Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LnuJSr8oed1nLK1rMyuk4uHomN4.roa
File: LnuJSr8oed1nLK1rMyuk4uHomN4.roa (raw, json)
Hash identifier: HSR5JuEFjWCH0YyMpzFfv0WCcPbbqpL0HZ5chnHX0X0=
Subject key identifier: 2E:7B:89:4A:BF:28:79:DD:67:2C:AD:6B:33:2B:A4:E2:E1:E8:98:DE
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01845283F80DE5E7FC4F17BF767B19F22CA3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LnuJSr8oed1nLK1rMyuk4uHomN4.roa
Signing time: Mon 07 Nov 2022 14:34:51 +0000
ROA not before: Mon 07 Nov 2022 14:34:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202000
IP address blocks: 2a0e:97c0:c50::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:52:83:f8:0d:e5:e7:fc:4f:17:bf:76:7b:19:f2:2c:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Nov 7 14:34:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e7b894abf2879dd672cad6b332ba4e2e1e898de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f3:5a:7d:51:22:6e:8e:90:30:da:9c:e2:ee:
60:34:0f:6f:cd:c9:02:2c:a3:da:23:41:fb:24:42:
60:8c:39:82:28:74:8b:8a:c7:03:e3:98:e6:82:b1:
14:5d:52:20:9e:22:59:53:da:b2:a3:5e:6d:3c:d0:
35:1b:93:d6:63:3b:e0:09:b2:b7:cb:ec:9e:ff:fc:
6c:dc:d8:9b:64:dc:e1:43:01:0d:3a:76:f0:92:72:
96:b3:3b:a8:82:a5:e8:b4:ea:cd:d2:f5:45:03:39:
ca:4d:07:f0:1f:7a:1e:8d:a4:b2:01:3d:ad:3f:22:
cd:73:d0:cd:7e:a6:f0:d8:a9:e2:2f:f6:55:0e:92:
ee:18:b1:21:27:b0:6a:b6:07:2b:97:f9:21:2c:8d:
1d:49:e3:09:18:d7:31:14:b9:1c:a4:46:ce:ca:72:
b0:cc:8a:01:3c:af:a0:62:e5:ee:02:4c:de:6e:ad:
ae:b6:68:c2:af:70:e5:34:ae:74:fe:e8:b0:46:8c:
f9:32:47:4f:68:4f:4b:a8:f9:f3:b5:b8:f9:7a:73:
31:68:e4:d5:31:2f:27:4f:87:2c:3c:76:81:0c:7f:
98:56:44:2d:be:80:ad:ad:ea:86:be:96:fd:2d:e0:
b7:f7:f1:84:b6:d1:67:63:70:cb:bb:55:e3:4c:9b:
cd:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:7B:89:4A:BF:28:79:DD:67:2C:AD:6B:33:2B:A4:E2:E1:E8:98:DE
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/LnuJSr8oed1nLK1rMyuk4uHomN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:97c0:c50::/44
Signature Algorithm: sha256WithRSAEncryption
8a:bb:73:a2:58:b9:b1:64:81:d5:0d:9c:64:28:bb:a2:ad:8d:
16:3b:9b:6f:10:c4:21:93:96:0c:7b:98:34:be:57:2f:bb:ab:
aa:f2:15:f7:fd:9c:82:27:5a:86:96:eb:cb:0b:c3:40:98:0c:
3c:3d:c8:a8:31:5c:48:81:90:f8:45:2a:45:e8:ae:1b:5a:b0:
0b:d2:bd:02:76:83:d9:f6:cf:bd:7f:b3:69:96:41:fa:26:cb:
6a:d1:89:4f:f8:7c:0f:cd:cd:bd:74:fa:96:91:27:90:2d:20:
f1:ca:d1:d2:f2:e2:89:35:86:8c:ec:a0:fa:88:8c:7e:06:7a:
63:7f:2b:ef:a0:d7:e6:1f:14:d9:f4:89:bd:df:5a:1f:27:a2:
0b:96:ac:71:8c:7c:d3:e5:22:fd:86:a1:74:79:6d:07:20:fe:
ca:92:79:99:e7:1f:7c:eb:85:1a:a6:f6:0c:15:94:e9:aa:3a:
c3:93:45:53:fc:a8:c9:94:ba:53:50:ef:36:29:a3:42:82:8a:
ac:fa:eb:f6:6d:09:f5:ae:9d:5c:57:b1:ed:ef:fc:63:96:be:
35:27:19:e3:03:a5:13:2a:16:46:1c:95:c5:5d:a8:36:24:a9:
0a:9f:95:ce:de:be:d4:9c:1d:b4:e4:2d:45:a1:a1:3d:35:3f:
4a:db:bd:c5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYRSg/gN5ef8Txe/dnsZ8iyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjIxMTA3MTQzNDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTdiODk0YWJmMjg3OWRkNjcyY2FkNmIzMzJiYTRlMmUxZTg5OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPNafVEibo6QMNqc4u5gNA9vzckC
LKPaI0H7JEJgjDmCKHSLiscD45jmgrEUXVIgniJZU9qyo15tPNA1G5PWYzvgCbK3
y+ye//xs3NibZNzhQwENOnbwknKWszuogqXotOrN0vVFAznKTQfwH3oejaSyAT2t
PyLNc9DNfqbw2KniL/ZVDpLuGLEhJ7Bqtgcrl/khLI0dSeMJGNcxFLkcpEbOynKw
zIoBPK+gYuXuAkzebq2utmjCr3DlNK50/uiwRoz5MkdPaE9LqPnztbj5enMxaOTV
MS8nT4csPHaBDH+YVkQtvoCtreqGvpb9LeC39/GEttFnY3DLu1XjTJvNDQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFC57iUq/KHndZyytazMrpOLh6JjeMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvTG51SlNyOG9lZDFuTEsxck15dWs0dUhvbU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6XwAxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCKu3OiWLmxZIHVDZxkKLuirY0WO5tvEMQhk5YM
e5g0vlcvu6uq8hX3/ZyCJ1qGluvLC8NAmAw8PcioMVxIgZD4RSpF6K4bWrAL0r0C
doPZ9s+9f7NplkH6Jstq0YlP+HwPzc29dPqWkSeQLSDxytHS8uKJNYaM7KD6iIx+
BnpjfyvvoNfmHxTZ9Im931ofJ6ILlqxxjHzT5SL9hqF0eW0HIP7KknmZ5x9864Ua
pvYMFZTpqjrDk0VT/KjJlLpTUO82KaNCgoqs+uv2bQn1rp1cV7Ht7/xjlr41Jxnj
A6UTKhZGHJXFXag2JKkKn5XO3r7UnB205C1FoaE9NT9K273F
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:58 2023 by rpki-client on console-ams.rpki-client.org