Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/lajz65uCyQTssEj5AP5Bf_2gQU4.roa
File: lajz65uCyQTssEj5AP5Bf_2gQU4.roa (raw, json)
Hash identifier: bAZzhGlj7SkLfCbexzxVOboVYhFiKlWRizZgX0OrX2Q=
Subject key identifier: 95:A8:F3:EB:9B:82:C9:04:EC:B0:48:F9:00:FE:41:7F:FD:A0:41:4E
Certificate issuer: /CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Certificate serial: 03A65A4D
Authority key identifier: 3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/lajz65uCyQTssEj5AP5Bf_2gQU4.roa
Signing time: Wed 15 Jun 2022 06:01:44 +0000
ROA not before: Wed 15 Jun 2022 06:01:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20546
IP address blocks: 2001:678:804::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61233741 (0x3a65a4d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a48fe0704e4ac95e3a70e95beb84425c316b9ad
Validity
Not Before: Jun 15 06:01:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=95a8f3eb9b82c904ecb048f900fe417ffda0414e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:19:9d:34:5d:ea:bf:c1:78:5c:46:ca:ed:f0:
8d:3b:df:2c:b8:9c:ab:5b:1e:0d:fa:59:0f:d5:51:
de:2d:03:d2:a9:5c:51:1e:a1:d2:93:f3:d9:60:7f:
3f:54:2a:ca:18:c2:d6:e5:3e:68:a7:11:b6:37:6e:
c7:35:a6:7f:c2:5a:ce:29:b9:5b:2e:bc:24:b3:38:
b3:12:77:ca:24:b4:71:eb:e8:6e:56:5e:5a:df:af:
8d:79:12:b0:66:52:eb:fc:7b:03:a3:fb:f7:db:8c:
51:9f:38:d7:a6:35:34:47:82:0d:81:eb:af:3b:cf:
4e:55:d3:f4:69:73:d4:0b:81:61:f9:80:94:fc:c6:
0d:7e:d1:f5:16:df:3b:65:4b:bc:a6:ed:b8:d2:5d:
b4:20:51:a8:7b:aa:ec:29:14:6c:b5:b4:a6:01:10:
35:b3:42:28:d9:6c:95:b6:2e:17:47:0b:aa:3f:7b:
68:69:cf:99:87:7c:43:f7:d5:8b:8d:b7:6c:2c:98:
01:f7:dc:d8:f8:d6:c1:df:3b:6e:2f:26:d7:0d:2e:
30:3b:9a:3f:01:08:65:74:f6:d0:da:5a:80:e6:4b:
7c:07:3d:5d:73:64:92:42:0e:fe:0c:ad:f6:67:d6:
96:9c:ea:d2:fd:db:04:59:6d:d4:4e:ff:02:d8:66:
12:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:A8:F3:EB:9B:82:C9:04:EC:B0:48:F9:00:FE:41:7F:FD:A0:41:4E
X509v3 Authority Key Identifier:
keyid:3A:48:FE:07:04:E4:AC:95:E3:A7:0E:95:BE:B8:44:25:C3:16:B9:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Okj-BwTkrJXjpw6VvrhEJcMWua0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/lajz65uCyQTssEj5AP5Bf_2gQU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/91717c-eb77-4e83-8eaa-e123e4e303e1/1/Okj-BwTkrJXjpw6VvrhEJcMWua0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:804::/48
Signature Algorithm: sha256WithRSAEncryption
90:c3:92:81:cc:d5:47:58:8d:db:c9:4f:e1:50:86:fa:87:09:
