Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LU6D1koo98qL0EXR_O6_yVKhVko.roa
File: LU6D1koo98qL0EXR_O6_yVKhVko.roa (raw, json)
Hash identifier: K8wsDeLKf3hlaknrjO97O6k3WlApNdzj8kZrKeHzZME=
Subject key identifier: 2D:4E:83:D6:4A:28:F7:CA:8B:D0:45:D1:FC:EE:BF:C9:52:A1:56:4A
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018601EB1413DAC6B06B69FD0149154D4B79
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LU6D1koo98qL0EXR_O6_yVKhVko.roa
Signing time: Mon 30 Jan 2023 09:03:48 +0000
ROA not before: Mon 30 Jan 2023 09:03:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 396362
IP address blocks: 2a0f:e841::/32 maxlen: 32
2a0f:e843::/32 maxlen: 32
2a0e:1a82::/32 maxlen: 32
2a0f:1e80:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:01:eb:14:13:da:c6:b0:6b:69:fd:01:49:15:4d:4b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jan 30 09:03:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2d4e83d64a28f7ca8bd045d1fceebfc952a1564a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b0:a0:52:c5:e1:7d:9c:cc:b6:2d:61:16:ff:
5a:29:bd:3e:ed:ed:c5:79:88:72:45:74:e2:be:d0:
ad:49:eb:e8:11:d2:6f:be:ff:34:9e:3d:28:59:a7:
51:82:5a:7b:64:2f:51:96:12:0e:f6:34:6a:79:69:
dc:7e:b4:95:38:2a:85:66:9d:32:b2:4b:bc:67:17:
08:34:8a:e7:d8:8b:be:c8:59:fc:e1:ab:89:35:a5:
e3:6f:a7:ab:be:b2:e6:49:a2:b6:fc:80:9b:47:ba:
14:26:eb:0b:41:bb:11:6a:63:fe:b7:d5:3a:47:7e:
06:12:e5:70:f9:13:cf:cc:44:d8:79:e8:9c:67:76:
e1:db:98:d1:4d:0d:91:4e:44:21:dc:71:84:f2:53:
8e:4e:b1:ab:c8:32:55:ff:e7:da:ea:b8:f8:65:a3:
ec:ee:ee:72:71:8d:bd:ad:ea:ad:c2:9f:ce:b7:df:
e5:0e:31:38:b5:9b:0f:d3:8c:59:50:f5:3f:1b:b9:
6d:85:b3:56:8e:b7:4f:c8:c5:7c:fd:b3:e9:a5:43:
40:7d:f9:ec:db:61:a9:f6:93:5a:23:80:5d:ea:77:
00:72:e8:ed:52:a6:ee:fb:2f:49:90:3b:1a:73:76:
e3:8d:9b:4b:64:4f:c9:b5:1f:99:d1:b5:43:a1:e3:
70:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:4E:83:D6:4A:28:F7:CA:8B:D0:45:D1:FC:EE:BF:C9:52:A1:56:4A
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LU6D1koo98qL0EXR_O6_yVKhVko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1a82::/32
2a0f:1e80:1::/48
2a0f:e841::/32
2a0f:e843::/32
Signature Algorithm: sha256WithRSAEncryption
5f:34:b8:7c:c6:30:08:d0:7e:47:12:d3:3e:60:e7:da:c0:a3:
93:9b:fa:96:64:15:31:5c:a1:01:23:77:51:5c:85:cf:bf:dd:
32:8b:24:48:2b:8c:b1:63:d5:9e:12:c1:b4:0d:79:a9:3c:d6:
3e:e7:8d:3d:0f:7b:79:ad:9a:5c:31:22:01:72:77:69:4d:c0:
9b:e3:b4:a0:c6:9f:5a:a7:51:cd:35:75:7e:59:17:bd:09:66:
0f:0d:57:4c:55:0f:81:34:af:ec:6d:d3:79:6b:1a:87:a2:22:
6a:a9:e2:04:c4:31:14:76:90:eb:8a:47:fb:ad:27:58:53:2d:
72:8a:5c:0c:1f:17:c9:07:1a:52:e6:6c:d1:68:25:b3:89:ca:
08:67:e9:6e:bd:f7:07:42:f6:24:19:e1:f0:4a:75:35:95:4c:
a1:09:49:b6:30:f5:47:0b:d5:10:7c:ff:9a:21:80:18:b4:72:
07:ba:8f:8e:11:ea:28:3b:a4:ee:50:1e:e5:ae:a3:c4:a2:e6:
b0:7c:b5:2d:ab:79:18:d4:f3:84:72:24:2d:bc:79:91:c1:58:
fa:3e:68:05:09:70:9b:eb:54:e6:c1:66:9e:de:ed:3f:cb:ea:
e9:85:62:a2:81:40:bd:d3:60:39:4c:d5:7b:25:60:1f:6b:6c:
83:28:9d:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYYB6xQT2sawa2n9AUkVTUt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjMwMTMwMDkwMzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZDRlODNkNjRhMjhmN2NhOGJkMDQ1ZDFmY2VlYmZjOTUyYTE1NjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7CgUsXhfZzMti1hFv9aKb0+7e3F
eYhyRXTivtCtSevoEdJvvv80nj0oWadRglp7ZC9RlhIO9jRqeWncfrSVOCqFZp0y
sku8ZxcINIrn2Iu+yFn84auJNaXjb6ervrLmSaK2/ICbR7oUJusLQbsRamP+t9U6
R34GEuVw+RPPzETYeeicZ3bh25jRTQ2RTkQh3HGE8lOOTrGryDJV/+fa6rj4ZaPs
7u5ycY29reqtwp/Ot9/lDjE4tZsP04xZUPU/G7lthbNWjrdPyMV8/bPppUNAffns
22Gp9pNaI4Bd6ncAcujtUqbu+y9JkDsac3bjjZtLZE/JtR+Z0bVDoeNwYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFC1Og9ZKKPfKi9BF0fzuv8lSoVZKMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTFU2RDFrb285OHFMMEVYUl9PNl95VktoVmtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAAjAeAwUAKg4aggMH
ACoPHoAAAQMFACoP6EEDBQAqD+hDMA0GCSqGSIb3DQEBCwUAA4IBAQBfNLh8xjAI
0H5HEtM+YOfawKOTm/qWZBUxXKEBI3dRXIXPv90yiyRIK4yxY9WeEsG0DXmpPNY+
5409D3t5rZpcMSIBcndpTcCb47Sgxp9ap1HNNXV+WRe9CWYPDVdMVQ+BNK/sbdN5
axqHoiJqqeIExDEUdpDrikf7rSdYUy1yilwMHxfJBxpS5mzRaCWzicoIZ+luvfcH
QvYkGeHwSnU1lUyhCUm2MPVHC9UQfP+aIYAYtHIHuo+OEeooO6TuUB7lrqPEouaw
fLUtq3kY1POEciQtvHmRwVj6PmgFCXCb61TmwWae3u0/y+rphWKigUC902A5TNV7
JWAfa2yDKJ12
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:01:31 2025 by rpki-client