Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LNdqpiWPOXKJ7T0wOlxMw3rMfmc.roa
File: LNdqpiWPOXKJ7T0wOlxMw3rMfmc.roa (raw, json)
Hash identifier: gKJ2gb716fKYMaDkjOvetq83u1HDLZH8I40uzpUdsMI=
Subject key identifier: 2C:D7:6A:A6:25:8F:39:72:89:ED:3D:30:3A:5C:4C:C3:7A:CC:7E:67
Certificate issuer: /CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Certificate serial: 018AEC4CF1800FA069C6E87BF5FC03958911
Authority key identifier: 79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LNdqpiWPOXKJ7T0wOlxMw3rMfmc.roa
Signing time: Sun 01 Oct 2023 17:32:59 +0000
ROA not before: Sun 01 Oct 2023 17:32:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48771
IP address blocks: 2a12:3fc0:4877::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ec:4c:f1:80:0f:a0:69:c6:e8:7b:f5:fc:03:95:89:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=798f7b1fd802b3dc6abd7a5cda786a6311e1d63d
Validity
Not Before: Oct 1 17:32:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2cd76aa6258f397289ed3d303a5c4cc37acc7e67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f3:b9:6e:7a:ee:1f:78:62:ad:d0:36:ed:98:
36:40:4d:64:c3:aa:11:37:01:e1:07:79:6a:53:76:
07:17:bb:d1:6b:51:96:16:d3:c1:49:dd:cf:13:8c:
7d:f2:7b:9b:69:60:f0:93:fd:1f:f4:97:ce:b1:fd:
49:af:2c:8c:82:c4:5a:dc:63:e4:79:ca:67:08:7a:
a5:86:95:f3:15:ce:f8:2d:f4:b6:64:26:71:e1:3e:
71:41:49:83:ad:3a:d7:bc:84:9d:9d:4f:1c:24:3b:
6c:9e:d7:bc:18:26:b1:48:63:23:31:86:46:53:c9:
ae:5a:95:9c:af:ad:1f:1c:f7:0a:39:ab:32:57:17:
36:d6:c7:c7:7c:99:be:0d:f5:fb:0c:cb:45:7e:a2:
e5:a1:4b:91:5e:3f:a9:9b:9c:5c:45:d5:5b:fc:e9:
77:9c:b5:8c:b0:1a:dd:46:c4:c5:a5:8b:3b:d8:80:
3f:26:22:9d:cc:47:34:5f:c5:b5:c8:bb:61:a2:4c:
34:7b:4e:4b:61:be:21:6f:e7:85:79:dd:e6:fc:75:
a2:f1:ba:f1:fc:b5:b5:d1:39:3f:e9:db:d3:2b:ee:
cf:f1:98:a0:f1:92:fa:8b:da:c6:b4:1e:a4:77:71:
0f:f9:26:42:0e:61:35:9b:3c:7b:96:0a:4a:02:71:
63:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2C:D7:6A:A6:25:8F:39:72:89:ED:3D:30:3A:5C:4C:C3:7A:CC:7E:67
X509v3 Authority Key Identifier:
keyid:79:8F:7B:1F:D8:02:B3:DC:6A:BD:7A:5C:DA:78:6A:63:11:E1:D6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eY97H9gCs9xqvXpc2nhqYxHh1j0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/LNdqpiWPOXKJ7T0wOlxMw3rMfmc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/30883a-16d7-4212-9199-09d0aa28e551/1/eY97H9gCs9xqvXpc2nhqYxHh1j0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:3fc0:4877::/48
