Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/lfGHO-XSWEGn7XF16To3v9XZEsg.roa
File: lfGHO-XSWEGn7XF16To3v9XZEsg.roa (raw, json)
Hash identifier: bJV6kNAhhYg8/OwYcBnpDwBIklrQrpF2E1hklKxlV1s=
Subject key identifier: 95:F1:87:3B:E5:D2:58:41:A7:ED:71:75:E9:3A:37:BF:D5:D9:12:C8
Certificate issuer: /CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Certificate serial: 018C4FAC998269942AC7B5576DDC282B15BA
Authority key identifier: CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/lfGHO-XSWEGn7XF16To3v9XZEsg.roa
Signing time: Sat 09 Dec 2023 17:42:40 +0000
ROA not before: Sat 09 Dec 2023 17:42:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16509
IP address blocks: 2a02:fa8:c800::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4f:ac:99:82:69:94:2a:c7:b5:57:6d:dc:28:2b:15:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ccefffc15a83a38bdda8cfe120c335267dce50f3
Validity
Not Before: Dec 9 17:42:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=95f1873be5d25841a7ed7175e93a37bfd5d912c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5c:ae:33:cb:2f:9a:47:1f:e3:82:cc:d3:cc:
8c:af:1a:10:a5:c5:4c:6d:13:ba:7b:1c:cd:de:10:
8b:c4:21:a8:60:60:c2:92:6b:31:ad:41:98:7e:34:
ec:07:ed:f9:69:d4:b8:e4:33:a7:c5:aa:2e:bd:b1:
e6:a4:1e:e0:be:a0:a2:28:ae:af:fc:2a:63:b0:95:
8a:37:f2:6c:9e:4f:cb:9f:02:76:00:73:10:10:0b:
7d:f2:b1:44:d2:4e:44:86:76:19:53:08:0f:81:7c:
b7:c1:32:a2:fe:ff:f1:73:e5:42:ad:bb:d4:c5:31:
c5:a7:25:26:78:2f:44:6d:22:6d:cd:19:50:85:75:
f0:96:13:32:b6:72:ae:82:c6:cf:12:82:f5:4d:f0:
32:49:81:ca:c8:90:18:07:08:3e:7d:25:ac:39:7e:
18:3d:58:f3:31:50:de:6f:44:65:e9:26:b5:ec:05:
5e:4f:87:44:ed:4f:a2:8b:46:56:cc:ce:03:e5:c1:
10:2f:81:bb:17:d9:83:dc:76:0e:77:c0:85:f0:0d:
9e:f7:99:32:16:87:4c:34:48:59:43:9b:4c:93:c0:
90:22:f8:07:88:7d:12:1a:ea:7c:cc:32:38:0c:fb:
3b:15:60:e7:93:73:91:2e:ed:9d:78:e1:73:6a:64:
95:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:F1:87:3B:E5:D2:58:41:A7:ED:71:75:E9:3A:37:BF:D5:D9:12:C8
X509v3 Authority Key Identifier:
keyid:CC:EF:FF:C1:5A:83:A3:8B:DD:A8:CF:E1:20:C3:35:26:7D:CE:50:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zO__wVqDo4vdqM_hIMM1Jn3OUPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/lfGHO-XSWEGn7XF16To3v9XZEsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/cfd488-a25d-439a-bd17-4beb5dff1701/1/zO__wVqDo4vdqM_hIMM1Jn3OUPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:fa8:c800::/40
