Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/LobXe0XWLEh1Pl1xyMsJp6KxqQA.roa
File: LobXe0XWLEh1Pl1xyMsJp6KxqQA.roa (raw, json)
Hash identifier: mU0WNAISKMB6UxuOC+9P1PAsZELwuKIsONwXMaiM8iI=
Subject key identifier: 2E:86:D7:7B:45:D6:2C:48:75:3E:5D:71:C8:CB:09:A7:A2:B1:A9:00
Certificate issuer: /CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Certificate serial: 01856C6EFF8387B8AD79F415B0BB56EB6085
Authority key identifier: 37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/LobXe0XWLEh1Pl1xyMsJp6KxqQA.roa
Signing time: Sun 01 Jan 2023 08:24:51 +0000
ROA not before: Sun 01 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31898
IP address blocks: 2a0e:46c4:2300::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:ff:83:87:b8:ad:79:f4:15:b0:bb:56:eb:60:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=370e5450d1486780aba54f045ec4802f19f0b4f7
Validity
Not Before: Jan 1 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2e86d77b45d62c48753e5d71c8cb09a7a2b1a900
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:24:2d:b6:d6:64:c3:9f:d7:71:bc:8d:61:46:
db:9f:db:41:e6:6b:4e:d8:62:51:84:9b:e9:be:88:
b4:7e:24:ef:dd:66:f1:80:95:7d:d3:23:a9:4b:69:
90:c8:a0:3d:76:d9:4d:26:46:12:18:fe:b1:44:eb:
30:26:45:dc:10:a4:fb:6a:f4:c0:97:62:6a:6a:3d:
db:45:d6:25:53:68:7b:9f:64:b3:e6:25:96:2d:4b:
7b:b8:d8:a5:1a:4c:9f:03:a3:80:7e:78:85:ee:8e:
09:41:2c:f6:61:fe:9f:81:52:5d:60:80:94:dd:97:
71:ad:d5:c6:7e:da:08:a4:16:2e:28:71:4a:05:54:
54:a2:f5:34:56:e3:c0:43:6d:87:90:4d:c0:ff:87:
2f:45:97:fd:92:94:30:e9:cc:0b:bf:5c:6b:be:d6:
0f:1e:d2:d1:e5:da:1d:a8:13:20:f2:dd:0d:8c:f6:
af:6a:2e:1b:4b:b7:64:9a:10:08:60:f5:d6:03:cd:
82:7e:ae:24:7e:da:93:cf:99:92:78:47:c2:49:8d:
f4:dd:10:43:9a:ee:cc:af:1e:60:92:17:06:e7:7e:
0e:6a:1c:6e:d8:42:c9:ac:7e:89:bd:59:c7:d3:d6:
e7:48:16:ea:c5:28:8a:2e:42:7d:42:5e:54:eb:64:
dc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:86:D7:7B:45:D6:2C:48:75:3E:5D:71:C8:CB:09:A7:A2:B1:A9:00
X509v3 Authority Key Identifier:
keyid:37:0E:54:50:D1:48:67:80:AB:A5:4F:04:5E:C4:80:2F:19:F0:B4:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/LobXe0XWLEh1Pl1xyMsJp6KxqQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/f0f70c-06e7-41ac-a2b8-858dce57fcdb/1/Nw5UUNFIZ4CrpU8EXsSALxnwtPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:46c4:2300::/40
Signature Algorithm: sha256WithRSAEncryption
