Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/Llb8Y9VghqDRVm7OheAehMyGBek.roa
File: Llb8Y9VghqDRVm7OheAehMyGBek.roa (raw, json)
Hash identifier: ghVlV/6Mz6To1w7H4rS7yO8IYb0TKfCmIon9HO9KoLY=
Subject key identifier: 2E:56:FC:63:D5:60:86:A0:D1:56:6E:CE:85:E0:1E:84:CC:86:05:E9
Certificate issuer: /CN=786ee09fe5437ccd0bcbecfaa970de31ec9d86ed
Certificate serial: 08D45291
Authority key identifier: 78:6E:E0:9F:E5:43:7C:CD:0B:CB:EC:FA:A9:70:DE:31:EC:9D:86:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eG7gn-VDfM0Ly-z6qXDeMeydhu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/Llb8Y9VghqDRVm7OheAehMyGBek.roa
Signing time: Sat 01 Jan 2022 09:55:45 +0000
ROA not before: Sat 01 Jan 2022 09:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29608
IP address blocks: 2001:678:938::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148132497 (0x8d45291)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=786ee09fe5437ccd0bcbecfaa970de31ec9d86ed
Validity
Not Before: Jan 1 09:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e56fc63d56086a0d1566ece85e01e84cc8605e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:2b:f3:83:02:33:67:13:fc:87:18:76:58:be:
f2:1e:98:1f:af:67:ef:e4:9e:18:b1:06:a5:42:f6:
7a:1f:0a:38:32:a1:de:2f:2b:47:56:60:53:93:9f:
e7:66:e5:22:8d:21:ac:37:24:4f:7c:48:69:74:25:
aa:ce:77:17:85:d4:52:48:ef:79:66:97:2c:8e:8a:
14:11:86:f2:c5:57:19:3e:f2:cc:42:07:6b:e3:82:
88:7b:a9:e6:7a:07:b7:c7:2a:da:cb:25:4d:e8:59:
ad:e3:d6:a5:ac:f4:50:64:06:3b:ff:63:7d:3d:49:
96:bd:49:42:88:cd:2a:a4:c4:cc:de:ec:58:59:cd:
8d:c4:0a:1a:08:e1:a3:49:66:94:62:94:0e:c2:75:
d3:5c:d8:c0:91:70:56:2b:6b:43:b4:26:9d:a4:ac:
7d:5e:24:81:79:a7:08:4d:34:dc:1a:41:e4:eb:a7:
21:17:d6:e0:c2:09:2d:25:d9:b1:57:bf:7e:2d:9e:
b7:41:8d:24:22:10:b9:e4:79:9c:69:80:b8:ae:66:
35:fb:53:9f:a7:52:00:f5:bd:01:9e:b9:d0:89:30:
68:b9:cd:58:79:22:9e:fc:dc:3f:85:f4:f7:5c:d1:
15:03:75:26:14:d7:da:12:6f:df:fe:aa:04:93:78:
43:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:56:FC:63:D5:60:86:A0:D1:56:6E:CE:85:E0:1E:84:CC:86:05:E9
X509v3 Authority Key Identifier:
keyid:78:6E:E0:9F:E5:43:7C:CD:0B:CB:EC:FA:A9:70:DE:31:EC:9D:86:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eG7gn-VDfM0Ly-z6qXDeMeydhu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/Llb8Y9VghqDRVm7OheAehMyGBek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/aa443e-2d40-4dfc-ac4d-4509d228fc6f/1/eG7gn-VDfM0Ly-z6qXDeMeydhu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:938::/48
Signature Algorithm: sha256WithRSAEncryption