Signature Algorithm: sha256WithRSAEncryption
8a:b6:11:c8:45:9e:8f:b6:00:c2:08:cf:2b:72:5a:b7:5e:09:
da:5a:87:41:cd:5f:c2:b4:ac:69:cb:26:ce:1a:27:21:1c:c7:
b3:50:ba:e5:25:2c:83:b9:78:5a:3d:80:3a:48:90:22:f2:b6:
0c:2b:9d:3d:ed:68:fc:f0:7f:72:07:57:f7:e8:e3:40:d0:cb:
26:3e:97:5b:7c:21:d1:fa:87:c3:55:d3:c6:12:9b:de:6c:e6:
cf:f9:c5:bd:dd:cd:fb:22:c0:97:78:21:b6:bb:08:6a:41:c1:
28:10:33:fb:13:66:ab:48:25:ac:33:e4:cc:91:d4:04:d0:a8:
70:b1:d5:2b:3c:72:9b:c0:92:4f:6a:76:cc:4f:d4:8f:b5:76:
33:c8:ec:d6:56:b2:6f:28:c8:e2:0f:0d:8f:35:70:ea:ad:31:
5a:97:a6:82:7c:2a:56:5a:0b:f9:4d:14:50:fd:a6:54:38:23:
fe:c3:8f:43:b5:19:37:c4:e8:e4:8e:cf:23:78:73:d3:a5:dd:
df:42:23:fa:5c:e0:49:39:5c:5e:12:e5:b2:0e:82:da:4e:2b:
8c:44:cc:0d:a3:6e:69:34:52:a8:8c:b3:e8:47:61:62:a5:c8:
c7:57:1b:ac:24:1d:56:6a:2e:13:ae:b8:cb:fe:29:05:47:53:
80:37:a8:23
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYrsTPGAD6Bpxuh79fwDlYkRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5OGY3YjFmZDgwMmIzZGM2YWJkN2E1Y2RhNzg2YTYzMTFl
MWQ2M2QwHhcNMjMxMDAxMTczMjU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyY2Q3NmFhNjI1OGYzOTcyODllZDNkMzAzYTVjNGNjMzdhY2M3ZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvO5bnruH3hirdA27Zg2QE1kw6oR
NwHhB3lqU3YHF7vRa1GWFtPBSd3PE4x98nubaWDwk/0f9JfOsf1JryyMgsRa3GPk
ecpnCHqlhpXzFc74LfS2ZCZx4T5xQUmDrTrXvISdnU8cJDtsnte8GCaxSGMjMYZG
U8muWpWcr60fHPcKOasyVxc21sfHfJm+DfX7DMtFfqLloUuRXj+pm5xcRdVb/Ol3
nLWMsBrdRsTFpYs72IA/JiKdzEc0X8W1yLthokw0e05LYb4hb+eFed3m/HWi8brx
/LW10Tk/6dvTK+7P8Zig8ZL6i9rGtB6kd3EP+SZCDmE1mzx7lgpKAnFjYQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFCzXaqYljzlyie09MDpcTMN6zH5nMB8GA1UdIwQY
MBaAFHmPex/YArPcar16XNp4amMR4dY9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTkt
MDlkMGFhMjhlNTUxLzEvTE5kcXBpV1BPWEtKN1Qwd09seE13M3JNZm1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8zMDg4M2EtMTZkNy00MjEyLTkxOTktMDlkMGFhMjhlNTUx
LzEvZVk5N0g5Z0NzOXhxdlhwYzJuaHFZeEhoMWowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKhI/wEh3
MA0GCSqGSIb3DQEBCwUAA4IBAQCKthHIRZ6PtgDCCM8rclq3XgnaWodBzV/CtKxp
yybOGichHMezULrlJSyDuXhaPYA6SJAi8rYMK5097Wj88H9yB1f36ONA0MsmPpdb
fCHR+ofDVdPGEpvebObP+cW93c37IsCXeCG2uwhqQcEoEDP7E2arSCWsM+TMkdQE
0KhwsdUrPHKbwJJPanbMT9SPtXYzyOzWVrJvKMjiDw2PNXDqrTFal6aCfCpWWgv5
TRRQ/aZUOCP+w49DtRk3xOjkjs8jeHPTpd3fQiP6XOBJOVxeEuWyDoLaTiuMRMwN
o25pNFKojLPoR2FipcjHVxusJB1Wai4TrrjL/ikFR1OAN6gj
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:18 2025 by rpki-client