Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/LeBc9KgXYcUytPxkuF2pIZR8E_w.roa
File: LeBc9KgXYcUytPxkuF2pIZR8E_w.roa (raw, json)
Hash identifier: nQPjOZLddFG7rYGsy2xNrVsuc5rIAPS4lzfqBtYtLv4=
Subject key identifier: 2D:E0:5C:F4:A8:17:61:C5:32:B4:FC:64:B8:5D:A9:21:94:7C:13:FC
Certificate issuer: /CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Certificate serial: 2D16CD
Authority key identifier: 08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/LeBc9KgXYcUytPxkuF2pIZR8E_w.roa
Signing time: Wed 04 May 2022 12:54:16 +0000
ROA not before: Wed 04 May 2022 12:54:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212125
IP address blocks: 2a06:89c2:3003::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2954957 (0x2d16cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08fcaaf8d17dd1a65795f714b267f1bce21938b9
Validity
Not Before: May 4 12:54:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2de05cf4a81761c532b4fc64b85da921947c13fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e3:a2:12:8e:41:12:14:ba:d1:70:d9:bd:cb:
bb:da:17:d4:6a:5c:02:bc:36:ce:10:d8:fe:9a:2c:
4b:1e:01:f0:d5:f3:54:e3:d9:04:70:bc:49:ad:1b:
d0:f0:f5:49:aa:23:63:e5:45:b7:ca:98:f8:c4:9b:
18:c2:ac:e1:d8:9f:3f:c7:61:07:ac:23:7a:78:d1:
e7:ee:49:ed:f6:83:22:bf:17:f8:ce:f6:80:3f:4d:
d1:62:c3:ba:e4:cc:61:73:95:8b:aa:5b:18:7e:d7:
1e:23:8b:8d:73:1d:67:8e:fb:bd:a1:74:92:91:26:
c3:5f:54:7e:fe:3b:a1:61:d2:7e:aa:22:47:63:78:
72:c5:ab:46:5b:ed:83:b6:97:57:18:68:10:8c:5d:
c3:ec:aa:ba:36:a6:74:12:03:7a:db:42:44:42:7c:
a9:12:f9:a2:ca:31:9c:40:59:9d:17:39:eb:d2:76:
a7:0c:ba:35:d1:39:88:1e:6f:45:f3:c7:d0:e8:c4:
4b:11:9d:09:ab:95:00:1e:19:66:83:d2:01:e3:53:
cd:0c:3d:60:cd:20:f1:5f:80:d2:36:4f:6f:16:50:
23:85:7a:f9:22:e6:5b:c3:30:e4:3d:59:ba:1b:c9:
ef:14:6b:fd:e2:22:f7:e7:09:8b:af:7c:7f:e3:7c:
d4:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:E0:5C:F4:A8:17:61:C5:32:B4:FC:64:B8:5D:A9:21:94:7C:13:FC
X509v3 Authority Key Identifier:
keyid:08:FC:AA:F8:D1:7D:D1:A6:57:95:F7:14:B2:67:F1:BC:E2:19:38:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CPyq-NF90aZXlfcUsmfxvOIZOLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/LeBc9KgXYcUytPxkuF2pIZR8E_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/0680ae-22f9-43be-90a8-77eeeaf71d08/1/CPyq-NF90aZXlfcUsmfxvOIZOLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:89c2:3003::/48
Signature Algorithm: sha256WithRSAEncryption
9c:38:11:df:e9:b3:e5:dd:ff:67:68:42:a8:4a:b1:76:8e:6b:
cb:73:4a:59:70:25:70:83:c6:93:6d:55:39:b7:ac:44:1c:91:
