Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/L8KjWT3HHT-awkuM-5xak-oY4aM.roa
File: L8KjWT3HHT-awkuM-5xak-oY4aM.roa (raw, json)
Hash identifier: hO3koo1iS4SIc2Gr4c1LDgMe1dyW+v9NxdkmF7CVBSY=
Subject key identifier: 2F:C2:A3:59:3D:C7:1D:3F:9A:C2:4B:8C:FB:9C:5A:93:EA:18:E1:A3
Certificate issuer: /CN=54b48731e29f27d687576d6863adbda080709bfe
Certificate serial: 0184C40C24F2C9BE8CD02402D51AE541E12C
Authority key identifier: 54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/L8KjWT3HHT-awkuM-5xak-oY4aM.roa
Signing time: Tue 29 Nov 2022 15:40:40 +0000
ROA not before: Tue 29 Nov 2022 15:40:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201115
IP address blocks: 2a13:3840::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c4:0c:24:f2:c9:be:8c:d0:24:02:d5:1a:e5:41:e1:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54b48731e29f27d687576d6863adbda080709bfe
Validity
Not Before: Nov 29 15:40:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2fc2a3593dc71d3f9ac24b8cfb9c5a93ea18e1a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:99:82:1b:ce:db:4e:55:68:c4:06:64:4a:63:
de:a0:f8:d4:35:2d:7f:43:c8:ab:22:2d:48:bc:83:
4d:f2:dc:18:9a:26:6a:b9:40:23:1a:0a:75:69:bd:
1c:22:e0:8d:c8:2e:7a:54:a0:61:65:4f:af:88:5f:
f8:15:66:37:df:96:66:a8:5f:1a:8d:5e:55:31:bb:
a1:3d:68:96:08:24:2a:27:42:bd:31:e4:77:a5:0b:
4a:b5:9b:3b:dc:d2:ea:9c:44:53:cb:29:5b:fc:62:
08:d3:2f:7b:ec:fa:9e:d9:e1:5f:1e:f0:46:dd:1b:
2e:fa:1e:2f:5c:c6:2d:e4:d0:f7:d6:44:5c:55:52:
17:82:e5:06:b2:f2:10:cf:82:77:c5:a7:06:39:51:
8b:e9:74:3a:c0:3c:80:05:e6:a8:70:bf:61:04:58:
ec:d8:fb:15:a2:f2:92:47:dd:cd:c4:94:60:52:16:
7b:10:e5:93:6c:03:1a:ab:54:35:93:e7:e8:e9:a3:
0f:17:40:70:0e:ce:3a:0b:4c:c8:d9:59:3a:da:39:
1b:c5:65:77:1e:df:e0:66:02:3c:58:c3:2b:66:0f:
35:e9:3d:c6:2f:53:bf:60:4f:be:06:8f:99:7a:4e:
e4:87:fe:04:34:9e:0f:07:da:95:f7:39:07:cb:8f:
a5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C2:A3:59:3D:C7:1D:3F:9A:C2:4B:8C:FB:9C:5A:93:EA:18:E1:A3
X509v3 Authority Key Identifier:
keyid:54:B4:87:31:E2:9F:27:D6:87:57:6D:68:63:AD:BD:A0:80:70:9B:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VLSHMeKfJ9aHV21oY629oIBwm_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/L8KjWT3HHT-awkuM-5xak-oY4aM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/0e7b29-6297-42ca-8f33-5dfccd61a9b1/1/VLSHMeKfJ9aHV21oY629oIBwm_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:3840::/47
Signature Algorithm: sha256WithRSAEncryption
