Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/lrn8py98pWWHfDOnk91W-psbXmU.roa
File: lrn8py98pWWHfDOnk91W-psbXmU.roa (raw, json)
Hash identifier: DnSqvOnb6thfW3yYhjNnRvWmr8FoJUScOlejsY250pU=
Subject key identifier: 96:B9:FC:A7:2F:7C:A5:65:87:7C:33:A7:93:DD:56:FA:9B:1B:5E:65
Certificate issuer: /CN=529231b247bff65b4c6341907ecd5eaba7f9ca92
Certificate serial: 123C8A9A
Authority key identifier: 52:92:31:B2:47:BF:F6:5B:4C:63:41:90:7E:CD:5E:AB:A7:F9:CA:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UpIxske_9ltMY0GQfs1eq6f5ypI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/lrn8py98pWWHfDOnk91W-psbXmU.roa
Signing time: Sat 01 Jan 2022 08:02:09 +0000
ROA not before: Sat 01 Jan 2022 08:02:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200479
IP address blocks: 2001:67c:2344::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 305957530 (0x123c8a9a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=529231b247bff65b4c6341907ecd5eaba7f9ca92
Validity
Not Before: Jan 1 08:02:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96b9fca72f7ca565877c33a793dd56fa9b1b5e65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:54:65:cd:89:76:c0:15:fb:a0:3d:2a:e4:da:
ab:3e:a8:85:49:b6:4b:11:d0:aa:bd:d0:df:ee:ff:
e8:99:8e:48:39:3c:a8:e8:ba:5b:97:c8:62:ea:58:
31:71:ad:49:d2:f9:7f:5e:1c:d0:c5:3b:8c:39:20:
bc:f7:b7:75:7b:e8:0d:c2:82:46:bf:e5:03:92:08:
f5:4d:dd:85:03:41:63:a9:23:5d:20:09:0b:d4:8e:
cc:c7:b5:af:06:69:cb:20:9c:5f:31:c8:7f:d0:a9:
aa:53:b1:b8:7e:01:70:7a:4b:a2:be:28:d8:65:91:
23:18:37:88:94:7a:cf:7d:d5:fa:0f:70:a4:8d:67:
e6:2f:e7:f9:5e:27:47:1a:69:02:95:d5:06:d5:c6:
c0:bb:ea:9e:7f:ba:9e:88:f4:65:73:2d:72:30:8a:
7a:bb:b6:e6:9c:25:e8:43:57:70:f5:74:3e:3f:cd:
24:69:c4:97:28:9a:26:f0:d5:2e:7f:00:d8:42:49:
f2:81:b7:10:13:11:83:7c:8a:e1:01:d7:25:3c:8e:
a0:ac:02:f9:22:11:0e:1b:bb:15:be:5d:5b:65:1c:
3e:1e:9b:22:cf:fc:d2:fb:e0:a7:21:f3:c8:96:9c:
43:93:1a:52:61:df:cf:c3:b0:cd:0e:b7:78:db:8d:
97:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:B9:FC:A7:2F:7C:A5:65:87:7C:33:A7:93:DD:56:FA:9B:1B:5E:65
X509v3 Authority Key Identifier:
keyid:52:92:31:B2:47:BF:F6:5B:4C:63:41:90:7E:CD:5E:AB:A7:F9:CA:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UpIxske_9ltMY0GQfs1eq6f5ypI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/lrn8py98pWWHfDOnk91W-psbXmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/8ec96d-d61c-46ac-bf54-65135cf2f815/1/UpIxske_9ltMY0GQfs1eq6f5ypI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:2344::/48
Signature Algorithm: sha256WithRSAEncryption
