Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/2LAUbD3MNYSpqntwW1uI6AUybMc.roa
File: 2LAUbD3MNYSpqntwW1uI6AUybMc.roa (raw, json)
Hash identifier: Mg9mDFqFeYu0Fz8utcT+I035bQPWUtIFtJJ8Dwh5We0=
Subject key identifier: D8:B0:14:6C:3D:CC:35:84:A9:AA:7B:70:5B:5B:88:E8:05:32:6C:C7
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 0F242A6B
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/2LAUbD3MNYSpqntwW1uI6AUybMc.roa
Signing time: Sat 01 Jan 2022 12:57:32 +0000
ROA not before: Sat 01 Jan 2022 12:57:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15585
IP address blocks: 2a07:2904::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 254028395 (0xf242a6b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 12:57:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d8b0146c3dcc3584a9aa7b705b5b88e805326cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e0:3e:af:12:0c:22:e4:76:2f:72:be:45:12:
d7:7d:a3:c9:a1:77:c9:84:c6:b1:75:20:c8:05:e6:
ca:91:18:03:a9:bd:f2:22:ca:eb:7c:58:03:fc:f3:
e4:e7:df:dd:e5:6f:cf:2d:64:2b:d8:c1:6c:06:33:
b8:17:33:ab:0d:1d:65:ac:97:ee:71:f4:dd:d1:ee:
b6:3b:62:a9:97:96:e3:44:cf:b8:de:c8:15:b8:8b:
f3:1e:5f:c7:9b:70:00:00:f2:1b:b8:82:db:cd:0c:
96:40:ce:36:66:cc:99:e5:16:52:0a:6c:27:fd:f2:
4f:06:b2:aa:43:83:d4:c1:c5:34:6c:7e:f5:8d:53:
d5:de:8c:7b:00:b9:31:41:80:f1:7d:6e:d8:ae:6b:
37:c2:d3:7b:5c:16:43:6a:22:b0:c7:b6:96:73:b0:
81:f4:ee:72:00:52:04:00:08:9e:89:9d:0a:ba:61:
ab:56:a8:15:bf:0e:2b:c5:6a:c9:85:58:04:09:b5:
8c:49:78:db:5d:c7:90:54:f7:85:29:f4:ab:86:d7:
0d:ca:d1:83:9a:29:9d:07:4c:8c:b6:36:c7:42:57:
15:0c:ba:b3:ca:8f:a9:12:60:1f:5b:62:12:75:36:
7c:4b:36:54:c5:c5:e4:1b:7f:9d:f2:54:aa:13:eb:
67:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B0:14:6C:3D:CC:35:84:A9:AA:7B:70:5B:5B:88:E8:05:32:6C:C7
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/2LAUbD3MNYSpqntwW1uI6AUybMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2904::/32
Signature Algorithm: sha256WithRSAEncryption
09:cc:e9:5d:d5:e2:d9:13:5b:0b:e4:1b:92:d8:70:90:bd:e7:
04:9b:9a:5f:97:35:34:a1:32:f0:64:2f:af:49:dc:67:63:5c:
97:72:e8:a0:69:0a:dd:24:d7:c2:d9:32:60:01:1a:33:a9:42:
c5:6c:44:25:2d:b2:95:c1:f6:da:69:69:f4:73:09:24:99:35:
a1:b2:3e:47:14:c0:fb:f3:bc:18:6b:07:86:4d:06:19:ac:25:
bf:8f:35:26:0c:34:01:2e:ca:6d:4f:1c:6e:f0:e0:0f:5c:9b:
24:16:2a:0f:d2:45:38:72:11:d8:34:81:e1:04:1f:86:1e:90:
8d:79:3f:41:20:13:86:c7:86:44:83:76:1a:50:52:a2:db:63:
d7:4d:b9:30:df:80:11:9e:66:3a:c9:a5:f6:2a:a4:ec:bb:4a:
18:ec:77:0c:5f:45:09:1f:eb:bf:83:d2:b6:47:f2:96:72:82:
ab:f2:2e:d2:dc:31:4a:d9:a7:75:e2:98:18:5c:ed:4c:23:02:
91:06:cd:b0:30:fb:d8:f6:dc:ca:b5:52:70:6b:2d:49:fa:65:
41:a0:8e:f9:c3:3a:e9:d8:b4:8e:47:20:47:ce:d5:b7:63:1f:
d4:e4:fc:c2:93:ae:d7:15:cf:c5:ee:4e:83:ce:9f:ff:d0:14:
99:c4:90:e7
-----BEGIN CERTIFICATE-----
MIIE8DCCA9igAwIBAgIEDyQqazANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDVjNjgzY2IxZWI5YzBmNDliOTY3ZTNiZDliOGI4NGNmMDk5YmI4MB4XDTIyMDEw
MTEyNTczMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDhiMDE0NmMzZGNj
MzU4NGE5YWE3YjcwNWI1Yjg4ZTgwNTMyNmNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/gPq8SDCLkdi9yvkUS132jyaF3yYTGsXUgyAXmypEYA6m9
8iLK63xYA/zz5Off3eVvzy1kK9jBbAYzuBczqw0dZayX7nH03dHutjtiqZeW40TP
uN7IFbiL8x5fx5twAADyG7iC280MlkDONmbMmeUWUgpsJ/3yTwayqkOD1MHFNGx+
9Y1T1d6MewC5MUGA8X1u2K5rN8LTe1wWQ2oisMe2lnOwgfTucgBSBAAInomdCrph
q1aoFb8OK8VqyYVYBAm1jEl4213HkFT3hSn0q4bXDcrRg5opnQdMjLY2x0JXFQy6
s8qPqRJgH1tiEnU2fEs2VMXF5Bt/nfJUqhPrZ1cCAwEAAaOCAgowggIGMB0GA1Ud
DgQWBBTYsBRsPcw1hKmqe3BbW4joBTJsxzAfBgNVHSMEGDAWgBTEXGg8seucD0m5
Z+O9m4uEzwmbuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGeG9QTEhybkE5SnVXZmp2WnVMaE04Sm03Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8x
LzJMQVViRDNNTllTcHFudHdXMXVJNkFVeWJNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8xL3hGeG9QTEhybkE5
SnVXZmp2WnVMaE04Sm03Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAg
BggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoHKQQwDQYJKoZIhvcNAQELBQAD
ggEBAAnM6V3V4tkTWwvkG5LYcJC95wSbml+XNTShMvBkL69J3GdjXJdy6KBpCt0k
18LZMmABGjOpQsVsRCUtspXB9tppafRzCSSZNaGyPkcUwPvzvBhrB4ZNBhmsJb+P
NSYMNAEuym1PHG7w4A9cmyQWKg/SRThyEdg0geEEH4YekI15P0EgE4bHhkSDdhpQ
UqLbY9dNuTDfgBGeZjrJpfYqpOy7ShjsdwxfRQkf67+D0rZH8pZygqvyLtLcMUrZ
p3XimBhc7UwjApEGzbAw+9j23Mq1UnBrLUn6ZUGgjvnDOunYtI5HIEfO1bdjH9Tk
/MKTrtcVz8XuToPOn//QFJnEkOc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:51 2025 by rpki-client