Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/Lh7DBjQ3xmp3ktNFtxyFugnqzqg.roa
File: Lh7DBjQ3xmp3ktNFtxyFugnqzqg.roa (raw, json)
Hash identifier: ERwKu4Spd1/qhPR5fHeKcKrmwupueeNIyohQ4gMJa5Q=
Subject key identifier: 2E:1E:C3:06:34:37:C6:6A:77:92:D3:45:B7:1C:85:BA:09:EA:CE:A8
Certificate issuer: /CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Certificate serial: 08DCBCAF
Authority key identifier: 32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/Lh7DBjQ3xmp3ktNFtxyFugnqzqg.roa
Signing time: Sat 01 Jan 2022 14:58:59 +0000
ROA not before: Sat 01 Jan 2022 14:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 139238
IP address blocks: 2a09:b280:ccce::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148683951 (0x8dcbcaf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32508fb781ca6dbd8221f2c2f954a3a7446b2b42
Validity
Not Before: Jan 1 14:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2e1ec3063437c66a7792d345b71c85ba09eacea8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:73:46:69:67:79:4d:89:fe:4f:aa:ab:55:96:
8f:cf:e3:af:fa:71:bf:92:ef:d8:7e:e1:e4:91:d3:
a5:be:66:7b:d2:5c:a3:73:56:d0:7a:21:75:f3:b2:
16:9b:7e:26:c0:91:88:fe:30:8a:4a:91:d3:6e:cc:
f8:b5:54:3d:3c:de:89:6a:86:6a:da:4d:db:cf:61:
1d:a5:94:31:6b:2c:ac:da:4c:0e:42:f3:1e:6c:f4:
90:37:04:a7:9a:b5:af:18:dd:d2:9a:82:1d:d7:99:
04:43:d5:99:f4:70:7b:e4:7a:f0:2f:f7:e0:69:8f:
d1:a8:dd:6f:90:4e:78:0e:dd:d8:a3:96:f9:8b:cf:
b0:59:d7:9a:d2:ef:30:79:45:e9:41:d9:2d:d9:18:
3e:52:bc:3d:18:65:ed:ae:05:29:6f:bb:9a:e7:6f:
28:ee:e8:c4:92:15:70:f3:be:81:c9:0c:50:f3:02:
53:a8:c5:ef:93:e5:7e:d1:35:a5:0d:38:ea:59:95:
85:0a:58:7f:93:44:fa:e7:cc:39:42:3e:c5:dd:60:
33:24:8d:73:b3:9b:ee:82:09:d1:29:2d:b0:d6:4e:
fd:1c:ac:79:6f:a6:3c:77:86:22:90:6f:d8:83:6e:
ec:62:08:10:b3:93:20:2f:23:d0:34:8d:8d:2e:b4:
90:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:1E:C3:06:34:37:C6:6A:77:92:D3:45:B7:1C:85:BA:09:EA:CE:A8
X509v3 Authority Key Identifier:
keyid:32:50:8F:B7:81:CA:6D:BD:82:21:F2:C2:F9:54:A3:A7:44:6B:2B:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MlCPt4HKbb2CIfLC-VSjp0RrK0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/Lh7DBjQ3xmp3ktNFtxyFugnqzqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6c203d-6221-460a-af49-c12218765154/1/MlCPt4HKbb2CIfLC-VSjp0RrK0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:b280:ccce::/48
Signature Algorithm: sha256WithRSAEncryption
09:8c:34:e4:af:07:48:dd:bc:ae:c7:d2:1d:5c:ec:e9:70:06:
