Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/lnsVJjwNiBvdiVhbJ9Ji2gx5WrE.roa
File: lnsVJjwNiBvdiVhbJ9Ji2gx5WrE.roa (raw, json)
Hash identifier: U5PSMM4LnX8bk7tEMM7JQvRChw3IoPZMvVFb4UarnOg=
Subject key identifier: 96:7B:15:26:3C:0D:88:1B:DD:89:58:5B:27:D2:62:DA:0C:79:5A:B1
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 0183155DFA9CDFE3916E07D0AFEF90E4C39D
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/lnsVJjwNiBvdiVhbJ9Ji2gx5WrE.roa
Signing time: Wed 07 Sep 2022 00:33:43 +0000
ROA not before: Wed 07 Sep 2022 00:33:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48031
IP address blocks: 147.78.3.0/24 maxlen: 24
2a11:840:25::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:15:5d:fa:9c:df:e3:91:6e:07:d0:af:ef:90:e4:c3:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 7 00:33:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=967b15263c0d881bdd89585b27d262da0c795ab1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:36:37:29:08:78:7f:d9:ba:de:bf:0b:a4:fd:
03:0c:3f:f0:9d:9d:99:88:62:3c:d4:41:07:e2:13:
77:58:2c:0e:1d:9e:83:33:f5:33:50:3c:d5:a3:a8:
30:f5:32:b5:27:70:35:ab:da:76:d0:72:f8:65:96:
e5:8d:85:62:4f:1a:36:1e:5e:02:7d:04:7f:10:93:
e0:b1:16:99:c6:0d:37:cd:bf:48:1a:7c:0a:cc:cd:
3f:80:f6:1f:18:84:33:c3:d4:0a:7e:51:88:32:9a:
ca:66:de:f4:1d:8f:51:7e:52:00:73:55:8a:a6:e0:
2c:95:e6:de:e6:a5:0e:6a:75:4d:d3:8f:a5:88:89:
d7:95:9f:a2:bf:15:88:c7:00:b1:7c:56:d1:cb:c5:
ee:12:d5:e5:e2:6d:0b:87:85:43:2a:05:43:b7:78:
cd:a1:0f:b9:00:91:8f:11:3e:19:6f:02:de:5b:c4:
dc:47:18:ca:99:6a:61:bc:bd:8d:4c:4d:12:82:53:
53:93:ac:34:ca:64:11:54:f7:91:6f:5d:52:a8:cb:
e9:ff:d3:d6:20:e0:3d:51:d6:b1:15:32:0f:41:bb:
03:1e:f3:64:e7:3a:8e:9a:8c:28:fc:3d:04:8a:5c:
5c:6b:22:7c:bd:f4:b5:08:7a:4e:97:db:90:59:c3:
c0:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:7B:15:26:3C:0D:88:1B:DD:89:58:5B:27:D2:62:DA:0C:79:5A:B1
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/lnsVJjwNiBvdiVhbJ9Ji2gx5WrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.3.0/24
IPv6:
2a11:840:25::/48
Signature Algorithm: sha256WithRSAEncryption
8d:2e:87:9b:aa:49:1e:80:e9:f7:a9:3f:bd:10:69:b2:5f:d4:
c7:75:a1:58:29:21:8a:d0:1c:ba:a7:01:28:f2:b6:5a:4e:b3:
09:70:d5:da:f5:6f:03:e0:4e:35:61:af:ca:df:17:9a:9d:b6:
9e:67:a8:f1:29:25:6d:f2:0d:18:d9:d4:8b:23:43:57:bb:e6:
9e:53:01:dc:68:79:08:3f:07:d9:8e:44:f0:32:ec:05:15:99:
ce:ff:92:8e:98:63:2d:dd:f8:85:e5:30:cf:4f:6e:44:9b:c0:
77:7a:45:e2:b7:c9:fe:33:21:aa:fd:9f:97:3a:33:b2:45:df:
dc:96:44:1c:fe:89:91:6e:70:67:7b:5c:af:51:42:d6:47:d4:
95:bd:0a:94:b8:0a:b9:d0:76:34:36:e9:e8:64:8c:39:d6:f2:
12:c8:54:9e:5c:77:a0:9e:6f:cd:96:58:4e:bf:fb:3f:43:32:
4c:e2:0b:b4:db:80:67:bc:6c:d1:ae:95:7b:8d:7a:8c:59:8f:
ec:c3:26:d4:69:b8:25:ae:e7:45:73:d5:8d:a0:10:a4:a1:4e:
bb:6f:77:c3:a8:98:e3:f0:b0:72:73:61:e0:e5:6f:14:1e:9c:
ad:0b:0e:3f:f5:1b:18:0a:bf:e0:57:10:c7:db:75:35:3f:2b:
10:b8:44:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYMVXfqc3+ORbgfQr++Q5MOdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjIwOTA3MDAzMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjdiMTUyNjNjMGQ4ODFiZGQ4OTU4NWIyN2QyNjJkYTBjNzk1YWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDY3KQh4f9m63r8LpP0DDD/wnZ2Z
iGI81EEH4hN3WCwOHZ6DM/UzUDzVo6gw9TK1J3A1q9p20HL4ZZbljYViTxo2Hl4C
fQR/EJPgsRaZxg03zb9IGnwKzM0/gPYfGIQzw9QKflGIMprKZt70HY9RflIAc1WK
puAslebe5qUOanVN04+liInXlZ+ivxWIxwCxfFbRy8XuEtXl4m0Lh4VDKgVDt3jN
oQ+5AJGPET4ZbwLeW8TcRxjKmWphvL2NTE0SglNTk6w0ymQRVPeRb11SqMvp/9PW
IOA9UdaxFTIPQbsDHvNk5zqOmowo/D0EilxcayJ8vfS1CHpOl9uQWcPA7QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJZ7FSY8DYgb3YlYWyfSYtoMeVqxMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvbG5zVkpqd05pQnZkaVZoYko5SmkyZ3g1V3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAk04DMA8E
AgACMAkDBwAqEQhAACUwDQYJKoZIhvcNAQELBQADggEBAI0uh5uqSR6A6fepP70Q
abJf1Md1oVgpIYrQHLqnASjytlpOswlw1dr1bwPgTjVhr8rfF5qdtp5nqPEpJW3y
DRjZ1IsjQ1e75p5TAdxoeQg/B9mORPAy7AUVmc7/ko6YYy3d+IXlMM9PbkSbwHd6
ReK3yf4zIar9n5c6M7JF39yWRBz+iZFucGd7XK9RQtZH1JW9CpS4CrnQdjQ26ehk
jDnW8hLIVJ5cd6Ceb82WWE6/+z9DMkziC7TbgGe8bNGulXuNeoxZj+zDJtRpuCWu
50Vz1Y2gEKShTrtvd8OomOPwsHJzYeDlbxQenK0LDj/1GxgKv+BXEMfbdTU/KxC4
REE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:37:51 2024 by rpki-client on console-ams.rpki-client.org