Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa
File: LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa (raw, json)
Hash identifier: 1b8q19fHyUYfqixEOcbhWMszYuSk8rxpbt8Hl6HrG/c=
Subject key identifier: 2D:9D:A6:F6:0F:7D:4A:C8:3D:56:4C:EC:F2:AD:9C:72:35:13:0C:EB
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 0182D89748B656B3E0B3BA3983CDF772DC7E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa
Signing time: Fri 26 Aug 2022 05:19:29 +0000
ROA not before: Fri 26 Aug 2022 05:19:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 2a0e:1b43::/32 maxlen: 32
2a10:12c3::/32 maxlen: 32
2a10:12c0::/29 maxlen: 29
2a10:12c7::/32 maxlen: 32
2a0e:1b47::/32 maxlen: 32
2a0e:1b40::/32 maxlen: 32
2a10:12c0::/32 maxlen: 32
2a10:12c6::/32 maxlen: 32
2a0e:1b46::/32 maxlen: 32
2a0e:1b41::/32 maxlen: 32
2a0e:1b45::/32 maxlen: 32
2a10:12c5::/32 maxlen: 32
2a10:12c1::/32 maxlen: 32
2a0e:1b44::/32 maxlen: 32
2a10:12c4::/32 maxlen: 32
2a10:12c2::/32 maxlen: 32
2a0e:1b42::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:d8:97:48:b6:56:b3:e0:b3:ba:39:83:cd:f7:72:dc:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Aug 26 05:19:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d9da6f60f7d4ac83d564cecf2ad9c7235130ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:15:f6:ee:51:97:19:55:e8:2f:a8:49:f6:7e:
55:1a:eb:8b:fe:a8:36:e4:7e:ef:15:32:cc:26:ab:
c7:9e:f6:bb:cf:a0:ae:3d:02:43:68:8d:6b:cf:b6:
9e:50:d1:8c:60:09:3d:89:94:56:d7:60:54:7e:fd:
2b:83:39:f4:80:f7:4e:90:97:0b:ab:fe:fd:6a:94:
18:97:93:56:12:a2:c9:0a:7c:fd:9e:fb:b1:20:6e:
71:4a:48:6a:44:cd:2c:65:60:3d:fd:b6:10:0c:76:
e6:61:8b:56:51:33:2a:16:ba:3a:86:a6:a7:d8:9f:
bc:5d:45:cf:ff:d5:9b:5f:ad:e7:88:c4:d7:1b:88:
a4:ab:bb:db:7c:43:80:5e:d3:60:c4:b7:7f:6a:68:
95:20:76:b2:0a:19:4b:fb:69:5a:77:02:a5:10:ac:
7f:df:9b:e5:93:59:40:fc:a1:8b:ab:63:f8:b9:9c:
65:7b:a5:3c:bd:8b:5a:33:db:3a:2d:b9:26:87:13:
b4:af:f5:89:e9:24:b3:3c:9b:1d:c2:f7:fb:82:cf:
fc:f7:e5:7f:cf:3d:c1:ee:0a:df:cc:2d:7b:07:bc:
17:dd:53:21:62:b5:5e:33:cf:fc:e2:02:5f:ff:c5:
42:1e:ab:cf:37:89:a4:b0:42:5d:ff:67:21:e4:8e:
24:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:9D:A6:F6:0F:7D:4A:C8:3D:56:4C:EC:F2:AD:9C:72:35:13:0C:EB
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LZ2m9g99Ssg9Vkzs8q2ccjUTDOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1b40::/29
2a10:12c0::/29
Signature Algorithm: sha256WithRSAEncryption
72:4a:2f:d2:63:0b:40:b4:80:23:a2:e8:38:fb:de:e3:b2:02:
93:ee:e4:05:b0:fe:62:40:9a:1d:04:4e:91:2e:db:8c:34:39:
d7:80:9c:10:d8:a6:05:c3:01:50:0c:87:cd:7f:22:3d:c9:00:
04:0e:a9:e7:8a:07:61:24:43:44:cf:cd:0d:cd:bd:be:35:f8:
f9:db:1a:dd:7f:51:1d:59:d3:02:d7:ba:92:59:af:05:fe:0b:
e3:47:b7:e0:5f:ab:69:6a:fe:9d:de:6f:69:c8:a7:e1:50:36:
47:62:f5:cb:59:b0:de:d8:7f:38:ab:54:54:3d:43:7f:b9:1d:
82:eb:92:14:4f:26:99:85:00:34:93:91:7b:e7:a7:88:e4:3b:
f4:ed:3f:ea:6d:a6:29:b4:b8:90:1c:22:67:cb:e5:72:9b:e5:
9c:0b:01:6a:4b:14:4a:d5:39:68:71:05:27:63:ac:a9:d5:dc:
5e:e0:47:15:60:6c:52:17:5e:c8:a3:b6:d4:04:8b:1e:df:0d:
97:a4:d5:98:03:97:e5:70:7c:01:7a:33:85:8b:b7:3c:c5:3e:
d6:5c:15:a1:43:a2:50:44:18:df:6a:89:5e:7f:d5:39:e4:98:
d7:3c:d0:c3:72:5d:a6:8d:54:f0:1e:98:db:92:8f:e2:bc:bf:
69:cb:e4:8b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYLYl0i2VrPgs7o5g833ctx+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjIwODI2MDUxOTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDlkYTZmNjBmN2Q0YWM4M2Q1NjRjZWNmMmFkOWM3MjM1MTMwY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvBX27lGXGVXoL6hJ9n5VGuuL/qg2
5H7vFTLMJqvHnva7z6CuPQJDaI1rz7aeUNGMYAk9iZRW12BUfv0rgzn0gPdOkJcL
q/79apQYl5NWEqLJCnz9nvuxIG5xSkhqRM0sZWA9/bYQDHbmYYtWUTMqFro6hqan
2J+8XUXP/9WbX63niMTXG4ikq7vbfEOAXtNgxLd/amiVIHayChlL+2ladwKlEKx/
35vlk1lA/KGLq2P4uZxle6U8vYtaM9s6LbkmhxO0r/WJ6SSzPJsdwvf7gs/89+V/
zz3B7grfzC17B7wX3VMhYrVeM8/84gJf/8VCHqvPN4mksEJd/2ch5I4k0wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC2dpvYPfUrIPVZM7PKtnHI1EwzrMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvTFoybTlnOTlTc2c5Vmt6czhxMmNjalVURE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUDKg4bQAMF
AyoQEsAwDQYJKoZIhvcNAQELBQADggEBAHJKL9JjC0C0gCOi6Dj73uOyApPu5AWw
/mJAmh0ETpEu24w0OdeAnBDYpgXDAVAMh81/Ij3JAAQOqeeKB2EkQ0TPzQ3Nvb41
+PnbGt1/UR1Z0wLXupJZrwX+C+NHt+Bfq2lq/p3eb2nIp+FQNkdi9ctZsN7Yfzir
VFQ9Q3+5HYLrkhRPJpmFADSTkXvnp4jkO/TtP+ptpim0uJAcImfL5XKb5ZwLAWpL
FErVOWhxBSdjrKnV3F7gRxVgbFIXXsijttQEix7fDZek1ZgDl+VwfAF6M4WLtzzF
PtZcFaFDolBEGN9qiV5/1TnkmNc80MNyXaaNVPAemNuSj+K8v2nL5Is=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:45 2025 by rpki-client