63:b3:55:31:32:9f:0c:24:b1:fc:1f:b9:e9:e4:83:72:82:6c:
7c:c8:06:be:90:be:6c:45:98:33:e0:bd:fe:75:81:87:76:79:
53:5c:91:8c:96:22:a1:fe:73:de:58:e2:83:aa:81:21:4f:76:
3f:79:25:d2:1d:99:fc:09:c0:c0:78:49:3f:a2:8d:17:a3:c4:
e9:e6:e1:1f:7d:6b:43:d9:bf:8b:25:b4:17:f2:5b:a3:ff:25:
27:5c:ac:c4:0c:85:69:6e:a6:8b:f5:cd:7e:be:b0:72:26:ef:
e4:39:92:b7:73:24:67:95:c0:d6:50:30:ee:22:10:73:0a:69:
ec:d1:79:9f:28:f5:6e:db:a1:70:fa:65:2b:5b:42:4e:cb:18:
b1:40:c1:e4:c1:af:f5:92:fc:c7:7c:3a:f4:d2:2a:42:4d:80:
9b:fa:68:8a:d5:58:83:8d:73:36:c2:80:93:cc:c6:5b:40:0c:
61:47:81:03:16:77:ad:d6:74:96:55:2a:30:4a:a0:da:a3:e6:
28:60:d6:e7:38:45:65:51:fe:57:df:2c:0b:92:df:2e:e3:71:
f1:80:bc:76:1b:39:ec:01:c6:d9:0b:1b:5a:92:b1:e8:8c:5e:
c9:ad:4e:2d:07:cc:6e:db:29:b5:36:34:65:e7:09:a1:3c:11:
c0:75:cc:e8
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECNRSkTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ODZlZTA5ZmU1NDM3Y2NkMGJjYmVjZmFhOTcwZGUzMWVjOWQ4NmVkMB4XDTIyMDEw
MTA5NTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmU1NmZjNjNkNTYw
ODZhMGQxNTY2ZWNlODVlMDFlODRjYzg2MDVlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANQr84MCM2cT/IcYdli+8h6YH69n7+SeGLEGpUL2eh8KODKh
3i8rR1ZgU5Of52blIo0hrDckT3xIaXQlqs53F4XUUkjveWaXLI6KFBGG8sVXGT7y
zEIHa+OCiHup5noHt8cq2sslTehZrePWpaz0UGQGO/9jfT1Jlr1JQojNKqTEzN7s
WFnNjcQKGgjho0lmlGKUDsJ101zYwJFwVitrQ7QmnaSsfV4kgXmnCE003BpB5Oun
IRfW4MIJLSXZsVe/fi2et0GNJCIQueR5nGmAuK5mNftTn6dSAPW9AZ650IkwaLnN
WHkinvzcP4X091zRFQN1JhTX2hJv3/6qBJN4Q3MCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQuVvxj1WCGoNFWbs6F4B6EzIYF6TAfBgNVHSMEGDAWgBR4buCf5UN8zQvL
7PqpcN4x7J2G7TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2VHN2duLVZEZk0wTHktejZxWERlTWV5ZGh1MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvYWE0NDNlLTJkNDAtNGRmYy1hYzRkLTQ1MDlkMjI4ZmM2Zi8x
L0xsYjhZOVZnaHFEUlZtN09oZUFlaE15R0Jlay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
YWE0NDNlLTJkNDAtNGRmYy1hYzRkLTQ1MDlkMjI4ZmM2Zi8xL2VHN2duLVZEZk0w
THktejZxWERlTWV5ZGh1MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngJODANBgkqhkiG9w0BAQsF
AAOCAQEAY7NVMTKfDCSx/B+56eSDcoJsfMgGvpC+bEWYM+C9/nWBh3Z5U1yRjJYi
of5z3ljig6qBIU92P3kl0h2Z/AnAwHhJP6KNF6PE6ebhH31rQ9m/iyW0F/Jbo/8l
J1ysxAyFaW6mi/XNfr6wcibv5DmSt3MkZ5XA1lAw7iIQcwpp7NF5nyj1btuhcPpl
K1tCTssYsUDB5MGv9ZL8x3w69NIqQk2Am/poitVYg41zNsKAk8zGW0AMYUeBAxZ3
rdZ0llUqMEqg2qPmKGDW5zhFZVH+V98sC5LfLuNx8YC8dhs57AHG2QsbWpKx6Ixe
ya1OLQfMbtsptTY0ZecJoTwRwHXM6A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:36 2023 by rpki-client on console-ams.rpki-client.org