Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/LZcATLbHdYxjmijaz5S1uTlSeT4.roa
File: LZcATLbHdYxjmijaz5S1uTlSeT4.roa (raw, json)
Hash identifier: NOdlKSwJjAkKwN0gMIKYLkigOJ7gQjVvkAmG/VNzRkc=
Subject key identifier: 2D:97:00:4C:B6:C7:75:8C:63:9A:28:DA:CF:94:B5:B9:39:52:79:3E
Certificate issuer: /CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Certificate serial: 01851AB51BF61350821D8B5E7C9EC9015297
Authority key identifier: 6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/LZcATLbHdYxjmijaz5S1uTlSeT4.roa
Signing time: Fri 16 Dec 2022 11:32:34 +0000
ROA not before: Fri 16 Dec 2022 11:32:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 2a13:55c2::/32 maxlen: 32
2a13:55c0::/32 maxlen: 32
2a13:55c5::/32 maxlen: 32
2a13:55c6::/32 maxlen: 32
2a13:55c1::/32 maxlen: 32
2a13:55c3::/32 maxlen: 32
2a13:55c7::/32 maxlen: 32
2a13:55c4::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1a:b5:1b:f6:13:50:82:1d:8b:5e:7c:9e:c9:01:52:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6da0ee9ff09c7cfc7ee9761f1a3c8f30efac5848
Validity
Not Before: Dec 16 11:32:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2d97004cb6c7758c639a28dacf94b5b93952793e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:13:6f:1a:41:ef:ee:c3:fd:9a:9d:61:7d:66:
c0:d5:5d:62:70:64:5a:55:ce:a7:1d:c3:11:fd:5a:
0b:34:5c:94:ca:17:c8:21:1c:09:41:10:d1:ec:ad:
97:b7:06:33:a1:de:2e:63:2b:29:65:ec:46:07:bc:
2b:d9:d0:32:f5:a9:5b:ef:fa:0c:48:39:69:c6:d8:
c5:09:0c:e2:d7:ec:64:eb:72:3a:b3:71:f5:91:f8:
bd:85:1c:57:e8:18:39:7c:4a:b8:2d:55:be:e6:c8:
a2:3e:3f:c3:8d:b7:43:bc:19:90:a7:01:71:38:c0:
e6:4a:fa:03:2e:61:61:e1:da:44:a4:c9:3c:2f:fd:
76:20:7d:19:cf:ad:9d:66:05:72:fd:cb:af:c0:44:
7b:c3:9b:af:15:cb:7a:1c:c9:d3:3c:76:23:13:a6:
ac:a1:34:c5:b2:ba:fa:bd:35:48:7f:22:86:03:ad:
3e:61:d4:af:32:a8:97:db:e8:8d:96:9e:5d:9d:ef:
7f:66:de:bd:67:f4:dd:43:c2:65:a3:34:ae:ba:95:
d7:f4:12:07:c8:42:01:1b:8e:5f:d0:31:d1:8a:70:
65:23:ab:31:f5:23:2e:d2:68:d3:4e:78:3d:ae:4e:
9b:03:33:9a:34:a8:c0:9a:9d:79:38:8a:d6:4a:9e:
b7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:97:00:4C:B6:C7:75:8C:63:9A:28:DA:CF:94:B5:B9:39:52:79:3E
X509v3 Authority Key Identifier:
keyid:6D:A0:EE:9F:F0:9C:7C:FC:7E:E9:76:1F:1A:3C:8F:30:EF:AC:58:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/baDun_CcfPx-6XYfGjyPMO-sWEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/LZcATLbHdYxjmijaz5S1uTlSeT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/4f7bb9-4d69-49de-9a49-a4d9dc76c2b8/1/baDun_CcfPx-6XYfGjyPMO-sWEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
