Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LzveThv6mRVhHNWMr2nqZYiOcPQ.roa
File: LzveThv6mRVhHNWMr2nqZYiOcPQ.roa (raw, json)
Hash identifier: g1cBXRKNBU9nnMhD6d83AFnm4XiMzaZPBMdB4Z0ffk8=
Subject key identifier: 2F:3B:DE:4E:1B:FA:99:15:61:1C:D5:8C:AF:69:EA:65:88:8E:70:F4
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 01856C7850CE1195E83D430A3A2C288842BD
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LzveThv6mRVhHNWMr2nqZYiOcPQ.roa
Signing time: Sun 01 Jan 2023 08:35:02 +0000
ROA not before: Sun 01 Jan 2023 08:35:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 397270
IP address blocks: 2a0d:e0c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:78:50:ce:11:95:e8:3d:43:0a:3a:2c:28:88:42:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 1 08:35:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2f3bde4e1bfa9915611cd58caf69ea65888e70f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9c:47:d7:51:75:cd:c4:10:f5:de:c9:a3:68:
d0:fa:3c:28:25:16:d7:1c:99:c0:8c:ed:6d:ef:6c:
6b:d0:85:52:58:43:08:55:37:0e:fc:49:ae:06:da:
e0:fd:94:6e:9d:00:f5:46:aa:db:e5:28:e7:3d:a4:
b9:1e:40:f1:8f:ba:9f:92:f7:ef:ab:c2:51:bd:63:
60:7e:f7:de:0a:38:e0:ae:6d:41:04:bc:a5:61:20:
6b:1e:05:ac:d9:72:f0:94:3d:f3:c0:c9:fb:69:2a:
d8:0f:bd:7b:41:45:3d:48:fe:3f:54:91:10:d2:80:
b9:20:4d:4f:11:f5:1b:92:41:cd:35:d9:92:42:ca:
d7:a9:04:91:10:ab:26:8d:6c:95:1c:58:27:15:39:
02:ee:f0:74:43:ee:ad:8b:36:25:0f:53:b2:4b:af:
1f:15:81:70:85:1b:19:4a:49:f3:bd:d5:0c:61:d9:
f4:ac:3c:a9:0b:7a:e0:a2:7c:6a:35:bd:81:be:ee:
89:ff:bd:8b:cd:dc:75:0f:3d:7e:e7:6f:66:55:fa:
76:13:48:e8:a0:ec:30:5d:dc:5b:81:1f:15:60:10:
97:cf:c9:1a:6a:a5:bb:98:6f:ed:ca:85:39:34:32:
ab:93:98:aa:b2:8d:83:c9:f8:93:0f:c3:fc:b5:b2:
80:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3B:DE:4E:1B:FA:99:15:61:1C:D5:8C:AF:69:EA:65:88:8E:70:F4
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/LzveThv6mRVhHNWMr2nqZYiOcPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:e0c0::/29
Signature Algorithm: sha256WithRSAEncryption
15:86:00:7d:11:bc:2a:be:10:e7:da:60:43:02:7d:b1:88:5a:
8e:a2:cb:3d:5e:24:35:e4:6e:40:31:f4:f9:a5:ba:b0:07:6d:
67:ba:48:90:dd:eb:f4:55:40:aa:25:e6:be:7a:5b:a4:8d:9e:
01:69:7a:5b:0d:7c:bf:82:75:ad:7a:93:8d:52:e9:1e:b9:b6:
44:05:fe:86:41:6b:73:08:b9:55:33:d4:e5:49:0c:9c:c8:75:
64:e6:ac:5f:1e:9d:53:5b:b3:ef:ff:5b:0e:ec:b5:d6:67:c5:
04:53:bc:27:84:71:f4:44:24:f3:b5:94:2c:56:66:d8:80:60:
b9:30:a5:88:af:bc:e6:80:fc:cc:28:34:b5:6c:b6:0f:3e:3b:
13:f6:39:b8:51:f1:6e:cd:f0:f7:90:00:69:ef:23:60:de:8d:
9f:f7:ad:31:40:cc:2a:d2:b5:56:96:d3:a5:80:a4:e0:b7:c2:
0a:67:d7:71:bf:3f:c5:94:eb:f3:62:c2:06:f0:57:f3:df:e9:
0a:be:66:e5:d9:b9:af:79:3f:d4:4e:68:2c:cf:24:af:c3:33:
70:0d:cc:0c:54:89:76:bf:b2:9b:7f:b1:37:57:03:41:73:70:
1c:7b:5b:68:da:3b:79:e7:c6:11:cb:e1:69:d5:cd:9a:49:2a:
55:8a:e4:38
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYVseFDOEZXoPUMKOiwoiEK9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMwMTAxMDgzNTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjNiZGU0ZTFiZmE5OTE1NjExY2Q1OGNhZjY5ZWE2NTg4OGU3MGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZxH11F1zcQQ9d7Jo2jQ+jwoJRbX
HJnAjO1t72xr0IVSWEMIVTcO/EmuBtrg/ZRunQD1Rqrb5SjnPaS5HkDxj7qfkvfv
q8JRvWNgfvfeCjjgrm1BBLylYSBrHgWs2XLwlD3zwMn7aSrYD717QUU9SP4/VJEQ
0oC5IE1PEfUbkkHNNdmSQsrXqQSREKsmjWyVHFgnFTkC7vB0Q+6tizYlD1OyS68f
FYFwhRsZSknzvdUMYdn0rDypC3rgonxqNb2Bvu6J/72Lzdx1Dz1+529mVfp2E0jo
oOwwXdxbgR8VYBCXz8kaaqW7mG/tyoU5NDKrk5iqso2DyfiTD8P8tbKA4wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC873k4b+pkVYRzVjK9p6mWIjnD0MB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvTHp2ZVRodjZtUlZoSE5XTXIybnFaWWlPY1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKg3gwDAN
BgkqhkiG9w0BAQsFAAOCAQEAFYYAfRG8Kr4Q59pgQwJ9sYhajqLLPV4kNeRuQDH0
+aW6sAdtZ7pIkN3r9FVAqiXmvnpbpI2eAWl6Ww18v4J1rXqTjVLpHrm2RAX+hkFr
cwi5VTPU5UkMnMh1ZOasXx6dU1uz7/9bDuy11mfFBFO8J4Rx9EQk87WULFZm2IBg
uTCliK+85oD8zCg0tWy2Dz47E/Y5uFHxbs3w95AAae8jYN6Nn/etMUDMKtK1VpbT
pYCk4LfCCmfXcb8/xZTr82LCBvBX89/pCr5m5dm5r3k/1E5oLM8kr8MzcA3MDFSJ
dr+ym3+xN1cDQXNwHHtbaNo7eefGEcvhadXNmkkqVYrkOA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:33 2025 by rpki-client