78:f0:39:f8:0b:c4:2b:98:eb:40:08:b6:47:03:14:f9:6c:f5:
d3:5b:a4:c4:42:73:15:0a:c9:78:b3:09:b3:91:b6:d7:3b:5a:
cb:67:84:d2:a6:ef:b8:0f:77:b8:44:14:63:f5:e1:1a:e7:2c:
ce:5b:da:29:cb:2f:33:e8:ae:4f:17:cb:d6:97:b6:55:57:c6:
2f:cb:86:13:3e:bc:9e:8c:f7:24:5c:62:9b:20:27:3c:cc:ef:
7c:f2:4e:dd:53:32:41:17:34:2f:af:e9:4e:70:a7:ee:46:33:
2e:89:00:35:7c:60:c3:00:6e:ef:e6:93:88:99:0d:62:f6:d7:
08:d4:c2:e0:66:af:7b:b0:ca:ea:51:35:13:72:17:03:d0:e1:
d7:8a:69:f3:e2:f1:a3:89:ad:b7:4f:18:a0:83:72:26:32:2b:
fa:ab:47:bd:ae:ee:c2:f1:e7:e1:a2:a3:90:27:41:42:ee:01:
a7:25:1e:5d:19:55:b1:9e:b4:d3:f2:78:62:fd:5b:78:79:a5:
f6:1f:5b:86:23:37:9c:64:41:28:20:2b:aa:9e:92:88:a1:18:
d2:db:98:42:82:a3:95:d8:fc:77:81:79:62:d4:a3:16:25:f5:
cd:f9:4d:ab:c6:31:f7:56:98:ca:64:83:02:7f:60:eb:7e:51:
63:eb:01:e6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTEDCTyyb6M0CQC1RrlQeEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0YjQ4NzMxZTI5ZjI3ZDY4NzU3NmQ2ODYzYWRiZGEwODA3
MDliZmUwHhcNMjIxMTI5MTU0MDQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmMyYTM1OTNkYzcxZDNmOWFjMjRiOGNmYjljNWE5M2VhMThlMWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5mCG87bTlVoxAZkSmPeoPjUNS1/
Q8irIi1IvINN8twYmiZquUAjGgp1ab0cIuCNyC56VKBhZU+viF/4FWY335ZmqF8a
jV5VMbuhPWiWCCQqJ0K9MeR3pQtKtZs73NLqnERTyylb/GII0y977Pqe2eFfHvBG
3Rsu+h4vXMYt5ND31kRcVVIXguUGsvIQz4J3xacGOVGL6XQ6wDyABeaocL9hBFjs
2PsVovKSR93NxJRgUhZ7EOWTbAMaq1Q1k+fo6aMPF0BwDs46C0zI2Vk62jkbxWV3
Ht/gZgI8WMMrZg816T3GL1O/YE++Bo+Zek7kh/4ENJ4PB9qV9zkHy4+lfQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC/Co1k9xx0/msJLjPucWpPqGOGjMB8GA1UdIwQY
MBaAFFS0hzHinyfWh1dtaGOtvaCAcJv+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMt
NWRmY2NkNjFhOWIxLzEvTDhLaldUM0hIVC1hd2t1TS01eGFrLW9ZNGFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wZTdiMjktNjI5Ny00MmNhLThmMzMtNWRmY2NkNjFhOWIx
LzEvVkxTSE1lS2ZKOWFIVjIxb1k2MjlvSUJ3bV80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcBKhM4QAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQB48Dn4C8QrmOtACLZHAxT5bPXTW6TEQnMVCsl4
swmzkbbXO1rLZ4TSpu+4D3e4RBRj9eEa5yzOW9opyy8z6K5PF8vWl7ZVV8Yvy4YT
PryejPckXGKbICc8zO988k7dUzJBFzQvr+lOcKfuRjMuiQA1fGDDAG7v5pOImQ1i
9tcI1MLgZq97sMrqUTUTchcD0OHXimnz4vGjia23Txigg3ImMiv6q0e9ru7C8efh
oqOQJ0FC7gGnJR5dGVWxnrTT8nhi/Vt4eaX2H1uGIzecZEEoICuqnpKIoRjS25hC
gqOV2Px3gXli1KMWJfXN+U2rxjH3VpjKZIMCf2DrflFj6wHm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:55 2024 by rpki-client on console-fra.rpki-client.org