98:5a:6c:2a:be:1b:7e:53:26:fe:8f:50:30:a4:f1:4b:90:ca:
3e:8a:09:42:ae:98:e7:20:db:a5:e9:16:3f:70:12:d3:6d:cc:
11:80:65:55:80:d7:58:af:12:e1:12:9f:29:79:04:dc:b5:80:
58:49:c3:0b:f7:68:36:dd:93:28:25:8a:61:c3:b3:7b:17:4a:
32:01:bd:e1:6b:e3:b9:9e:3d:96:4e:a3:d5:56:16:3e:d5:32:
10:1e:10:06:b2:aa:a1:73:17:f8:4c:ef:69:14:05:41:fc:3d:
ce:64:23:16:cd:5c:5c:6e:dd:56:b9:8c:eb:8d:85:a0:88:d5:
62:6e:2e:f0:8b:81:af:18:97:40:02:16:a4:19:41:23:cf:28:
31:80:16:db:45:22:c0:f2:d2:57:8b:26:db:ad:7e:4c:ea:88:
b5:c6:0d:00:f2:92:4e:07:8c:f1:93:73:93:b8:56:b0:f6:0f:
5d:48:25:24:74:fc:88:3b:f2:7e:ef:fb:98:86:ac:eb:c8:16:
f3:37:af:15:e7:02:18:91:cc:00:e4:a3:74:8e:07:23:9a:da:
ef:39:e4:75:12:47:61:29:0f:30:52:2b:00:96:8c:6c:19:11:
e0:18:1e:b3:f7:a0:ec:bb:1f:2b:42:3f:5c:85:96:76:c2:a6:
93:50:85:aa
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEEjyKmjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MjkyMzFiMjQ3YmZmNjViNGM2MzQxOTA3ZWNkNWVhYmE3ZjljYTkyMB4XDTIyMDEw
MTA4MDIwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTZiOWZjYTcyZjdj
YTU2NTg3N2MzM2E3OTNkZDU2ZmE5YjFiNWU2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtUZc2JdsAV+6A9KuTaqz6ohUm2SxHQqr3Q3+7/6JmOSDk8
qOi6W5fIYupYMXGtSdL5f14c0MU7jDkgvPe3dXvoDcKCRr/lA5II9U3dhQNBY6kj
XSAJC9SOzMe1rwZpyyCcXzHIf9CpqlOxuH4BcHpLor4o2GWRIxg3iJR6z33V+g9w
pI1n5i/n+V4nRxppApXVBtXGwLvqnn+6noj0ZXMtcjCKeru25pwl6ENXcPV0Pj/N
JGnElyiaJvDVLn8A2EJJ8oG3EBMRg3yK4QHXJTyOoKwC+SIRDhu7Fb5dW2UcPh6b
Is/80vvgpyHzyJacQ5MaUmHfz8OwzQ63eNuNlyMCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSWufynL3ylZYd8M6eT3Vb6mxteZTAfBgNVHSMEGDAWgBRSkjGyR7/2W0xj
QZB+zV6rp/nKkjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VwSXhza2VfOWx0TVkwR1FmczFlcTZmNXlwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjIvOGVjOTZkLWQ2MWMtNDZhYy1iZjU0LTY1MTM1Y2YyZjgxNS8x
L2xybjhweTk4cFdXSGZET25rOTFXLXBzYlhtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIv
OGVjOTZkLWQ2MWMtNDZhYy1iZjU0LTY1MTM1Y2YyZjgxNS8xL1VwSXhza2VfOWx0
TVkwR1FmczFlcTZmNXlwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBnwjRDANBgkqhkiG9w0BAQsF
AAOCAQEAmFpsKr4bflMm/o9QMKTxS5DKPooJQq6Y5yDbpekWP3AS023MEYBlVYDX
WK8S4RKfKXkE3LWAWEnDC/doNt2TKCWKYcOzexdKMgG94WvjuZ49lk6j1VYWPtUy
EB4QBrKqoXMX+EzvaRQFQfw9zmQjFs1cXG7dVrmM642FoIjVYm4u8IuBrxiXQAIW
pBlBI88oMYAW20UiwPLSV4sm261+TOqItcYNAPKSTgeM8ZNzk7hWsPYPXUglJHT8
iDvyfu/7mIas68gW8zevFecCGJHMAOSjdI4HI5ra7znkdRJHYSkPMFIrAJaMbBkR
4Bges/eg7LsfK0I/XIWWdsKmk1CFqg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:02 2023 by rpki-client on console-fra.rpki-client.org