52:06:d6:9c:51:02:dc:a3:ad:1b:bd:51:72:a4:ef:98:a7:f4:
f1:ad:52:eb:51:f3:96:20:39:11:56:3e:0a:3c:90:27:ed:b5:
f6:3e:76:50:ec:9b:f2:c4:6a:27:e0:b9:af:bc:5d:9e:5a:ee:
01:d2:0e:23:51:5e:24:14:fd:8c:38:ea:2e:b2:64:a5:07:42:
74:cd:c8:aa:6c:6c:6c:34:62:23:c6:62:07:54:6d:ef:9f:82:
97:11:cc:77:f4:b4:7a:45:87:70:33:81:17:f5:44:4c:34:66:
cd:2d:17:f5:b9:9c:a7:71:ae:e0:81:1a:b2:e2:41:55:16:b2:
de:83:72:3b:61:1b:2c:e1:e8:23:4f:1a:b9:c7:99:f6:5f:84:
83:bb:73:87:43:d0:8a:41:00:70:08:5f:07:33:1e:de:59:3a:
db:e7:ee:2b:35:1a:a3:dd:0f:ae:98:4e:20:c4:8a:0b:96:61:
69:9f:9e:a4:be:4d:41:7c:d9:13:4f:09:7e:f0:e1:3f:3e:de:
4e:3a:3b:cb:da:ec:7b:0b:d8:75:6f:78:60:0f:7a:b5:69:e6:
7d:7e:1f:38:bd:42:33:27:16:99:10:8f:f7:34:3d:3e:cc:f7:
90:37:c9:4e:45:4c:d2:ba:dd:a2:78:bb:b8:b6:c5:44:0d:ef:
fa:d1:4c:c9
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYUatRv2E1CCHYtefJ7JAVKXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYTBlZTlmZjA5YzdjZmM3ZWU5NzYxZjFhM2M4ZjMwZWZh
YzU4NDgwHhcNMjIxMjE2MTEzMjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDk3MDA0Y2I2Yzc3NThjNjM5YTI4ZGFjZjk0YjViOTM5NTI3OTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBNvGkHv7sP9mp1hfWbA1V1icGRa
Vc6nHcMR/VoLNFyUyhfIIRwJQRDR7K2XtwYzod4uYyspZexGB7wr2dAy9alb7/oM
SDlpxtjFCQzi1+xk63I6s3H1kfi9hRxX6Bg5fEq4LVW+5siiPj/DjbdDvBmQpwFx
OMDmSvoDLmFh4dpEpMk8L/12IH0Zz62dZgVy/cuvwER7w5uvFct6HMnTPHYjE6as
oTTFsrr6vTVIfyKGA60+YdSvMqiX2+iNlp5dne9/Zt69Z/TdQ8JlozSuupXX9BIH
yEIBG45f0DHRinBlI6sx9SMu0mjTTng9rk6bAzOaNKjAmp15OIrWSp63ywIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFC2XAEy2x3WMY5oo2s+Utbk5Unk+MB8GA1UdIwQY
MBaAFG2g7p/wnHz8ful2Hxo8jzDvrFhIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDkt
YTRkOWRjNzZjMmI4LzEvTFpjQVRMYkhkWXhqbWlqYXo1UzF1VGxTZVQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy80ZjdiYjktNGQ2OS00OWRlLTlhNDktYTRkOWRjNzZjMmI4
LzEvYmFEdW5fQ2NmUHgtNlhZZkdqeVBNTy1zV0VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNVwDAN
BgkqhkiG9w0BAQsFAAOCAQEAUgbWnFEC3KOtG71RcqTvmKf08a1S61HzliA5EVY+
CjyQJ+219j52UOyb8sRqJ+C5r7xdnlruAdIOI1FeJBT9jDjqLrJkpQdCdM3Iqmxs
bDRiI8ZiB1Rt75+ClxHMd/S0ekWHcDOBF/VETDRmzS0X9bmcp3Gu4IEasuJBVRay
3oNyO2EbLOHoI08auceZ9l+Eg7tzh0PQikEAcAhfBzMe3lk62+fuKzUao90PrphO
IMSKC5ZhaZ+epL5NQXzZE08JfvDhPz7eTjo7y9rsewvYdW94YA96tWnmfX4fOL1C
MycWmRCP9zQ9Psz3kDfJTkVM0rrdoni7uLbFRA3v+tFMyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:02 2024 by rpki-client on console-fra.rpki-client.org