Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/LznUBdOrxpVwm9x_n4wVvkUddYI.roa
File: LznUBdOrxpVwm9x_n4wVvkUddYI.roa (raw, json)
Hash identifier: MfC9u/6zWWBtFpLjWrdr2hnkmDjygI6V43byOx5W1aY=
Subject key identifier: 2F:39:D4:05:D3:AB:C6:95:70:9B:DC:7F:9F:8C:15:BE:45:1D:75:82
Certificate issuer: /CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Certificate serial: 01852F30ECBAF8DF465772F454837F15BA3A
Authority key identifier: 99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/LznUBdOrxpVwm9x_n4wVvkUddYI.roa
Signing time: Tue 20 Dec 2022 11:00:13 +0000
ROA not before: Tue 20 Dec 2022 11:00:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13043
IP address blocks: 164.60.0.0/16 maxlen: 24
164.59.128.0/23 maxlen: 24
164.59.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:30:ec:ba:f8:df:46:57:72:f4:54:83:7f:15:ba:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99d3a2d6fad651678e96d24e24d19d71fe380409
Validity
Not Before: Dec 20 11:00:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2f39d405d3abc695709bdc7f9f8c15be451d7582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c2:5a:46:ca:b0:fe:ff:d4:86:5c:35:36:e3:
62:6b:86:c3:4f:7d:d8:cf:e7:81:1e:a2:cf:82:b9:
da:43:dd:c3:67:a2:0a:4d:bb:cd:ae:78:1d:4f:29:
4f:70:f0:90:32:60:0c:e4:01:32:7f:e5:85:41:41:
dc:75:53:b9:fa:9f:6a:d7:0a:60:5e:f2:3d:58:f8:
43:54:13:28:03:c9:64:94:7b:60:4a:0e:c6:2c:33:
e3:8a:23:3b:a1:56:f6:bc:86:7c:4e:9e:24:d9:86:
c0:e6:bd:36:e3:e8:83:78:58:74:e7:4f:a1:ff:de:
f2:3f:fd:76:90:64:c5:d2:2f:f0:16:24:99:07:ee:
c8:2c:eb:89:3f:ad:5e:67:37:78:74:95:78:4a:fa:
b7:c9:aa:ec:ed:14:1b:93:a9:c6:59:2d:d1:0f:1b:
0b:c6:af:fc:c0:97:41:fd:74:22:a3:8d:76:d0:3c:
09:c7:7f:22:3d:83:b4:3a:d7:19:47:7f:f8:0a:f6:
09:c0:01:02:30:37:5a:49:b8:0b:a2:b7:44:00:ed:
de:22:bf:d9:e1:f6:a9:f6:06:5e:cf:82:f8:54:93:
2f:ba:29:dd:59:ea:1c:22:ab:68:24:d1:6b:d4:6a:
a9:07:89:7a:0a:b5:73:32:06:35:19:a0:8d:16:8c:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:39:D4:05:D3:AB:C6:95:70:9B:DC:7F:9F:8C:15:BE:45:1D:75:82
X509v3 Authority Key Identifier:
keyid:99:D3:A2:D6:FA:D6:51:67:8E:96:D2:4E:24:D1:9D:71:FE:38:04:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mdOi1vrWUWeOltJOJNGdcf44BAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/LznUBdOrxpVwm9x_n4wVvkUddYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/410d94-af78-4397-adfe-48d738c5947d/1/mdOi1vrWUWeOltJOJNGdcf44BAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.59.128.0-164.59.130.255
