Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LufVazuzyTfjqVuPPNC2FsNnaKM.roa
File: LufVazuzyTfjqVuPPNC2FsNnaKM.roa (raw, json)
Hash identifier: 73sSDg3Gi/YKJgyFpabpedL0TNGGR0SdGYweny9B284=
Subject key identifier: 2E:E7:D5:6B:3B:B3:C9:37:E3:A9:5B:8F:3C:D0:B6:16:C3:67:68:A3
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0185293CE68BB3014987427AD45053BFC0E2
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LufVazuzyTfjqVuPPNC2FsNnaKM.roa
Signing time: Mon 19 Dec 2022 07:15:35 +0000
ROA not before: Mon 19 Dec 2022 07:15:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 2a0f:7d00:1::/48 maxlen: 48
2a0e:15c1::/32 maxlen: 32
2a12:d6c1::/32 maxlen: 32
2a12:d6c0::/29 maxlen: 29
2a0a:2d00:1::/48 maxlen: 48
2a0e:2240:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:3c:e6:8b:b3:01:49:87:42:7a:d4:50:53:bf:c0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Dec 19 07:15:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2ee7d56b3bb3c937e3a95b8f3cd0b616c36768a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:60:8e:0e:5c:71:8a:9d:57:c9:62:aa:fc:dc:
d4:91:f3:96:43:40:f6:7a:da:85:2b:b1:bc:81:28:
e4:44:a6:87:d8:30:32:9e:ea:56:1c:c5:0b:76:5d:
ee:4c:a8:6c:6e:32:f5:5c:48:6b:2f:22:cf:a3:ef:
50:06:46:30:ee:2b:95:28:41:ef:63:60:08:84:a8:
d5:44:bb:a3:0b:99:d8:f2:31:7d:dc:33:70:d6:63:
81:29:97:23:ab:04:c7:22:f1:1e:51:04:53:bb:07:
01:69:da:28:40:d1:6e:e9:c5:dd:00:ea:8f:22:cf:
37:94:8e:8c:de:e8:61:66:b6:cb:e1:a9:eb:19:9a:
37:80:ff:c9:0d:3d:b0:a8:16:f7:16:69:b2:6f:2c:
81:23:17:86:6e:58:ba:51:39:d1:1c:bd:ff:c9:73:
43:7d:2d:cb:47:42:6a:86:57:3c:e4:9d:8a:fb:03:
ba:02:41:56:15:6a:0b:1c:c7:60:29:4f:60:dc:a0:
c7:1e:ef:64:f6:bb:46:69:5c:d8:1d:73:b5:63:96:
88:cd:74:b8:eb:6b:8f:1e:53:20:35:8d:01:c8:62:
7c:13:4e:ba:a5:ba:24:aa:08:13:ec:8b:f6:ae:55:
13:9d:53:db:21:3d:87:84:f5:93:f1:8a:78:c4:74:
29:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:E7:D5:6B:3B:B3:C9:37:E3:A9:5B:8F:3C:D0:B6:16:C3:67:68:A3
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/LufVazuzyTfjqVuPPNC2FsNnaKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:2d00:1::/48
2a0e:15c1::/32
2a0e:2240:1::/48
2a0f:7d00:1::/48
2a12:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:58:bc:4b:51:d3:c6:a7:60:3e:06:2b:08:41:78:0b:ea:16:
4a:02:c0:74:d7:08:3c:d5:76:85:1c:dc:a1:55:5e:9c:43:3a:
74:d7:e6:11:a9:25:7c:ff:b2:b5:50:c5:2d:db:ef:ac:3c:69:
db:0b:94:88:ee:91:8a:40:5b:ed:f2:e2:14:a6:4e:94:bc:16:
41:d4:14:39:9b:db:c2:42:33:a4:a3:ab:b6:a2:1d:4a:bc:4b:
6b:b0:af:52:3e:4f:85:83:55:78:90:2d:92:41:5f:33:c2:63:
7c:21:50:9b:52:26:fb:f9:99:8f:d0:a1:9b:36:da:98:d5:ce:
fd:6f:09:8f:cf:18:29:25:83:11:5b:90:e8:fa:21:df:61:9d:
ca:3c:44:0e:74:3c:7c:cd:ab:75:03:09:7b:ed:fd:71:28:7b:
84:ec:34:2e:83:8b:0f:07:c9:f4:ac:be:73:80:9e:1d:68:27:
5c:61:38:8b:16:ab:49:15:64:87:7b:99:81:f4:a3:a0:23:33:
b0:33:a3:1b:bb:3d:da:8e:9a:e8:1a:d1:6c:24:f1:3d:ca:bd:
df:a3:03:0d:39:02:0a:11:b8:3b:05:b4:8c:a2:02:62:d7:2e:
48:a0:41:ef:9b:f4:9d:0d:73:c1:e5:c0:46:3a:7a:78:0f:ef:
8a:41:e9:95
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYUpPOaLswFJh0J61FBTv8DiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjIxMjE5MDcxNTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWU3ZDU2YjNiYjNjOTM3ZTNhOTViOGYzY2QwYjYxNmMzNjc2OGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2CODlxxip1XyWKq/NzUkfOWQ0D2
etqFK7G8gSjkRKaH2DAynupWHMULdl3uTKhsbjL1XEhrLyLPo+9QBkYw7iuVKEHv
Y2AIhKjVRLujC5nY8jF93DNw1mOBKZcjqwTHIvEeUQRTuwcBadooQNFu6cXdAOqP
Is83lI6M3uhhZrbL4anrGZo3gP/JDT2wqBb3FmmybyyBIxeGbli6UTnRHL3/yXND
fS3LR0Jqhlc85J2K+wO6AkFWFWoLHMdgKU9g3KDHHu9k9rtGaVzYHXO1Y5aIzXS4
62uPHlMgNY0ByGJ8E066pbokqggT7Iv2rlUTnVPbIT2HhPWT8Yp4xHQplQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFC7n1Ws7s8k346lbjzzQthbDZ2ijMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTHVmVmF6dXp5VGZqcVZ1UFBOQzJGc05uYUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAAjApAwcAKgotAAAB
AwUAKg4VwQMHACoOIkAAAQMHACoPfQAAAQMFAyoS1sAwDQYJKoZIhvcNAQELBQAD
ggEBAEBYvEtR08anYD4GKwhBeAvqFkoCwHTXCDzVdoUc3KFVXpxDOnTX5hGpJXz/
srVQxS3b76w8adsLlIjukYpAW+3y4hSmTpS8FkHUFDmb28JCM6Sjq7aiHUq8S2uw
r1I+T4WDVXiQLZJBXzPCY3whUJtSJvv5mY/QoZs22pjVzv1vCY/PGCklgxFbkOj6
Id9hnco8RA50PHzNq3UDCXvt/XEoe4TsNC6Diw8HyfSsvnOAnh1oJ1xhOIsWq0kV
ZId7mYH0o6AjM7Azoxu7PdqOmuga0Wwk8T3Kvd+jAw05AgoRuDsFtIyiAmLXLkig
Qe+b9J0Nc8HlwEY6engP74pB6ZU=
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:07:21 2025 by rpki-client