Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1LZ_G4e-PKJ5Z0rBgRAhVpTjojI.roa
File: 1LZ_G4e-PKJ5Z0rBgRAhVpTjojI.roa (raw, json)
Hash identifier: GXcNq69J+ip9ZsbRuCL6Gowl1JfCgy+08hCLargfjcY=
Subject key identifier: D4:B6:7F:1B:87:BE:3C:A2:79:67:4A:C1:81:10:21:56:94:E3:A2:32
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 02412997
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1LZ_G4e-PKJ5Z0rBgRAhVpTjojI.roa
Signing time: Tue 08 Mar 2022 11:10:23 +0000
ROA not before: Tue 08 Mar 2022 11:10:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 2a0e:c780::/29 maxlen: 29
2a0f:e840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 37824919 (0x2412997)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Mar 8 11:10:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d4b67f1b87be3ca279674ac18110215694e3a232
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:17:14:ea:9f:d8:f8:22:4f:f4:19:cb:8a:fa:
a1:83:93:13:30:b5:3c:26:2c:ff:7b:54:99:13:86:
5c:7b:3e:a6:b6:c7:97:f4:4b:b7:2e:ea:e8:4c:62:
70:16:4c:02:ec:c5:dd:5b:00:ff:71:8b:84:29:b2:
7d:dc:42:be:5e:1c:0d:d1:ff:a9:1f:ef:e8:54:47:
97:e2:5c:44:05:f7:f9:91:e1:cc:df:2f:6d:e0:5f:
71:33:d2:e4:e9:33:30:f6:b5:e1:0a:10:58:cc:3b:
98:7a:87:b4:77:7d:5a:3f:f1:ef:83:36:82:1d:35:
84:e4:78:41:63:ca:4c:b1:d9:f0:da:ef:be:34:05:
88:c5:61:ff:73:cf:41:65:fa:a0:85:e5:f2:42:43:
09:dd:30:53:c0:11:3f:ce:25:8e:58:3c:c6:7a:32:
98:d2:e5:95:f5:24:e7:8a:3e:58:e4:b9:74:56:0c:
9b:e7:03:ff:6c:f6:0d:63:ea:e2:f3:0e:39:a0:14:
b2:1c:42:6c:0d:a5:91:05:4c:4c:21:4a:70:7d:f7:
b9:2e:0d:a0:85:36:26:69:2a:8b:8f:33:dc:49:b6:
75:e3:3d:31:45:2c:27:36:9e:df:90:53:13:ad:0f:
af:36:74:5a:73:8e:0b:44:73:71:84:d6:56:33:c5:
22:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:B6:7F:1B:87:BE:3C:A2:79:67:4A:C1:81:10:21:56:94:E3:A2:32
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1LZ_G4e-PKJ5Z0rBgRAhVpTjojI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:c780::/29
2a0f:e840::/32
Signature Algorithm: sha256WithRSAEncryption
9d:50:07:a4:4c:1c:df:68:bd:76:29:7a:99:25:5f:42:2c:01:
4e:17:50:86:1e:b4:27:39:0d:c4:dd:47:2b:0f:64:fe:6f:8e:
a9:25:bc:95:63:46:9f:5a:c0:5f:8a:62:d7:a5:88:94:68:33:
83:ff:78:6d:d1:ac:ea:7d:09:6a:b0:c8:8a:fc:82:0a:f6:eb:
bb:84:65:23:9b:6c:15:15:26:17:a5:0a:24:c7:e4:6f:3f:55:
04:ba:1e:f3:0b:3f:cb:6e:32:14:0f:9d:54:db:e3:6d:82:bf:
d7:7e:9d:e9:7c:f4:d7:10:b1:e1:77:c2:f9:92:a0:c9:87:f8:
40:a5:f0:0e:04:6b:96:a4:54:ff:74:b4:cb:26:95:fc:6b:13:
07:4b:90:ca:87:40:dc:44:82:76:57:c6:cd:3a:16:4f:eb:81:
36:ee:71:ee:b7:5d:8d:c1:8f:0a:06:02:bc:22:f7:74:a9:ce:
ad:4b:05:8f:22:8e:d2:e8:94:75:eb:33:95:12:f0:99:9a:2f:
67:63:a2:7d:fa:fa:7d:0e:e8:27:79:f2:36:5c:24:7c:0e:61:
e6:e0:4e:5d:aa:8b:81:f6:54:cd:e9:64:bc:ee:09:5b:71:d0:
d2:f9:ed:fe:62:1b:61:e2:39:fe:d0:19:6a:dd:bb:47:4f:d8:
63:db:4b:8d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEAkEplzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZDU1OWFhZmJmYzA5MzEyNDJlMWQ2MzcyOThjZjFkZDIyM2U0YzI2MB4XDTIyMDMw
ODExMTAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDRiNjdmMWI4N2Jl
M2NhMjc5Njc0YWMxODExMDIxNTY5NGUzYTIzMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQXFOqf2PgiT/QZy4r6oYOTEzC1PCYs/3tUmROGXHs+prbH
l/RLty7q6ExicBZMAuzF3VsA/3GLhCmyfdxCvl4cDdH/qR/v6FRHl+JcRAX3+ZHh
zN8vbeBfcTPS5OkzMPa14QoQWMw7mHqHtHd9Wj/x74M2gh01hOR4QWPKTLHZ8Nrv
vjQFiMVh/3PPQWX6oIXl8kJDCd0wU8ARP84ljlg8xnoymNLllfUk54o+WOS5dFYM
m+cD/2z2DWPq4vMOOaAUshxCbA2lkQVMTCFKcH33uS4NoIU2Jmkqi48z3Em2deM9
MUUsJzae35BTE60PrzZ0WnOOC0RzcYTWVjPFIrUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBTUtn8bh748onlnSsGBECFWlOOiMjAfBgNVHSMEGDAWgBR9VZqvv8CTEkLh
1jcpjPHdIj5MJjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZWV2FyN19Ba3hKQzRkWTNLWXp4M1NJLVRDWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzAvNDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8x
LzFMWl9HNGUtUEtKNVowckJnUkFoVnBUam9qSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAv
NDlhZGM2LWJhODktNDAzZi1hZGE5LThjNTAwN2MyYTRiNi8xL2ZWV2FyN19Ba3hK
QzRkWTNLWXp4M1NJLVRDWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAIwDgMFAyoOx4ADBQAqD+hAMA0GCSqGSIb3
DQEBCwUAA4IBAQCdUAekTBzfaL12KXqZJV9CLAFOF1CGHrQnOQ3E3UcrD2T+b46p
JbyVY0afWsBfimLXpYiUaDOD/3ht0azqfQlqsMiK/IIK9uu7hGUjm2wVFSYXpQok
x+RvP1UEuh7zCz/LbjIUD51U2+Ntgr/Xfp3pfPTXELHhd8L5kqDJh/hApfAOBGuW
pFT/dLTLJpX8axMHS5DKh0DcRIJ2V8bNOhZP64E27nHut12NwY8KBgK8Ivd0qc6t
SwWPIo7S6JR16zOVEvCZmi9nY6J9+vp9DugnefI2XCR8DmHm4E5dqouB9lTN6WS8
7glbcdDS+e3+Yhth4jn+0Blq3btHT9hj20uN
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:05:13 2025 by rpki-client