4c:e5:bc:20:1b:a1:32:15:6d:7e:91:cf:80:cd:af:67:f9:d9:
81:54:87:19:e3:35:80:ec:4e:d1:50:92:07:a8:b8:b5:40:9c:
e9:57:15:29:72:6c:dd:54:24:bb:6c:43:87:25:69:0c:d3:20:
e7:51:4e:fa:62:83:dc:a2:5c:3b:10:7f:9b:c2:d6:c2:42:a1:
c8:19:b2:78:8b:90:7a:28:a9:75:87:c1:02:96:6e:d5:86:2d:
a6:95:0a:92:d8:25:81:59:33:af:6a:07:78:90:fb:65:9e:1c:
43:dd:8b:88:52:fe:da:20:54:b2:49:53:77:99:e1:31:86:a3:
9f:bc:da:a8:d1:61:cf:55:81:62:b0:0c:5e:83:60:79:08:b2:
d8:f1:9d:24:b3:63:6d:3b:dd:68:fc:5c:57:e9:9f:a7:f7:46:
25:52:47:06:0c:d4:4f:1f:01:67:dd:55:42:0d:3b:94:e6:9c:
ce:31:bb:f2:15:4b:2b:26:79:98:1d:c8:65:08:0b:93:21:e1:
4e:2e:95:4d:50:e2:2b:92:e5:d7:e9:3b:48:11:bf:25:e6:63:
a7:44:3c:9c:d6:9c:cc:ba:6f:66:7e:3c:c4:c9:7a:7b:bb:1c:
fd:a4:38:30
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIEA6ZaTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YTQ4ZmUwNzA0ZTRhYzk1ZTNhNzBlOTViZWI4NDQyNWMzMTZiOWFkMB4XDTIyMDYx
NTA2MDE0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTVhOGYzZWI5Yjgy
YzkwNGVjYjA0OGY5MDBmZTQxN2ZmZGEwNDE0ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKQZnTRd6r/BeFxGyu3wjTvfLLicq1seDfpZD9VR3i0D0qlc
UR6h0pPz2WB/P1QqyhjC1uU+aKcRtjduxzWmf8Jazim5Wy68JLM4sxJ3yiS0cevo
blZeWt+vjXkSsGZS6/x7A6P799uMUZ8416Y1NEeCDYHrrzvPTlXT9Glz1AuBYfmA
lPzGDX7R9RbfO2VLvKbtuNJdtCBRqHuq7CkUbLW0pgEQNbNCKNlslbYuF0cLqj97
aGnPmYd8Q/fVi423bCyYAffc2PjWwd87bi8m1w0uMDuaPwEIZXT20NpagOZLfAc9
XXNkkkIO/gyt9mfWlpzq0v3bBFlt1E7/AthmEpUCAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBSVqPPrm4LJBOywSPkA/kF//aBBTjAfBgNVHSMEGDAWgBQ6SP4HBOSsleOn
DpW+uEQlwxa5rTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09rai1Cd1RrckpYanB3NlZ2cmhFSmNNV3VhMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzkvOTE3MTdjLWViNzctNGU4My04ZWFhLWUxMjNlNGUzMDNlMS8x
L2xhano2NXVDeVFUc3NFajVBUDVCZl8yZ1FVNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzkv
OTE3MTdjLWViNzctNGU4My04ZWFhLWUxMjNlNGUzMDNlMS8xL09rai1Cd1RrckpY
anB3NlZ2cmhFSmNNV3VhMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACABBngIBDANBgkqhkiG9w0BAQsF
AAOCAQEAkMOSgczVR1iN28lP4VCG+ocJTOW8IBuhMhVtfpHPgM2vZ/nZgVSHGeM1
gOxO0VCSB6i4tUCc6VcVKXJs3VQku2xDhyVpDNMg51FO+mKD3KJcOxB/m8LWwkKh
yBmyeIuQeiipdYfBApZu1YYtppUKktglgVkzr2oHeJD7ZZ4cQ92LiFL+2iBUsklT
d5nhMYajn7zaqNFhz1WBYrAMXoNgeQiy2PGdJLNjbTvdaPxcV+mfp/dGJVJHBgzU
Tx8BZ91VQg07lOaczjG78hVLKyZ5mB3IZQgLkyHhTi6VTVDiK5Ll1+k7SBG/JeZj
p0Q8nNaczLpvZn48xMl6e7sc/aQ4MA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:14:46 2025 by rpki-client