e:cf:5f:97:e3:e7:
7d:76:c3:6a:f8:bf:c9:fd:f4:9f:fe:cf:97:11:b3:
a8:d2:a5:9e:d4:fa:63:01:8b:d1:c6:62:db:7c:0a:
1b:4e:f9:1a:39:42:73:0a:a0:11:ab:f8:56:cc:08:
1d:da:6e:95:21:df:9f:21:5e:43:c2:c0:c4:e2:7e:
87:c9:c2:8a:68:d3:cd:60:1c:f6:7a:fb:46:0f:5b:
1e:f2:66:ac:a1:57:2e:1c:e0:0a:5e:6b:4c:b9:37:
95:5b:22:39:ac:81:85:9b:3a:0a:32:30:4e:24:ad:
89:45:23:0d:8c:54:a2:c3:53:19:0f:8a:7b:26:28:
7e:38:60:d8:67:d5:1e:17:a6:5f:86:d8:6c:1b:4e:
58:cf:31:0e:ba:6a:e1:09:ad:21:5a:3b:81:da:f4:
c2:48:5e:c9:68:2a:f1:36:bd:a3:fd:be:09:1f:42:
92:12:ea:8b:fd:1d:bc:e5:8b:ef:dd:07:42:50:d3:
6d:91:e7:9f:c0:b6:30:5f:2d:5d:fc:8f:00:37:71:
e3:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:97:DF:78:7C:56:86:82:1A:7D:8E:F9:CF:E8:71:DD:23:24:05:8D
X509v3 Authority Key Identifier:
keyid:2F:03:42:E0:D2:3E:F7:E0:6B:1D:FF:5C:C6:EE:4F:A1:7A:F8:BD:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LwNC4NI-9-BrHf9cxu5PoXr4vZg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/15ffeHxWhoIafY75z-hx3SMkBY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d1fd48-916b-4d83-96cc-c910af93e426/1/LwNC4NI-9-BrHf9cxu5PoXr4vZg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:970:2006::/48
Signature Algorithm: sha256WithRSAEncryption
04:13:ed:d1:1b:2f:71:dd:55:df:7e:9d:bd:ba:73:ae:b3:dc:
ed:bb:93:3c:44:64:64:88:7d:47:8e:e3:16:f8:c6:59:56:55:
75:2d:77:93:05:2e:bd:08:e9:c1:c9:a4:9d:97:c4:a5:ec:6c:
10:de:34:3c:7b:53:cd:c1:b0:4f:63:b9:39:5e:aa:b6:19:0a:
0c:1d:5e:00:91:b0:0c:87:9d:6f:24:90:52:0d:19:04:41:da:
98:b2:fe:b9:eb:61:f7:f6:39:fd:1d:13:6a:fb:7c:66:32:ed:
92:50:7e:cc:27:d2:b1:8d:f7:a0:c8:f8:7d:9f:46:87:0c:39:
0c:f5:01:83:f1:56:e7:aa:34:66:a1:e7:42:76:a3:ad:0f:1a:
69:51:7c:c2:50:0e:1f:db:8a:fc:85:4f:82:e7:6a:e5:53:81:
5c:a2:d3:38:a3:ca:6c:f2:9a:b2:49:3a:d6:8a:71:a7:38:dc:
9d:81:6c:24:aa:4a:c4:8e:b6:77:72:83:d6:a7:3d:10:6f:05:
f9:b6:5d:e4:59:aa:b1:e7:c6:39:f6:72:85:60:bf:ac:81:f1:
a1:7d:22:dd:88:ea:92:a2:82:7b:42:0d:41:5c:cf:d6:f1:c5:
eb:5a:04:e1:f8:73:68:97:e0:e3:a8:07:87:44:43:bd:53:3c:
40:04:4d:f7
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECpD0FTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjAzNDJlMGQyM2VmN2UwNmIxZGZmNWNjNmVlNGZhMTdhZjhiZDk4MB4XDTIyMDEw
MTA1NTIzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDc5N2RmNzg3YzU2
ODY4MjFhN2Q4ZWY5Y2ZlODcxZGQyMzI0MDU4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKxzNI6Q/1ekuAstOI4aa5sX3xWyvJ885stJtTUpWRkYPzsD
+UTFxizqbNv4unuusWuHT+o4Xs9fl+PnfXbDavi/yf30n/7PlxGzqNKlntT6YwGL
0cZi23wKG075GjlCcwqgEav4VswIHdpulSHfnyFeQ8LAxOJ+h8nCimjTzWAc9nr7
Rg9bHvJmrKFXLhzgCl5rTLk3lVsiOayBhZs6CjIwTiStiUUjDYxUosNTGQ+KeyYo
fjhg2GfVHhemX4bYbBtOWM8xDrpq4QmtIVo7gdr0wkheyWgq8Ta9o/2+CR9CkhLq
i/0dvOWL790HQlDTbZHnn8C2MF8tXfyPADdx46ECAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBTXl994fFaGghp9jvnP6HHdIyQFjTAfBgNVHSMEGDAWgBQvA0Lg0j734Gsd
/1zG7k+hevi9mDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0x3TkM0TkktOS1CckhmOWN4dTVQb1hyNHZaZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvZDFmZDQ4LTkxNmItNGQ4My05NmNjLWM5MTBhZjkzZTQyNi8x
LzE1ZmZlSHhXaG9JYWZZNzV6LWh4M1NNa0JZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
ZDFmZDQ4LTkxNmItNGQ4My05NmNjLWM5MTBhZjkzZTQyNi8xL0x3TkM0TkktOS1C
ckhmOWN4dTVQb1hyNHZaZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoCCXAgBjANBgkqhkiG9w0BAQsF
AAOCAQEABBPt0Rsvcd1V336dvbpzrrPc7buTPERkZIh9R47jFvjGWVZVdS13kwUu
vQjpwcmknZfEpexsEN40PHtTzcGwT2O5OV6qthkKDB1eAJGwDIedbySQUg0ZBEHa
mLL+ueth9/Y5/R0Tavt8ZjLtklB+zCfSsY33oMj4fZ9Ghww5DPUBg/FW56o0ZqHn
QnajrQ8aaVF8wlAOH9uK/IVPgudq5VOBXKLTOKPKbPKaskk61opxpzjcnYFsJKpK
xI62d3KD1qc9EG8F+bZd5FmqsefGOfZyhWC/rIHxoX0i3YjqkqKCe0INQVzP1vHF
61oE4fhzaJfg46gHh0RDvVM8QARN9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:17 2024 by rpki-client on console-ams.rpki-client.org