Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/lRcImtNOsSofExYFIBcVrKMko1E.roa
File: lRcImtNOsSofExYFIBcVrKMko1E.roa (raw, json)
Hash identifier: volu8uccKR2ZbccxprvtzzB7Xn7Wy2Sea6A246xJyr0=
Subject key identifier: 95:17:08:9A:D3:4E:B1:2A:1F:13:16:05:20:17:15:AC:A3:24:A3:51
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 0F72495A
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/lRcImtNOsSofExYFIBcVrKMko1E.roa
Signing time: Mon 31 Jan 2022 07:30:27 +0000
ROA not before: Mon 31 Jan 2022 07:30:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210378
IP address blocks: 2a07:2902:9c00::/38 maxlen: 38
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 259148122 (0xf72495a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 31 07:30:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9517089ad34eb12a1f131605201715aca324a351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e0:d0:cd:ba:02:a0:c9:b7:36:22:f2:59:52:
e6:67:3c:65:89:24:2b:4e:8c:f5:e8:25:29:0b:b3:
86:f8:d8:56:56:b1:9d:79:b1:6d:47:8b:4d:b7:f8:
0e:20:87:29:8e:f8:ed:2c:ed:4e:18:46:e9:f5:ba:
d4:e9:20:96:10:38:b5:7e:dc:34:a0:36:46:1a:a0:
dc:50:7e:df:fc:0e:21:38:d4:59:1e:bd:05:ae:dd:
26:cc:47:9b:dd:60:72:85:f5:a2:b6:3b:54:64:fa:
18:62:ef:0a:fd:0a:12:f2:1a:8a:71:9f:74:9d:f2:
8f:2e:ce:4f:24:80:d9:86:17:11:9e:75:56:3e:2f:
5f:4e:93:2c:65:47:8f:de:da:52:d4:5e:e2:47:bf:
6d:a9:34:14:fd:1b:c1:1d:af:c8:ac:36:49:fb:68:
0a:6a:27:76:a2:4b:f8:f6:67:74:be:31:79:b3:3d:
f6:0c:0c:5e:10:f3:c5:bf:22:3b:b5:68:3c:b1:c4:
b7:96:61:80:30:52:0b:69:d7:96:e6:5e:aa:d3:31:
8b:b1:02:b0:f0:58:21:b7:b1:c8:dc:6d:95:28:6d:
5e:8d:45:6b:40:8b:69:00:18:b2:33:64:06:96:75:
f6:e3:9a:41:de:75:76:5e:0a:20:03:3d:1d:da:aa:
71:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:17:08:9A:D3:4E:B1:2A:1F:13:16:05:20:17:15:AC:A3:24:A3:51
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/lRcImtNOsSofExYFIBcVrKMko1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a07:2902:9c00::/38
Signature Algorithm: sha256WithRSAEncryption
49:31:44:ad:f3:4e:7a:24:57:8e:5f:a1:98:de:00:3b:ce:34:
6f:36:43:56:03:be:ab:a8:e5:69:e3:fc:24:ae:48:bb:56:06:
3c:04:68:7e:eb:c6:9f:de:8d:60:83:49:ad:d6:18:d6:dd:44:
a1:79:c7:70:c2:17:a8:54:3a:40:49:55:28:3b:0c:de:94:88:
ba:4c:67:9a:5f:52:e5:1a:49:21:a8:36:66:78:59:ea:fb:ab:
8a:0f:ed:64:87:8a:6c:85:f7:f2:66:83:9d:b2:b3:f7:b3:df:
aa:88:d6:91:84:3f:6d:a7:8c:95:e3:e4:bb:80:8f:ab:80:d5:
01:13:3c:fb:b2:aa:34:d3:71:8d:ce:5e:dd:7b:7e:a9:ce:42:
8e:3a:77:69:5b:9f:05:c9:a4:c3:b3:9e:93:48:6d:a5:5c:a4:
59:1d:ca:ba:23:b6:25:74:45:2c:d0:4c:10:88:77:35:29:fe:
ce:bd:b0:a7:1f:7c:da:a2:8a:87:f6:e6:fa:b1:b1:8c:11:fe:
78:4f:91:51:35:66:12:a3:1e:95:22:76:5c:bc:3a:c2:05:f7:
52:aa:0a:0e:0e:90:44:0b:81:69:dd:13:4f:94:6a:45:1e:f9:
ed:2a:3c:ff:13:ca:b5:cf:a6:54:33:38:5d:53:6e:1d:fb:98:
c1:9a:bb:fc
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIED3JJWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NDVjNjgzY2IxZWI5YzBmNDliOTY3ZTNiZDliOGI4NGNmMDk5YmI4MB4XDTIyMDEz
MTA3MzAyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTUxNzA4OWFkMzRl
YjEyYTFmMTMxNjA1MjAxNzE1YWNhMzI0YTM1MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLg0M26AqDJtzYi8llS5mc8ZYkkK06M9eglKQuzhvjYVlax
nXmxbUeLTbf4DiCHKY747SztThhG6fW61OkglhA4tX7cNKA2Rhqg3FB+3/wOITjU
WR69Ba7dJsxHm91gcoX1orY7VGT6GGLvCv0KEvIainGfdJ3yjy7OTySA2YYXEZ51
Vj4vX06TLGVHj97aUtRe4ke/bak0FP0bwR2vyKw2SftoCmondqJL+PZndL4xebM9
9gwMXhDzxb8iO7VoPLHEt5ZhgDBSC2nXluZeqtMxi7ECsPBYIbexyNxtlShtXo1F
a0CLaQAYsjNkBpZ19uOaQd51dl4KIAM9HdqqcQUCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBSVFwia006xKh8TFgUgFxWsoySjUTAfBgNVHSMEGDAWgBTEXGg8seucD0m5
Z+O9m4uEzwmbuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hGeG9QTEhybkE5SnVXZmp2WnVMaE04Sm03Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvNDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8x
L2xSY0ltdE5Pc1NvZkV4WUZJQmNWcktNa28xRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
NDM5YTEwLTYwYzQtNGMyOC05MWJmLTg4ZDJkZjEwZDE1Yi8xL3hGeG9QTEhybkE5
SnVXZmp2WnVMaE04Sm03Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAh
BggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGAioHKQKcMA0GCSqGSIb3DQEBCwUA
A4IBAQBJMUSt8056JFeOX6GY3gA7zjRvNkNWA76rqOVp4/wkrki7VgY8BGh+68af
3o1gg0mt1hjW3UShecdwwheoVDpASVUoOwzelIi6TGeaX1LlGkkhqDZmeFnq+6uK
D+1kh4pshffyZoOdsrP3s9+qiNaRhD9tp4yV4+S7gI+rgNUBEzz7sqo003GNzl7d
e36pzkKOOndpW58FyaTDs56TSG2lXKRZHcq6I7YldEUs0EwQiHc1Kf7OvbCnH3za
ooqH9ub6sbGMEf54T5FRNWYSox6VInZcvDrCBfdSqgoODpBEC4Fp3RNPlGpFHvnt
Kjz/E8q1z6ZUMzhdU24d+5jBmrv8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:45 2025 by rpki-client