9e:70:af:53:a7:89:ba:11:33:ac:4e:4d:82:e0:f8:6b:7e:66:
11:d6:9b:6f:a9:a3:11:4e:3c:32:91:46:39:14:d3:4e:69:1c:
5c:86:4f:e0:19:11:f7:50:85:f7:89:c2:ba:97:6d:d1:4a:71:
80:9a:8a:9c:cb:bc:91:3e:52:e6:2c:3c:af:ca:2c:d9:b7:1e:
c8:83:ab:97:bf:f6:13:12:b7:b0:44:be:79:f9:46:e6:e0:32:
61:b2:4e:08:eb:26:bd:53:45:06:1a:43:40:22:96:4b:0e:a7:
49:ab:5e:e6:1b:fe:1d:bd:61:ba:9a:f0:db:5d:2b:f2:e1:66:
38:96:dd:3b:c9:c6:78:a1:28:38:8e:56:2f:c6:da:28:ae:00:
51:8d:9c:d6:61:d2:c6:d6:96:8b:ec:09:e4:a8:06:57:68:3e:
17:54:19:d3:87:4e:50:b6:8f:ee:52:d2:cf:34:ba:c0:55:31:
ea:d6:74:89:a6:54:38:e0:db:a2:b9:25:32:48:c4:db:9f:9f:
7d:52:95:7a:c5:0d:cc:e6:d5:ed:03:43:28:3e:32:95:cc:e8:
e7:22:9f:f6
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIDLRbNMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA4
ZmNhYWY4ZDE3ZGQxYTY1Nzk1ZjcxNGIyNjdmMWJjZTIxOTM4YjkwHhcNMjIwNTA0
MTI1NDE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygyZGUwNWNmNGE4MTc2
MWM1MzJiNGZjNjRiODVkYTkyMTk0N2MxM2ZjMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAq+OiEo5BEhS60XDZvcu72hfUalwCvDbOENj+mixLHgHw1fNU
49kEcLxJrRvQ8PVJqiNj5UW3ypj4xJsYwqzh2J8/x2EHrCN6eNHn7knt9oMivxf4
zvaAP03RYsO65Mxhc5WLqlsYftceI4uNcx1njvu9oXSSkSbDX1R+/juhYdJ+qiJH
Y3hyxatGW+2DtpdXGGgQjF3D7Kq6NqZ0EgN620JEQnypEvmiyjGcQFmdFznr0nan
DLo10TmIHm9F88fQ6MRLEZ0Jq5UAHhlmg9IB41PNDD1gzSDxX4DSNk9vFlAjhXr5
IuZbwzDkPVm6G8nvFGv94iL35wmLr3x/43zUlQIDAQABo4ICDDCCAggwHQYDVR0O
BBYEFC3gXPSoF2HFMrT8ZLhdqSGUfBP8MB8GA1UdIwQYMBaAFAj8qvjRfdGmV5X3
FLJn8bziGTi5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
Q1B5cS1ORjkwYVpYbGZjVXNtZnh2T0laT0xrLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9hYy8wNjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4LzEv
TGVCYzlLZ1hZY1V5dFB4a3VGMnBJWlI4RV93LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy8w
NjgwYWUtMjJmOS00M2JlLTkwYTgtNzdlZWVhZjcxZDA4LzEvQ1B5cS1ORjkwYVpY
bGZjVXNtZnh2T0laT0xrLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIG
CCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgaJwjADMA0GCSqGSIb3DQEBCwUA
A4IBAQCcOBHf6bPl3f9naEKoSrF2jmvLc0pZcCVwg8aTbVU5t6xEHJGecK9Tp4m6
ETOsTk2C4PhrfmYR1ptvqaMRTjwykUY5FNNOaRxchk/gGRH3UIX3icK6l23RSnGA
moqcy7yRPlLmLDyvyizZtx7Ig6uXv/YTErewRL55+Ubm4DJhsk4I6ya9U0UGGkNA
IpZLDqdJq17mG/4dvWG6mvDbXSvy4WY4lt07ycZ4oSg4jlYvxtoorgBRjZzWYdLG
1paL7AnkqAZXaD4XVBnTh05Qto/uUtLPNLrAVTHq1nSJplQ44NuiuSUySMTbn599
UpV6xQ3M5tXtA0MoPjKVzOjnIp/2
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:58 2023 by rpki-client on console-ams.rpki-client.org