Signature Algorithm: sha256WithRSAEncryption
6f:2d:aa:45:98:af:a1:60:21:cb:2c:b0:ba:bc:fd:0a:59:4d:
fc:26:9c:d3:76:66:e7:d3:c0:33:ff:f2:03:8f:11:d6:cf:ef:
13:e8:21:e8:41:c3:03:3f:11:91:7e:53:7d:50:59:61:f4:06:
7e:b6:30:d6:60:20:b8:77:01:75:59:c8:3f:46:64:c4:8b:bf:
71:12:7b:f1:23:fc:1a:b3:87:68:e1:a5:6b:2d:73:aa:5b:ee:
9f:1e:02:ff:17:e7:e3:4c:91:32:24:31:12:62:c9:1f:e8:3e:
76:cb:e3:d9:1c:f2:7f:6a:ef:6d:d5:00:3c:e8:b9:45:e4:43:
88:b7:00:22:81:49:3a:43:f8:83:b4:b1:07:09:15:f5:7b:cd:
12:74:b9:a5:35:67:13:96:b5:a4:f0:63:87:07:3f:c4:73:82:
96:b3:eb:bd:81:dd:a7:d9:6e:21:b4:b9:f4:03:7a:52:15:ca:
a7:f5:02:59:ac:fa:b9:b5:b9:50:cc:ff:f1:c3:e4:d1:a8:e9:
8a:74:eb:bc:cb:a6:49:a5:8e:c6:25:68:9b:56:a3:46:5c:2b:
5a:4d:f8:ec:4f:c4:d1:51:96:85:0b:ef:18:a8:8f:dd:1b:71:
30:b4:a3:f6:bc:78:c4:46:a2:df:6d:f3:7c:ab:56:7b:08:e6:
76:8a:1b:9b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYxPrJmCaZQqx7VXbdwoKxW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjZWZmZmMxNWE4M2EzOGJkZGE4Y2ZlMTIwYzMzNTI2N2Rj
ZTUwZjMwHhcNMjMxMjA5MTc0MjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NWYxODczYmU1ZDI1ODQxYTdlZDcxNzVlOTNhMzdiZmQ1ZDkxMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVyuM8svmkcf44LM08yMrxoQpcVM
bRO6exzN3hCLxCGoYGDCkmsxrUGYfjTsB+35adS45DOnxaouvbHmpB7gvqCiKK6v
/CpjsJWKN/Jsnk/LnwJ2AHMQEAt98rFE0k5EhnYZUwgPgXy3wTKi/v/xc+VCrbvU
xTHFpyUmeC9EbSJtzRlQhXXwlhMytnKugsbPEoL1TfAySYHKyJAYBwg+fSWsOX4Y
PVjzMVDeb0Rl6Sa17AVeT4dE7U+ii0ZWzM4D5cEQL4G7F9mD3HYOd8CF8A2e95ky
FodMNEhZQ5tMk8CQIvgHiH0SGup8zDI4DPs7FWDnk3ORLu2deOFzamSVoQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFJXxhzvl0lhBp+1xdek6N7/V2RLIMB8GA1UdIwQY
MBaAFMzv/8Fag6OL3ajP4SDDNSZ9zlDzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTct
NGJlYjVkZmYxNzAxLzEvbGZHSE8tWFNXRUduN1hGMTZUbzN2OVhaRXNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9jZmQ0ODgtYTI1ZC00MzlhLWJkMTctNGJlYjVkZmYxNzAx
LzEvek9fX3dWcURvNHZkcU1faElNTTFKbjNPVVBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgIPqMgw
DQYJKoZIhvcNAQELBQADggEBAG8tqkWYr6FgIcsssLq8/QpZTfwmnNN2ZufTwDP/
8gOPEdbP7xPoIehBwwM/EZF+U31QWWH0Bn62MNZgILh3AXVZyD9GZMSLv3ESe/Ej
/Bqzh2jhpWstc6pb7p8eAv8X5+NMkTIkMRJiyR/oPnbL49kc8n9q723VADzouUXk
Q4i3ACKBSTpD+IO0sQcJFfV7zRJ0uaU1ZxOWtaTwY4cHP8Rzgpaz672B3afZbiG0
ufQDelIVyqf1Alms+rm1uVDM//HD5NGo6Yp067zLpkmljsYlaJtWo0ZcK1pN+OxP
xNFRloUL7xioj90bcTC0o/a8eMRGot9t83yrVnsI5naKG5s=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:16 2025 by rpki-client