164.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a6:53:05:db:c3:ec:0e:d7:28:8c:c8:de:68:06:f0:46:b3:7e:
8d:ac:99:1f:36:2f:fa:b5:d6:8f:be:c3:33:b6:ab:f1:8f:57:
81:44:13:d7:4d:5e:7e:6a:f1:a7:ee:94:b9:96:6f:15:d9:69:
e1:0b:e1:03:b0:60:6d:02:f0:e5:13:e5:a9:70:e9:88:76:f0:
b7:6a:21:1f:5e:ea:36:d1:6d:e4:bc:fe:51:fa:ea:8d:3c:94:
65:5f:e7:ae:98:cb:86:13:dd:c8:c3:51:55:e7:0b:45:df:89:
02:2e:ed:57:6d:a7:94:ae:17:97:22:9f:9f:e6:b3:90:c0:63:
fd:c8:03:a9:10:50:5a:3a:8b:52:9d:e7:e6:36:d3:ad:93:24:
5c:ba:17:68:4d:56:ab:e1:b4:c6:3e:0e:82:d5:24:4a:03:4e:
2b:72:e1:91:2e:ae:a1:a3:cc:04:bc:53:40:60:9c:ba:35:2e:
b4:19:21:f4:85:44:1d:5b:0f:90:39:58:9a:0e:b7:58:4e:1c:
40:28:f8:5e:19:aa:13:f7:4c:45:14:be:94:eb:9a:cf:81:db:
29:f3:e0:5b:37:1b:53:61:ea:ac:9c:13:67:45:af:d6:3c:df:
c8:6f:6e:94:42:48:07:b0:b2:2b:ad:13:95:02:07:6f:71:dd:
32:57:9c:c5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAYUvMOy6+N9GV3L0VIN/Fbo6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZDNhMmQ2ZmFkNjUxNjc4ZTk2ZDI0ZTI0ZDE5ZDcxZmUz
ODA0MDkwHhcNMjIxMjIwMTEwMDEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjM5ZDQwNWQzYWJjNjk1NzA5YmRjN2Y5ZjhjMTViZTQ1MWQ3NTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcJaRsqw/v/Uhlw1NuNia4bDT33Y
z+eBHqLPgrnaQ93DZ6IKTbvNrngdTylPcPCQMmAM5AEyf+WFQUHcdVO5+p9q1wpg
XvI9WPhDVBMoA8lklHtgSg7GLDPjiiM7oVb2vIZ8Tp4k2YbA5r024+iDeFh050+h
/97yP/12kGTF0i/wFiSZB+7ILOuJP61eZzd4dJV4Svq3yars7RQbk6nGWS3RDxsL
xq/8wJdB/XQio4120DwJx38iPYO0OtcZR3/4CvYJwAECMDdaSbgLordEAO3eIr/Z
4fap9gZez4L4VJMvuindWeocIqtoJNFr1GqpB4l6CrVzMgY1GaCNFowFhwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFC851AXTq8aVcJvcf5+MFb5FHXWCMB8GA1UdIwQY
MBaAFJnTotb61lFnjpbSTiTRnXH+OAQJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUt
NDhkNzM4YzU5NDdkLzEvTHpuVUJkT3J4cFZ3bTl4X240d1Z2a1VkZFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80MTBkOTQtYWY3OC00Mzk3LWFkZmUtNDhkNzM4YzU5NDdk
LzEvbWRPaTF2cldVV2VPbHRKT0pOR2RjZjQ0QkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAwDBAekO4AD
BACkO4IDAwCkPDANBgkqhkiG9w0BAQsFAAOCAQEAplMF28PsDtcojMjeaAbwRrN+
jayZHzYv+rXWj77DM7ar8Y9XgUQT101efmrxp+6UuZZvFdlp4QvhA7BgbQLw5RPl
qXDpiHbwt2ohH17qNtFt5Lz+UfrqjTyUZV/nrpjLhhPdyMNRVecLRd+JAi7tV22n
lK4XlyKfn+azkMBj/cgDqRBQWjqLUp3n5jbTrZMkXLoXaE1Wq+G0xj4OgtUkSgNO
K3LhkS6uoaPMBLxTQGCcujUutBkh9IVEHVsPkDlYmg63WE4cQCj4XhmqE/dMRRS+
lOuaz4HbKfPgWzcbU2HqrJwTZ0Wv1jzfyG9ulEJIB7CyK60TlQIHb3HdMlecxQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:12 2023 by rpki-client on console-ams.rpki-client.org