Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/lvVLnT3vWMHOJmDSx5bcrLqf7lU.roa
File: lvVLnT3vWMHOJmDSx5bcrLqf7lU.roa (raw, json)
Hash identifier: r0z4OlF97c9IaNIkswZqqI+3Ubpb7jgcDYQ5dAWdGRw=
Subject key identifier: 96:F5:4B:9D:3D:EF:58:C1:CE:26:60:D2:C7:96:DC:AC:BA:9F:EE:55
Certificate issuer: /CN=3b97de17512cfa8bebc3df80b27b47624ef41691
Certificate serial: 0184C0304A0DEC2C4498E5090275A5733486
Authority key identifier: 3B:97:DE:17:51:2C:FA:8B:EB:C3:DF:80:B2:7B:47:62:4E:F4:16:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O5feF1Es-ovrw9-AsntHYk70FpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/lvVLnT3vWMHOJmDSx5bcrLqf7lU.roa
Signing time: Mon 28 Nov 2022 21:41:40 +0000
ROA not before: Mon 28 Nov 2022 21:41:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201257
IP address blocks: 2001:67c:b14::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c0:30:4a:0d:ec:2c:44:98:e5:09:02:75:a5:73:34:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b97de17512cfa8bebc3df80b27b47624ef41691
Validity
Not Before: Nov 28 21:41:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=96f54b9d3def58c1ce2660d2c796dcacba9fee55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:25:66:f2:36:2a:ea:95:8e:4d:75:a1:01:6b:
3d:87:32:78:93:05:bd:99:3b:50:ca:8c:3d:f7:e3:
57:ea:d1:41:a0:ce:bb:d8:4a:67:20:d3:2f:ce:e7:
36:6f:e2:9c:67:a8:d6:72:62:f5:e9:34:e1:9c:5c:
58:6e:75:88:8c:1b:05:fc:dc:c2:1c:d0:46:af:c6:
57:b7:ea:9e:04:5d:b9:db:b0:4b:cc:56:8b:bc:4f:
c8:c5:43:ba:c9:6c:48:5a:69:77:d7:5b:19:48:c5:
69:73:8b:60:39:b5:d4:e4:e6:c9:c8:0b:0b:05:7d:
07:50:c7:f2:75:70:07:03:f6:09:30:04:d1:d1:b4:
7b:13:aa:41:fe:cb:28:32:da:6f:87:c8:af:e6:a6:
ca:b2:8f:e0:db:cb:78:3b:00:02:d3:a4:ac:dc:f3:
9d:5d:54:90:23:2e:35:9d:10:88:99:d5:36:ef:6a:
75:d8:f8:48:7f:a0:78:6d:67:71:c9:3f:04:33:04:
59:be:3d:e4:5d:14:68:a3:c0:8d:d6:2f:5f:9d:74:
6c:e8:0a:28:3a:db:12:00:83:cc:79:56:83:66:a4:
63:0f:fa:64:2e:87:8e:23:93:58:2a:ff:f1:95:d3:
63:dd:07:42:87:06:4f:81:53:ae:a6:ce:78:62:9a:
b6:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:F5:4B:9D:3D:EF:58:C1:CE:26:60:D2:C7:96:DC:AC:BA:9F:EE:55
X509v3 Authority Key Identifier:
keyid:3B:97:DE:17:51:2C:FA:8B:EB:C3:DF:80:B2:7B:47:62:4E:F4:16:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O5feF1Es-ovrw9-AsntHYk70FpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/lvVLnT3vWMHOJmDSx5bcrLqf7lU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/8a7da4-ba19-4b29-87e0-9155132a179a/1/O5feF1Es-ovrw9-AsntHYk70FpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:b14::/48