74:c8:89:17:d3:1c:1f:f5:a4:1b:ae:ad:12:a6:f8:d5:50:f3:
f7:63:4d:2c:7b:56:37:45:65:a7:64:64:4e:e6:4d:3e:de:d0:
7e:9f:c3:51:1a:27:33:e6:6a:85:67:0b:d3:99:ce:79:ec:04:
5f:a4:2a:28:e3:d7:fd:fc:7d:8e:29:e7:60:59:94:79:ec:f9:
b1:c3:9e:95:3e:aa:41:e6:64:80:05:7e:03:a9:40:4a:3a:31:
be:48:2f:62:da:77:c5:5f:04:cc:77:cf:9b:c8:c0:55:5b:3c:
0f:8d:f2:fa:bf:a8:6b:30:ff:b4:fd:f9:7a:22:0f:b1:2c:e4:
73:75:64:e8:4a:1f:9f:95:45:be:89:a3:b0:ec:9b:04:5e:e6:
bd:3c:b4:28:a7:82:f7:65:88:8b:92:b7:ae:ac:8f:20:09:5a:
f7:d7:08:bd:76:ee:0e:18:fa:fe:34:3c:87:fb:15:ee:f5:e2:
00:92:76:d4:e2:56:28:73:bb:56:01:0d:55:b7:16:07:23:4e:
53:0e:7e:8f:34:a6:de:33:b5:1e:0d:4b:f5:97:ff:e3:0a:00:
f1:8c:06:81:18:28:b1:55:26:ff:d8:16:17:09:51:e0:fb:f4:
62:61:b8:ee
-----BEGIN CERTIFICATE-----
MIIE8jCCA9qgAwIBAgIECNy8rzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjUwOGZiNzgxY2E2ZGJkODIyMWYyYzJmOTU0YTNhNzQ0NmIyYjQyMB4XDTIyMDEw
MTE0NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmUxZWMzMDYzNDM3
YzY2YTc3OTJkMzQ1YjcxYzg1YmEwOWVhY2VhODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALhzRmlneU2J/k+qq1WWj8/jr/pxv5Lv2H7h5JHTpb5me9Jc
o3NW0HohdfOyFpt+JsCRiP4wikqR027M+LVUPTzeiWqGatpN289hHaWUMWssrNpM
DkLzHmz0kDcEp5q1rxjd0pqCHdeZBEPVmfRwe+R68C/34GmP0ajdb5BOeA7d2KOW
+YvPsFnXmtLvMHlF6UHZLdkYPlK8PRhl7a4FKW+7mudvKO7oxJIVcPO+gckMUPMC
U6jF75PlftE1pQ046lmVhQpYf5NE+ufMOUI+xd1gMySNc7Ob7oIJ0SktsNZO/Rys
eW+mPHeGIpBv2INu7GIIELOTIC8j0DSNjS60kB8CAwEAAaOCAgwwggIIMB0GA1Ud
DgQWBBQuHsMGNDfGaneS00W3HIW6CerOqDAfBgNVHSMEGDAWgBQyUI+3gcptvYIh
8sL5VKOnRGsrQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01sQ1B0NEhLYmIyQ0lmTEMtVlNqcDBSckswSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNmMyMDNkLTYyMjEtNDYwYS1hZjQ5LWMxMjIxODc2NTE1NC8x
L0xoN0RCalEzeG1wM2t0TkZ0eHlGdWducXpxZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NmMyMDNkLTYyMjEtNDYwYS1hZjQ5LWMxMjIxODc2NTE1NC8xL01sQ1B0NEhLYmIy
Q0lmTEMtVlNqcDBSckswSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAi
BggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoJsoDMzjANBgkqhkiG9w0BAQsF
AAOCAQEACYw05K8HSN28rsfSHVzs6XAGdMiJF9McH/WkG66tEqb41VDz92NNLHtW
N0Vlp2RkTuZNPt7Qfp/DURonM+ZqhWcL05nOeewEX6QqKOPX/fx9jinnYFmUeez5
scOelT6qQeZkgAV+A6lASjoxvkgvYtp3xV8EzHfPm8jAVVs8D43y+r+oazD/tP35
eiIPsSzkc3Vk6Eofn5VFvomjsOybBF7mvTy0KKeC92WIi5K3rqyPIAla99cIvXbu
Dhj6/jQ8h/sV7vXiAJJ21OJWKHO7VgENVbcWByNOUw5+jzSm3jO1Hg1L9Zf/4woA
8YwGgRgosVUm/9gWFwlR4Pv0YmG47g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:24 2024 by rpki-client on console-fra.rpki-client.org