Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/lDFKhX07OhrZH-bMh3OfeSZQcR4.roa
File: lDFKhX07OhrZH-bMh3OfeSZQcR4.roa (raw, json)
Hash identifier: 7cP9Go/pPZ+9vbrhpIkFa+kWcS7YCttoSYhnX2M2PlY=
Subject key identifier: 94:31:4A:85:7D:3B:3A:1A:D9:1F:E6:CC:87:73:9F:79:26:50:71:1E
Certificate issuer: /CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Certificate serial: 018571B0B0CDAE69F7B9D89CC8397D726E95
Authority key identifier: 2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/lDFKhX07OhrZH-bMh3OfeSZQcR4.roa
Signing time: Mon 02 Jan 2023 08:54:43 +0000
ROA not before: Mon 02 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34182
IP address blocks: 2a00:5647::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:b0:cd:ae:69:f7:b9:d8:9c:c8:39:7d:72:6e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Validity
Not Before: Jan 2 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94314a857d3b3a1ad91fe6cc87739f792650711e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:15:35:08:a1:0d:ec:49:e3:71:7f:8b:4a:a8:
cb:fd:c2:d3:d8:1d:c4:61:90:0f:1d:01:e5:7a:a0:
57:af:d0:54:82:a0:2b:71:88:73:9d:8c:ec:04:53:
68:bb:86:c3:cf:18:42:8a:46:04:47:be:bc:4f:57:
a0:60:d9:bb:32:4e:eb:51:87:f7:42:80:2d:1d:0e:
c7:7c:fe:f3:a6:db:21:54:71:7d:74:d8:64:97:2d:
9c:f3:f6:5e:2f:37:6d:fa:73:9a:c2:17:de:6e:b5:
60:db:d0:de:c0:78:c4:67:b9:e7:48:de:b7:da:a9:
96:02:f2:15:1b:20:66:8e:86:83:ab:54:cf:f1:21:
50:9b:ff:2d:63:c3:0e:9e:d0:14:66:97:e7:d4:40:
ed:2f:3f:64:2d:50:bd:ff:3f:1b:af:50:5f:67:b1:
aa:16:21:22:2e:66:4b:d8:13:c5:be:0a:f9:47:27:
8f:87:76:99:d6:9b:e7:b0:e1:ec:50:59:6d:37:fc:
47:96:75:91:cd:2a:ee:97:a7:ff:38:f7:9a:05:14:
b4:08:11:f6:a9:49:e1:f6:c6:8c:de:16:da:5f:e9:
f2:ac:da:3e:ee:b6:d3:82:84:50:c1:5e:85:37:49:
93:ef:e4:7c:c6:33:78:cc:34:54:40:17:cf:4a:17:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:31:4A:85:7D:3B:3A:1A:D9:1F:E6:CC:87:73:9F:79:26:50:71:1E
X509v3 Authority Key Identifier:
keyid:2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/lDFKhX07OhrZH-bMh3OfeSZQcR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/Lb24n7QRj_pV-v2_ReGSgr4Oes8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:5647::/32
Signature Algorithm: sha256WithRSAEncryption
78:95:5d:f9:b8:f3:92:25:ff:d5:25:08:6c:85:a1:28:29:b9:
18:a8:cb:57:ae:21:66:46:76:c0:f7:52:87:a8:43:b7:1c:78:
ce:42:64:ff:70:4a:e4:5c:3a:4a:9c:6e:96:a6:12:34:39:5a:
3e:58:ed:8a:c7:a8:02:18:b1:2c:d7:d8:55:f7:97:83:f1:87:
27:86:1b:2e:27:ab:88:f5:89:18:4c:b2:1c:56:ff:d7:6e:fd:
b8:f5:93:c4:ae:b3:2f:ff:bc:eb:66:d4:c8:dd:8b:e5:81:e7:
78:48:e4:45:40:3a:7a:d6:26:a6:c5:05:4e:90:93:99:35:f4:
ce:85:e0:af:08:a7:f7:10:78:a4:48:8b:e4:69:2a:8d:1c:1f:
39:55:86:f9:20:9f:a0:4c:4b:8a:1d:59:05:51:a3:cb:ab:90:
40:17:9a:a3:46:bd:2a:e9:d7:37:20:58:9a:ad:b2:47:2d:e9:
0a:2c:3e:bb:37:60:d2:ca:8e:b1:b8:e5:b3:73:ca:7d:28:f2:
b0:2c:33:d5:87:dd:30:e5:16:ad:e8:84:b9:fd:c5:87:f1:80:
5a:b7:b8:34:63:b2:a9:86:fe:70:18:6c:4b:54:ee:07:b6:98:
ea:68:d5:f9:09:71:70:d2:bc:cb:97:9a:22:e9:b7:f6:19:44:
81:f8:e4:94
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVxsLDNrmn3udicyDl9cm6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYmRiODlmYjQxMThmZmE1NWZhZmRiZjQ1ZTE5MjgyYmUw
ZTdhY2YwHhcNMjMwMTAyMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDMxNGE4NTdkM2IzYTFhZDkxZmU2Y2M4NzczOWY3OTI2NTA3MTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBU1CKEN7EnjcX+LSqjL/cLT2B3E
YZAPHQHleqBXr9BUgqArcYhznYzsBFNou4bDzxhCikYER768T1egYNm7Mk7rUYf3
QoAtHQ7HfP7zptshVHF9dNhkly2c8/ZeLzdt+nOawhfebrVg29DewHjEZ7nnSN63
2qmWAvIVGyBmjoaDq1TP8SFQm/8tY8MOntAUZpfn1EDtLz9kLVC9/z8br1BfZ7Gq
FiEiLmZL2BPFvgr5RyePh3aZ1pvnsOHsUFltN/xHlnWRzSrul6f/OPeaBRS0CBH2
qUnh9saM3hbaX+nyrNo+7rbTgoRQwV6FN0mT7+R8xjN4zDRUQBfPSheRMwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFJQxSoV9Ozoa2R/mzIdzn3kmUHEeMB8GA1UdIwQY
MBaAFC29uJ+0EY/6Vfr9v0XhkoK+DnrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGIyNG43UVJqX3BWLXYyX1JlR1NncjRPZXM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMDBjY2MtZWMzZi00MGRmLWE5ZmMt
N2NjNzk5MTczMDBhLzEvbERGS2hYMDdPaHJaSC1iTWgzT2ZlU1pRY1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9mMDBjY2MtZWMzZi00MGRmLWE5ZmMtN2NjNzk5MTczMDBh
LzEvTGIyNG43UVJqX3BWLXYyX1JlR1NncjRPZXM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgBWRzAN
BgkqhkiG9w0BAQsFAAOCAQEAeJVd+bjzkiX/1SUIbIWhKCm5GKjLV64hZkZ2wPdS
h6hDtxx4zkJk/3BK5Fw6SpxulqYSNDlaPljtiseoAhixLNfYVfeXg/GHJ4YbLier
iPWJGEyyHFb/1279uPWTxK6zL/+862bUyN2L5YHneEjkRUA6etYmpsUFTpCTmTX0
zoXgrwin9xB4pEiL5GkqjRwfOVWG+SCfoExLih1ZBVGjy6uQQBeao0a9KunXNyBY
mq2yRy3pCiw+uzdg0sqOsbjls3PKfSjysCwz1YfdMOUWreiEuf3Fh/GAWre4NGOy
qYb+cBhsS1TuB7aY6mjV+QlxcNK8y5eaIum39hlEgfjklA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:08 2025 by rpki-client