Signature Algorithm: sha256WithRSAEncryption
97:fd:82:fc:4b:fa:00:28:0b:fd:72:8c:53:4e:97:75:71:76:
f9:e9:a2:1e:f3:db:5d:5c:1d:89:28:90:c9:22:c6:82:46:ec:
ac:67:9a:dd:6f:a3:08:b1:bb:67:8f:42:6d:6b:a7:02:e3:8e:
93:ae:7c:2c:0d:42:bd:c3:a4:4f:5f:00:f2:12:9f:db:9a:6c:
bd:b6:ea:ea:01:df:61:69:ea:b4:8e:90:75:dc:45:6d:a3:6a:
5d:f0:42:79:0a:77:26:c6:ed:66:37:6d:de:6d:18:88:ce:16:
08:91:3f:0d:2f:8d:ba:01:b8:95:c6:96:32:61:9a:b0:aa:8f:
84:41:bc:f3:d2:d5:14:fc:bb:f2:d0:8e:67:2e:55:f6:fe:4a:
f6:3b:17:4e:1b:93:9b:7e:1e:ba:9e:29:a9:a7:6d:36:6b:c9:
84:b7:6e:ca:11:57:a0:94:be:ae:0c:d2:78:6c:68:91:b8:22:
fd:88:01:f6:8c:68:d3:09:08:44:1e:4e:57:ff:fc:14:60:8c:
7f:0d:62:0b:ee:d5:ff:33:e5:30:92:87:aa:4e:15:15:88:4c:
bc:cd:60:cd:0a:46:85:ee:62:d5:53:e3:52:2d:cb:08:31:84:
30:fc:9d:1a:48:1b:51:75:d3:88:70:06:f1:31:a2:e1:97:06:
48:19:07:26
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYTAMEoN7CxEmOUJAnWlczSGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiOTdkZTE3NTEyY2ZhOGJlYmMzZGY4MGIyN2I0NzYyNGVm
NDE2OTEwHhcNMjIxMTI4MjE0MTQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmY1NGI5ZDNkZWY1OGMxY2UyNjYwZDJjNzk2ZGNhY2JhOWZlZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCVm8jYq6pWOTXWhAWs9hzJ4kwW9
mTtQyow99+NX6tFBoM672EpnINMvzuc2b+KcZ6jWcmL16TThnFxYbnWIjBsF/NzC
HNBGr8ZXt+qeBF2527BLzFaLvE/IxUO6yWxIWml311sZSMVpc4tgObXU5ObJyAsL
BX0HUMfydXAHA/YJMATR0bR7E6pB/ssoMtpvh8iv5qbKso/g28t4OwAC06Ss3POd
XVSQIy41nRCImdU272p12PhIf6B4bWdxyT8EMwRZvj3kXRRoo8CN1i9fnXRs6Aoo
OtsSAIPMeVaDZqRjD/pkLoeOI5NYKv/xldNj3QdChwZPgVOups54Ypq2OQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFJb1S50971jBziZg0seW3Ky6n+5VMB8GA1UdIwQY
MBaAFDuX3hdRLPqL68PfgLJ7R2JO9BaRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzVmZUYxRXMtb3ZydzktQXNudEhZazcwRnBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy84YTdkYTQtYmExOS00YjI5LTg3ZTAt
OTE1NTEzMmExNzlhLzEvbHZWTG5UM3ZXTUhPSm1EU3g1YmNyTHFmN2xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy84YTdkYTQtYmExOS00YjI5LTg3ZTAtOTE1NTEzMmExNzlh
LzEvTzVmZUYxRXMtb3ZydzktQXNudEhZazcwRnBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGfAsU
MA0GCSqGSIb3DQEBCwUAA4IBAQCX/YL8S/oAKAv9coxTTpd1cXb56aIe89tdXB2J
KJDJIsaCRuysZ5rdb6MIsbtnj0Jta6cC446TrnwsDUK9w6RPXwDyEp/bmmy9turq
Ad9haeq0jpB13EVto2pd8EJ5Cncmxu1mN23ebRiIzhYIkT8NL426AbiVxpYyYZqw
qo+EQbzz0tUU/Lvy0I5nLlX2/kr2OxdOG5Obfh66nimpp202a8mEt27KEVeglL6u
DNJ4bGiRuCL9iAH2jGjTCQhEHk5X//wUYIx/DWIL7tX/M+UwkoeqThUViEy8zWDN
CkaF7mLVU+NSLcsIMYQw/J0aSBtRddOIcAbxMaLhlwZIGQcm
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:00 2025 by rpki-client