23:15:5c:ac:14:cc:b1:64:55:70:8f:fc:f4:fb:5a:6e:2a:31:
07:3f:43:fc:2b:74:b4:fa:ab:34:8a:6a:03:7f:c6:90:7c:1e:
94:89:b9:76:3b:49:49:79:65:63:32:2c:43:6d:db:3e:67:16:
06:70:94:90:86:81:33:60:26:1f:25:90:4c:3b:99:fc:e1:63:
1e:dc:4e:ea:d1:41:33:ab:96:9b:a2:06:ed:73:75:0f:64:5c:
82:a5:2d:50:6b:ae:74:48:df:ac:b3:07:f2:0c:40:92:5f:c5:
18:c0:90:cc:25:e8:04:c5:a6:28:37:fa:53:0c:48:79:f5:c2:
b6:f4:0e:e0:51:d4:36:99:ca:89:66:99:57:ac:ce:ae:8a:69:
08:4c:04:bf:61:56:0a:c5:04:33:a7:4b:62:30:f2:eb:24:8f:
c9:22:73:4b:38:2b:4e:d4:95:86:00:20:87:8d:84:a4:19:f8:
72:96:6c:14:8f:fa:58:48:28:0b:09:00:59:ba:b5:54:07:03:
c0:50:f4:42:91:3b:f4:bb:7f:cc:9a:1e:69:d9:b0:f8:91:bb:
3b:91:7b:b8:0a:91:f3:dd:a2:95:3d:b3:49:76:67:f8:c9:bc:
d1:3c:db:b3:ae:2e:4c:86:05:d7:f7:d7:59:a0:c1:28:a3:f0:
d1:76:09:a3
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVsbv+Dh7itefQVsLtW62CFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3MGU1NDUwZDE0ODY3ODBhYmE1NGYwNDVlYzQ4MDJmMTlm
MGI0ZjcwHhcNMjMwMTAxMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTg2ZDc3YjQ1ZDYyYzQ4NzUzZTVkNzFjOGNiMDlhN2EyYjFhOTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSQtttZkw5/XcbyNYUbbn9tB5mtO
2GJRhJvpvoi0fiTv3WbxgJV90yOpS2mQyKA9dtlNJkYSGP6xROswJkXcEKT7avTA
l2Jqaj3bRdYlU2h7n2Sz5iWWLUt7uNilGkyfA6OAfniF7o4JQSz2Yf6fgVJdYICU
3ZdxrdXGftoIpBYuKHFKBVRUovU0VuPAQ22HkE3A/4cvRZf9kpQw6cwLv1xrvtYP
HtLR5dodqBMg8t0NjPavai4bS7dkmhAIYPXWA82Cfq4kftqTz5mSeEfCSY303RBD
mu7Mrx5gkhcG534Oahxu2ELJrH6JvVnH09bnSBbqxSiKLkJ9Ql5U62TcAwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFC6G13tF1ixIdT5dccjLCaeisakAMB8GA1UdIwQY
MBaAFDcOVFDRSGeAq6VPBF7EgC8Z8LT3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgt
ODU4ZGNlNTdmY2RiLzEvTG9iWGUwWFdMRWgxUGwxeHlNc0pwNkt4cVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9mMGY3MGMtMDZlNy00MWFjLWEyYjgtODU4ZGNlNTdmY2Ri
LzEvTnc1VVVORklaNENycFU4RVhzU0FMeG53dFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg5GxCMw
DQYJKoZIhvcNAQELBQADggEBACMVXKwUzLFkVXCP/PT7Wm4qMQc/Q/wrdLT6qzSK
agN/xpB8HpSJuXY7SUl5ZWMyLENt2z5nFgZwlJCGgTNgJh8lkEw7mfzhYx7cTurR
QTOrlpuiBu1zdQ9kXIKlLVBrrnRI36yzB/IMQJJfxRjAkMwl6ATFpig3+lMMSHn1
wrb0DuBR1DaZyolmmVeszq6KaQhMBL9hVgrFBDOnS2Iw8uskj8kic0s4K07UlYYA
IIeNhKQZ+HKWbBSP+lhIKAsJAFm6tVQHA8BQ9EKRO/S7f8yaHmnZsPiRuzuRe7gK
kfPdopU9s0l2Z/jJvNE827OuLkyGBdf311mgwSij8NF2CaM=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:23 2025 by rpki-client